Xwiki is missing.

For me after a similar search it is the current winner. Even though it has it’d downsides. We came from Confluence and tested a LOT of systems. My spreadsheet of systems we considered has around 120 rows by now. (Not all pure wikis as we also moved away from jira and considered going down a “put the wiki into the servicedesk” route)

Pro:

• It is well tested in a enterprise enviromentand mighty

• It has all the features I personally found important for a company wiki, e.g. approval, versioning, templates, collaboration, integration api,etc.

• It is fairly easy to extend it yourself

• It is easy to host subwikis within the same installation with a self defined grade of independence - which is great for customer facing things,large projects with externals,etc.

• The development community is big and enterprise focus and release cycles are good. (Not like a certain .js) There is very little chance it will stall suddenly as the wiki has been adopted by a lot of large companies which seem to support it.

• It’s truely free,no “pay to get custom fields” bullshit.

• It’s truely self hosted.

• it can be hosted system side, if you are not into docker.

Contra:

• It is written in bloody Java

• (even though this sentence is redundant with the one above) It is a resource hog

• The look and feel is a bit outdated unless you customise it yourself. Then it is reasonably good.But there are basically no paid templates,etc.

• Paid support is only available through third parties it seems.

• It can be, well, slow to update…like physically slow. It is not hard to update,not at all…press a few buttons…but sometimes it takes ages.

A follow up is a absolutely regular thing and does not diminish neither study.

Nah, OP is just a troll. Most European countries by now have legislation to mandate them or are currently introducing these. All of them heavily advise them.

This is plain WRONG and DANGEROUS.

The issue is NOT the Americum but the natural degration of the photoelectric cells and the accumulation of dirt within the test chamber.

Even before that time the risk for false alarms is increased substantially by degration before the chances for sucessful alarming decrease rapidly. Due to that they actually withstand aging actually worse than ionisation based devices.

Sientific sources?

Here

here.

Here

Here

(Besides: Americum has a decay time of over 400 years,btw)

We kind of selfhost almost everything - while we operate a small server ourselves, the main burden is on a dedicated server setup. Basically a FreeIPA+Authentik+OpenCloud Stack as a base,with Redmine, Kimai, Zammad, Matrix, Jitsi and a few more apps. (Moodle, Seed DMS, Netbox, Zabbix, OPNsense, Vaultwarden, Forgejo, Ansible). Additionally we use a fair share of software remotely via RDP.

Backups are done onsite and to three different offsites, including cold storage backups.

As we all work fully remote this setup is also fairly adaptable and the switch to a (almost fully) Linux shop went far better than expected - my staff is fairly content with their setup (afaik).

The only thing I refuse to selfhost are email and VoIP.

Still mediocre compared to OPN/pfsense, IPfire, VyOs,etc.

I must admit I can’t find the exact guide I used anymore. Especially not a English one.

But the official guide should help you: https://www.zabbix.com/de/integrations/proxmox

I think whatever I used was pretty close to it. If you have any issues send me a DM.

(And tbf, I use both the Agent2 and the API in a perverse mixture. And for some nodes IPMI on top of it. It’s really kinky,but it does the job)

Absolutely, but unlike Ubiquiti they did not keep them under the rug that long. (Nevertheless: Both are shit for firewalling. Put a OPNsense before it?)

Zabbix is extremly nice.

Why?

• API Monitoring for Proxmox and Docker/Podman. Aka "you don’t need to setup monitoring for every container/LxC/VM. Do it once for the host,then everything gets autodiscovered.

• Active and passive agents as well as SNMP, IPMI,etc. can be combined as you like. Also does Website/service/application/database monitoring, SSG/Telnet checks and nowadys can even do Prometheus and MQTT/Modbus

• The proxy is really really worth it. It collects data from nodes you do not want exposed and relays them to the server. This includes all kind of inputs and is really easy to setup.

• Due to it being around for two decades there are a shitton of templares for devices - and it’s fairly easy to do your own.

• Unlike other systems (cough checkmk cough Grafana) there are no features that are only available to paying customers.

The most major downsides are the fact that it’s moderately to fairly ressource intensive to run in a small setup(but does consume less than others in large Setups) and it’s far less flashy dashboards. (Which are still powerful,though)

Not a fan. Absolutely not.

They had multiple security incidents which they kept under the rugs for a long time, they have the tendency to EOL devices without warning (which then means you need to replace your sometimes 9month old device or your whole enviroment can’t be updated), their lock-in into their ecosystem is much more complete as they can’t be used properly without their enviroment.(e.g. Omada devices can work without the Omada stuff, with Unifi you will always need a controller for some functions).

So if you realy need SDN features like Unifi look at Omada,otherwise Mikrotik is a solid alternative. (And OPNsense for firewall)

My company is a part of critical infrastructure and we provide consulting in disasters (e.g. how to get a hospital back up and running). So we fall under European legislation to have certain precautions. And as I colocate in my companys rack…it’s easier. As the rack is in a room I rent to my company. (We are small and I am the founder,that makes it easier)

But yeah, we put a bit of thought in it. Waiting for Iris2 finally materialise so I can get rid of LTE finally.

I have a LTE Backhaul,but admittedly if the firewall itself craps out I would also be offline - but I can at least reboot it via a plain old GSM power plug. That thing does not directly reboot the firewall,though, but brings up a old raspberry (usb boot,I don’t trust sdcards) which then checks if outside connectivity is still available (so if the GSM power plug gets compromised it’s not an issue) and if not tries a shutdown or,if that is unsucessful, a powercut of the firewall. If that also doesn’t work it triggers a dry contact in the GSM plug which leads to the plug sending out a SMS so I know I am fucked and need to get someone with a key to the rack.

Paramedic here with specialised delivery training. Delivered around 30 babies probably. Saw a high three digit number of pregnant patients.

You can’t reliable say that. Until you see the kid.

And I don’t mean the cases were the mother is blocking out the pregnancy mentally until she is crowning. (But tbh, it’s one of the most cherised moment of everyone in my profession if you have the “I am not pregnant,you idiot!” “Ma’am, I literally can see the hair of your baby coming out…oh and here’s the rest of the bub”-discussion)

I literally had a aquaintance not recognise her pregnancy (and she had been pregnant before) until she went to hospital for stomach pain. I saw her the weekend before and did not recognise the pregnancy. And,yes, the baby was full term. Happens, especially if the uterus is not in its usual place.

In other people you see it after 8 weeks (and well,it is often not the belly that is the first indicator which grows suddenly).

Other people look like "13 months pregnant with triplets"at the beginning of their second trimester.

Anyway: What is the reason for your question? (And: If you or anyone needs support in that case write me a messge. More than happy to guide you in the right direction if you are in a tight spot.)

Excellent points,just a few things added:

• Sueddeutsche has a english section as well that also includes some articles from the Atlantic

• TAZ.de is also an option,it’s free but mostly German (but also has a small English section). It’s bit like the Guardian but more left leaning.

• heise.de is a reasonably good news source for tech news both in German and English

• France24.com is a good english speaking choice for world news,especially as they often cover topic not heavily covered by other news outlets,e.g. things in Africa,Asia,etc.

• Sadly only German speaking but ver good: Der Falter (falter.at) from Austria.

There is a directory of European newspapers at newspapers-europe.eu.

Another protip: You can get registered in a library and a lot of them provide free access to a LOT of magazines to read for free online. And you often don’t even have to live close to said library to register and can register online.

Technically they are not illegal here - they are just not protected under the (very strong) strike protection laws.

So workers in Germany could go into general strikes but they would not be covered by strike law and therefore just absent from work. Which of course is an issue - but in case of a proper general strike, what are they gonna do, fire everyone? Especially in times when there are countless positions open?

So one would only get into trouble work wise,but not otherwise - one would not get arrested, cannot get sued (besides a very limited scope worklaw wise),etc. Only certain kind of civil servants (similar but not as common as the Pubblico Impiego in Italy) will get in trouble if they go on strike. E.g. cops, fireman, teachers, municpial clerks (but not muncipial workers and not all kind of clerks),etc.

Which I find somewhat fair as our strike protection laws are far reaching (afaik even a bit further than in Italy) and the employer is often as fucked by politics as the staff. So it’s a somewhat tradeoff I personally can live with. (Seen from my time as an employee. These days I am a small employer,but as left as ever,and from a employers point of view wouldn’t care to much - but the nature of my business supports it.)

And tbf, her ovaries worked fine for quite some time it seems - she had two daughters who both were exceptional people in their fields as well - one got a nobel prize in chemistry, the other was a Pulitzer prize nominee, fought the nazis, was a war correspondent, had role in the establishment of NATO and UNICEF and -as a representative of UNICEF and together with her husband received a nobel peace price for the organisation. The later one died in 2007,btw.

(The whole family is totally crazy,btw. Both on her sisters and cousins side, but also her daughters and grandchildren and now grandgrandchildren. Everyone excelled in their scientific field)

Have a look at open cloud.

You’re so right. I mean…I used to work with people who were K9 handlers and anyone who even brought his dog in a situation that would allow direct contact would be scrutinised. Repeatly? You are no longer a K9 handler and probably no longer a officer.K9 training is expensive and a handler who let’s that happen would not be in control obviously. But training here is done on a state level (we have no local law enforcement in my neck of the woods), regulated on a national/federal level and passive signaling is preferred these days anyway.

So… As you said… Even a dog getting an OD would be so crazy here it would probably make national news if the media got wind of it.

Crazy.

Have a look at Agent DVR. Works locally and the “pro” features that one would need to pay for are basically just Plugins. Everything else works nice without it. Additionally it accepts basically everything you throw at it camera wise and is far easier to configure than frigate, also has a (good) HA integration and is extremly mighty if your system grows over the years.

The mobile app is nice, but it also works fairly well in a browser on mobile.

Did you just seriously recommend port forwarding to a NVR login? Even worse with a consumer grade router? With HTTPS,non Standard Port and a strong password as the only security tips?

Please,people,for the love of god: Don’t do that. Really. Don’t. This is really bad advice,sorry.

Unless you are very very sure that your NVR solution is impecable in terms of security (none are), you are 100% sure you stay up-to-date all the time (including reviewing updates for issues) and have additional measures like fail2ban, IDM/IDS,etc. in place this is a very bad idea. HTTPS is only helping in terms of password transmission/spoofing,which is an unlikely vector here, a non standard port doesn’t help one bit here(have a bit of fun with shodan and see yourself) and while a strong password helps it only helps if the auth of the system and the OS below itself is watertight - a hard task.

It is always a bad idea to port forward unless you really really cannot avoid it.

Use a VPN - as you said, wireguard.