I’m a ~/tmp man myself.

Maybe not a service in the typical sense, but setting up your router+server to route your home network traffic through a VPN is a fun project.

My router (MikroTik) supports WireGuard, so I can use it with Mullvad for the whole house—but wg is demanding and it’s a slow router, so while it can NAT at ~1Gbps, it can’t do WireGuard at more than ~90Mbps. So, I set up WireGuard/Mullvad on a little SBC with a fast processor, and have my router use that instead. Using policy based routing and/or mangling, I can have different VLANs/subnets/individual hosts selectively routed through the VPN.

It’s a fun exercise, not sure I implemented it in a smart way, but it works :)

I would recommend PoE security cameras. You probably want support for RTSP / ONVIF.

I have some Amcrest cameras talking to Frigate. It is completely local—cameras on a separate VLAN that can’t talk to the Internet, footage is recorded on a server running Frigate. Works very well for me. No vendor lock-in is also nice!

640k 780k ought to be enough for anybody…

Sadly not really. I use the free tier Oracle, which honestly has worked very well, but I’m not going to recommend using Oracle aside to say that it functionally works for me.

If I were to switch I would probably go to racknerd.

VPS+VPN (WireGuard for me), with Tailscale as an emergency alternative, has worked very well for me. Knock on wood the only outages have been my own fault.

Americans had “unity” after 9/11

Uh, no we didn’t. Source: am American, lived through that period.

Yes we had a brief period of unity (and solidarity with NYC) following 9/11, but as soon as the American War Machine woke up, my country was intensely divided.

I used Photoprism years ago, so my knowledge is probably pretty outdated.

My experience of Photoprism was that mobile was not tightly integrated. At the time I used Syncthing to sync photos — it worked ok for me, but I wasn’t going to set it up on my partner’s phone, for example.

Immich Just Works on both mobile and desktop. Multi user is great, sharing is great, and the local ML and face detection work remarkably well.

Whatever works for you is the best of course! Immich fits the bill for me, and it was very much worth it for me to “buy” it.

There’s a joke about whitespace here somewhere, I just know it.

xscreensaver of course! Note that this is not an option on Windows—jwz hates Microsoft, and any xscreensaver port to Windows is against his wishes.

I use yabai and sketchybar for a tiling WM feel. It’s nowhere as nice as my preferred i3, but it’s ok. Unfortunately it often breaks with major OS updates, so I’m sure to hold back updating my system until yabai is working.

IIRC sshfs will work on macOS but it’s more work to install. Worth it if allowed by your IT policies and your work can benefit from it.

Vim, tmux, and the usual *NIX stuff you might want.

The coreutils are not the GNU coreutils you typically find on a Linux system, so you may find a few differences. I believe sed is slightly different, and the flags for ls must be before the filename arguments, but I’ve found it’s mostly silly stuff like that (I used zsh before using macOS, so no problem there).

Regarding DNS servers, what router do you have? Some routers have simple enough DNS capabilities — I have a MikroTik, and have it set up with DNS entries for internal services (including wildcard). Publicly accessible services just use my registrar’s DNS (namecheap — no complaints).

I’ve been really impressed with Immich, can’t recommend it enough.

I’d put substitute first, but yours sounds better :)

(I’m a big Immich fan, and I’m taking and sharing photos more than ever before, in part because Immich is awesome, self hosted, and open source [the other part is that I have kids now so I’m taking way more photos that grandparents want to see].)

On low end CPUs you can max out the CPU before maxing out network—if you want to get fancy, you can use rsync over an unencrypted remote shell like rsh, but I would only do this if the computers were directly connected to each other by one Ethernet cable.

Not sure I agree.

First, stocks tend to be highly correlated with “the market” (see financial “β”/“beta coefficient”). For example, look at, say, The Home Depot or Ford Motors. From January 2000 to January 2003 (spanning the dot com bubble) they each lost about a third of their value, yet these are not “dot com”-centric companies.

Second, the promise of AI is that it will help every company that has desk jobs. So every company has this expectation now priced into their stock, and if the bottom falls out, well…

Not an analyst/I don’t pick stocks, but just my 2¢.

If you’re running it via docker compose it’s trivial to upgrade, and there are no breaking changes. Pull, down, up, you’re done.

Frigate is pretty good, too. I’ve only been running it for a few months but I’m very happy with it.

Though, technically that leaves you more at risk of ransomeware or something that overwrites your data.

I rsync as well, but use snapshotting on the remote drives. So, a bad rsync would suck but shouldn’t really result in data loss. Ransomware on my local+remote server would of course be very bad…

I do something similar — I have a raspberry pi and a HD, with daily rsync and snapshots (monthly retained indefinitely, weekly retained for a month, daily retained for a week). It’s at family’s house, connected to my home via WireGuard via a VPS. Tailscale (or anything really) would also work here.

It’s a great setup! Just have some watchdog reboot if it can’t talk to home (a simple cronjob with ping -c1 home.lan || reboot or similar).

Even our “slow” 35Mbps upload speed is way more than enough for incremental rsyncs of my Immich library. The initial sync was done in person, though.

I got one from goHardDrive on eBay (link). It was cheap enough, looks flawless, and knock on wood has been working fine.

Googling around, the brand gets…mixed reviews. My use case is such that of this drive fails it’s not a big deal.