Every single thing anyone says or does is in self-interest.

Like, I have almost never witnessed anything contrary to it.

Done! I’ve been selfhosting for over 20 years now.

I have a job, and the office is 35km away. I get a locker in my office.

I have two backup drives, and every month or so, I will rotate them by taking one into the office and bringing the other home. I do this immediately after running a backup.

The drives are LUKS encrypted btrfs. Btrfs allows snapshots and compression. LUKS enables me to securely password protect the drive. My backup job is just a btrfs snapshot followed by an rsync command.

I don’t trust cloud backups. There was an event at work where Google Cloud accidentally deleted an entire company just as I was about to start a project there.

I love when they talk about vibrational frequencies of crystals. I tell them about the power of quartz and its vibrations and frequencies. How I always wear a piece on my wrist. How it vibrates at 32768Hz, and is accurate to within a few seconds per month.

Almost all of selfhosting is editing config files, setting permissions and starting/stopping services.

Setting it up so you can administer a server by desktop is probably as hard as learning how to edit config files from a terminal. Maybe harder.

Ray tracing at 24fps is not a big ask for a modern gaming PC.

I’ve got 3 subnets on an L2 switch. You will have clashes over DHCP if you have both broadcasting on the same L2 switch without VLANs.

My guest wifi is on a vlan, but the switch is L2 and it’s fine. The router has separate physical ports for each subnet. The “guest” subnet is only accessible over Wifi, and the access points are configured so that the guest VLAN is mapped to a separate SSID.

My third subnet has no VLAN. It’s IPv6-only and all devices have a static IP address. It’s only used for security cameras. I did this so they don’t transmit on the same physical cables as my primary subnet. It is otherwise insecure, as I can join the subnet by simply assigning myself a static address in the same range.

Note: There is a bug in Windows where it will join an IPv6 subnet on a different VLAN. I had to tweak my DHCPv6 / radvd so that Windows would ignore it. Yes, Windows is this dumb.

If I’m in a toxic mood, I go to reddit.

I think the August 2001 backup is a good restore point.

It’s a photo of a guy who shot a CEO and a text that basically says “there’s more”.

While I agree with the message, it’s still a call to voilence.

It feels like I spend 15 hours waking up.

OMG Hypnotoad HTPC is so much better! Why didn’t I thnnk of that?

Server (big iron): Bender

Desktop (main character): Fry

Laptop (for accounting): Hermes

Netbook (small and dumb): Nibbler

Phone (held to my head): BrainSlug

HTPC (one big viewport): Leela

That’s basically it. My Ubuntu server is a router, NAS, plex server, public statum-1 NTP server, wordpress server, nextcloud server, security camera NVR, SMTP/IMAP mail server, CUPS print server, tor relay, and probably a few other things I forgot about.

You can do a lot with a single CPU from 2015.

I don’t have hostapd on it anymore. I now have dedicated APs on OpenWRT. The main problem with using a WNIC for an AP is that they don’t typically have a very strong broadcast output. I had to add an amplifier, and even then it wasn’t great.

I’ve done this before on Ubuntu. You can install nftables for routing, then install hostapd for a wifi AP.

The owners closed the restaurant and started a new one so I let the domain lapse.

ISPs often have SMTP relay servers. If you hook into that, your mail gets instant street cred.

IPv6 should not be disabled under any circumstances.

In fact, many devices in my house have IPv4 disabled. Disabling IPv4 on my public-facing SSH reduced the attack traffic to zero.

IPv4 is shit.

Public-facing: Password generator, stored in a password manager.

Internal LAN: Everything gets the same re-used, low-effort password.

Nobody is going to hack my CUPS server.

Because it’s from 8 years ago and it never happened.