Literally what I am doing,but has it’s drawbacks and is hard to sell to other people that are less technically inclined. And sometimes time is money…

And it lead to me not finding proper wodden frames which led to me needing a CNC… Etc. Etc.

You know how it goes.

Meanwhile all I want is a relatively cheap tablet sized display/AIO that can be powered by PoE and has no battery for displaying Home Assistant. (With ePaper it becomes totally crazy) Whoch seemingly is impossible.

I have a similar solution and waydroid works pretty well for a lot of things.

Thanks a lot. I expanded it a little bit.

Basically:

• Small proxmox node (Zimablade) that basically does only operate a Proxmox Backup Server for local clients and fast backup.

• Offsite ZFS send to a VPS I operate for that purpose. As well as Proxmox Backup Server for VMs,etc. Basically meant as a fast recovery option. (Layer7)

• Offsite S3 storage backup to a different provider from above. Meant for a medium term backup. (Hetzner and IONOS)

• Portable HD: I have two different portable HDs. One is hooked up to the Backup server, the other one is in a lock box in my banks safe. The “connected one” does a weekly backup (and is switched off in between). Once in a while (around 6 to 12 weeks, with 12 weeks being the hard maximum) I take the active one to the bank and both drives switch places. That provides a full backup. (WD My Book and Seagate Expansion - the differrnt manufacturers are intentional)

• Last line of defence: The real real important things (photos of life events-weddings,etc.- important documents,Password DBs) etc.) get burned on a M-disc Archive blue ray. They are also in the bank safe and at a secure third location. They are more meant for “shit hit the fan and I might not be there anymore,but maybe the kids want these”. Additionally they provide a defence against encryption viruses - write once reas many (WORM) has it’s advantages here.

This is another thing to consider: Have detailed descriptions for others how to retrieve your data in case something happens. I operate a private wiki (on an external server) that also gets saved into the M-Discs that has step by step instructions, as they might need to be followed by someone not that tech adept. (Like my In-Laws in case both my wife and I perish.), have notes in my password DB (Vaultwarden, which has a digital heritage/emergency access function and is also exported), in the vault, and a note in my will notifying people about this.

Edit: And: Test your recovery. Almost every data loss I have witnessed in the last years was a recovery problem. Missing encryption keys, data structure issues, etc. I have seen them all. Personally I try to recover a random file (as in: A script tells me which one) twice a year from every method and try a full recovery of each method at least once six month after introduction. Thst being said: It’s nice to have encrypted backups,but that doesn’t help if you can’t find the keys/the software does no longer exist,etc. Currently a LOT of my clients have the same problem: They use Tandberg RDX for backup, including WORM. Now, Tandberg has gone bust and it’s not that unlikely that yhey won’t be able get another RDX drive in 5 or 10 years. Or 20. Which is the legal requirement for some official files here. Well,fuck. They needed to get additional drives asap when the bankruptcy became official.

Friends have used ancient LTOs and now face the same issues - LTOs are not downwards compatible. (That’s why I use “common” technology. It’s extremely likely that I will be able to find a spare BD drive in 20 years,etc.)

Cyberpower OR600ERM1U or similar are nice - or the OL1000ERTXL2U if you want a online usv.

Not that the Eatons are bad,they are a little bit nicer in a few things, but often also more expensive.

Privileged or unprivileged LXC?

He can’t have regular sex anymore most likely due to his ketamine abuse.

Just like Cloudron.

Yeah,does not reflect the actual situation.

Currently especially their SDN capable stuff (Omada) is far better than e.g. the Ubiquiti stuff - we are relatively surprised by the build quality for the bucks you pay,tbh. (And unlike Ubiquiti they can be run stand alone and SDN).

Not defending their China-issues btw, we absolutely recommend to all our clients that they put a OPNsense in front of it. But it does it job and has it’s place in small businesses. (And tbh,their Wifi gear is good enough that I have seen it in fairly large deployments)

Sadly there’s not too much alternative for that sector atm.

Yeah, especially router wise I tend not to recommend them as well, but we widely use OPNsense as FWs now. Switching wise they are good and tbh, their track record got much better. (And everyone elses got worse, looking at you,Forti)

We tend to recommend Omada for smaller clients that would otherwise use ubiquiti (their track record is…far worse) and simply put a OPNsense in front of it. These are small healthcare establishments - the alternative is often far worse (cousin John doing the network or some antique Zyxel the local IT shithead service sold them as new) and with the OPN we can do due dilligence IT security wise.

Considering they recently also complained about Mikrotik I would,well, not give to much merit on that shit.

Bullshit.

It depends on what you buy from them and always has been. Their Omada line is on par with Ubiquiti, some other gear is similar to other commercial grade gear.

If you buy their cheap shit, yeah,it’s cheap. But they,as most manufacturers, have a broad spectrum…

Sadly Affinity Studio isn’t one of them - it runs barely, if at all in emulators and believe me we tried. Especially for larger files it’s still unusable.

At this point I need a shrine saying “hail to the GDPR” soon.

Tbh, I have given up on Proxmox Helper Scripts for more demanding things recently as I had similar issues.

You can use the fully packed VM appliance or iso as well. Or Docker.

Or,tbh,try the manual install,it’s somewhat straight forward. If you need help let me know.

Another option: Zabbix.

Sounds like overkill initially, but works fine and can be automated fairly well. Once installed (as a LXC/VM or on a seperats device if you want independent monitoring), you can setup a API acess for monitoring Proxmox (which will monitor all LXCs,etc. automatically) and then add the agent on top to monitor the underlying machine. There are dozens of ways to monitor Zabbix hosts temps, HDDs,etc. available online.

In theory you could also let a zabbixproxy collect all your hosts data (e.g. your Proxmox Host, your switch,etc.) in your network and then send it to a VPS outside your network so you monitor offsite and can be alerted when not at home.

ZeroSSL has unpaid plans (for non wildcards) that have a few advantages that LE doesn’t:

• No Ratelimits,
• A WebDashboard
• More ways to validate
• They have a RestAPI

And, first and foremost, they are European and it’s always good tk have an alternative ready.

But as said before, I totally missed the wildcard issue, as I haven’t touched these for a long time and recently had more to do with my public services (which get a ACME single domain cert via zeroSSL)

Officially, yes. Never tried getting them out of the PB tbh, there are easier ways for that (cough Anna).

Impressive tbh. I read at least 30min per day in bed with background lighting on and make it for more than 2 month usually (with an Era colour, though).

The verse of my kid has not been recharged ever since they got it in August and they use it for hours each weekend and approx.1 per weekday - with zero light on,though.

Another point for Pocketbook (not relevant for you,but maybe someone else): It works effortlessly with calibre web - unlike Tolinos, Kindles and some Kobos(even those have a better integration when they work).

And at least in Europe the “onleihe” (digital public library) system works extremly well on them. Around 90% of our books are from various onleihe librarys. (Unlike Tolino and some Kobos they support multiple onleihe accounts).(BTW: There are ways to get accounts for some of these - that have extensive english sections) even if you don’t live there)

Service wise: I had issues with initial delivery and they were solid (even though it wasn’t their fault).

Data security wise we looked into the traffic a hit and beside the usual shop traffic (recommendations,etc.) it seems to not do much,but we have it in an isolated network that only allows access to Onleihe, Calibre Web and a RSS aggregator anyway.

Can’t complain at all. Very happy with them, only complaints I have so far is the not as Kobo calibre Web integration (not their fault) and the fact that their OS is not as open as I wish.