I’m a big fan of automating as much as I can.

• Lights automatically turn on when someone enters the room, but only if it’s dark enough to need lights in that room at that moment. Turn them off automatically when presence is no longer detected (not just IR based motion detection).
• My old washer and dryer alert me when they’re done thanks to vibration sensors.
• Media downloads when added to a watchlist.
• Regular backups locally and to the cloud.
• My phone enables/disables rotation lock based on the app I’m currently using.
• Phone also opens various playlists when connecting to my car stereo based on date/time.
• Various “scenes” to turn devices on and off, control brightness, volume levels, etc. This includes controlling devices that are IR, RF, Bluetooth, and Zigbee based.
• Game servers that update when new versions are released, but only when no players are connected. If anyone is connected, sends a message to a discord server (that is also connected to Matrix) alerting everyone to the available update and asking players to log off at their earliest convenience. Players can also check on game server status with bot commands in the game’s channel on that server.

Everything runs locally and has a manual backup so I can still control everything the old fashioned way if my phone is dead or if my non tech savvy parents are over and need to operate any of it.

I recently set up something similar to this. I can’t comment on your specific hardware, but I was very frustrated with the limitations of TrueNAS and ended up using Debian and Cockpit with BTRFS for the drives.

I started with two 18TB drives with no RAID, and have since added two 26TB drives with everything’s using RAID1 and ~45TB of usable storage. Converting and adding drives was very simple, but also time consuming of course.

Put the cookie down!

Yippie Ki-Yay Mr. Falcon.

I’ve had it with these monkey fighting snakes on this Monday to Friday plane!

“Let’s go eat, huh?”

Or for one that has more or less pierced the cultural zeitgeist:

“Oh hi Mark”

Happy to help!

You can find a bit more information at the URL below, and feel free to message me if you run into any issues getting it set up.

https://letsencrypt.org/docs/challenge-types/#dns-01-challenge

Cheers to your journey so far, and to your continued success!

You can absolutely do free SSL certs with Let’s Encrypt without exposing your infrastructure to the internet. Just use DNS based validation instead of HTTP, copy the required TXT records to your domain as instructed, wait for any cache/TTL of any old records to expire (generally 1-2 hours by default), and finally complete the validation.

You’ll need to renew the certs every 3 months, which could be annoying if done manually. If your Registrar has a decent API, writing a script could be a fun automation project. Alternatively I can also send you scripts that I used to use for that purpose.

As a sanity check, I just completed the same setup that you described (Ubuntu Server 24.04 running in a Proxmox VM, Domain name pointing to a CNAME that points to the Dynamic IP, using the installer script, enabled CrowdSec, etc.), and everything worked out of the box. A couple of things I noticed that would also be worth checking now that I’m more familiar with this specific setup are:

• In the config/config.yml file, verify that the dashboard_url is set to the FQDN of the full URL (e.g. pangolin.mydomain.com), and that the base_domain is set to the root/apex domain (e.g. mydomain.com).
• Double check those DNS records. As the haiku goes: it’s not DNS, it couldn’t be DNS, it was DNS. dig pangolin.mydomain.com or dig @1.1.1.1 pangolin.mydomain.com should show the CNAME that points to the A record.
• A 404 page not found error is normal when connecting to the IP address directly rather than using the domain name. I was successfully able to access the dashboard using the FQDN from a local and external network. Depending on your network, you might want to set up a local DNS record that points to the internal IP address as well (though this should be optional in most cases to my knowledge).

I hope that helps!

The script should take care of that config, but it’s something to check just in case there was a typo or anything else like that.

Did you check to make sure the DNS records are resolving properly?

According to the docs, you should be using UDP port 51820 (unless you changed the port in the docker compose file).

You should also check the dynamic config file to be sure that it’s using the correct domain name. See this page: https://docs.fossorial.io/Getting%20Started/Manual%20Install%20Guides/docker-compose

If you’re still having issues, make sure the containers are running with docker compose stats and check the logs with docker compose logs -f. It might also be worth checking the domain name to be sure that it’s resolving to the correct IP address, both locally and externally.

I currently get 2.3Gb/s down and 360Mb/s up on my DOCSIS connection. It’s advertised as 2000/300, but I’m consistently able to get above those speeds regardless of the day or time. It’s about $120/mo for those speeds.

Cable companies are absolutely still bastards though.

Episode 25 of Death Note would have been a dark, but logical place to end the series. After that point the entire dynamic of the show changes. There are some good and interesting moments, but it doesn’t really feel like the same show.

No worries! Yes I’m absolutely still interested, and I have the optiplex set aside for you.

I currently run it with Keycloak for Auth and previously had it behind a Nginx Proxy Manager reverse proxy, but have since switched to using a Cloudflare tunnel.

It works great and allows me to provision limited and controlled access over various game servers to admins of those servers. They can access what they need and nothing more, and only on the servers that they have been granted access.

I use Apache Guacamole, which works great for just about any kind of remote access and has a dead simple to use Docker Container.

It supports folders, copy/paste, uploading/downloading files, multiple open connections at once, and alternative mouse modes for touch screens. Best of all, it’s completely free and open source.

Imagine if OP asked: “I want to repair/maintain my own car, but I don’t want to open the hood or get under the car. What are my options?”

Obviously there would be some options, but those options would be very limited and not ideal. This is very similar. Self-hosting, like self-repair of a vehicle, requires some foundational knowledge and understanding of your specific hardware, usecase, and needs, as well as the knowledge and ability to bring those things to fruition. There is no single universal answer that applies to everyone, but those skills can be acquired by anyone.

I don’t think self-hosting is any more doomed than self-repair of a vehicle. It’s certainly not for everyone, but it can be satisfying, rewarding, enjoyable, and generally optimized for those who choose to participate.

Interesting and good to know, thank you for the info! I haven’t run into that issue with synapse yet, but I’m also running it in a docker container on an enterprise server. I also don’t currently have any chat rooms with more than 5 or so users, and I imagine that is also a factor.

How does this differ from something like synapse?

The simplest answer is no. Making fun of someone because of neurodivergence is the action of a bully, not someone who is nervous and unsure of how to express their attraction.

I’m not in your shoes, and I only have a limited view into the situation. As an outside observer, I would recommend at the very least establishing boundaries against screaming and belittling your neurodivergence (i.e. Saying plainly that behavior is not OK), or cutting off all contact entirely if possible.

Things will likely only further degrade otherwise, and his behavior will only continue to be hurtful and manipulative.