Same. Well, except the Patagonia part.
I didn’t find a camera that felt like the right mix of image quality, portability and affordability in the gap between our small travel camera kit (Sony a7c with 2 small primes) and a top end phone.
Better to spend the big money on a phone that will be in my pocket every day.
Btw: does anybody know what bad things actually happen if there is no metal cage that blocks all the radio?
Noise happens. Could be no problem, or it could hurt your wifi or mobile data connections, or maybe raise a neighbor’s ham radio noise floor. I saw this recently when setting up a pi to run BirdNet-Pi. The USB3 connection to an SSD caused enough noise in the 2.4GHz band that the onboard wifi radio could only connect on the 5GHz band.
To start - moving services from bare metal to rootless Podman containers running via quadlets. It’s something I have had in mind for a while but keep second guessing the distro choice. Long-ish release cadence, systemd-networkd and a recent Podman version in the native repos, well supported, and not Ubuntu.
So far openSUSE Leap seems like the winner. A testing machine is up to install everything, write some deployment scripts, and decide on a storage layout and partitioning scheme.
If anyone has another distro to recommend that checks these boxes let me know!
I like rolling release for the desktop, but only want critical patches in any given month for this server, and a major upgrade no more than every 3-4 years. Or an immutable server distro. But it doesn’t seem like networkd is an option for the ones I’ve looked at (Fedora CoreOS, openSUSE MicroOS), and I am not sure if I want to figure out Ignition/Combustion right now.
Next project - VLANs on Mikrotik.
OP - Navepoint makes good racks for reasonable money. I have a Pro series 9u from them and it went together without any problems. It’s on the wall with a pretty big ups in it.
If you want to keep using networkd, you might want to consider if multiple interfaces are causing the wait. NM doesn’t care, but networkd gives more granular options for dependencies. If you have wired and wireless and only one in use the systemd-networkd-wait-online.service waits for a timeout period. You can find lots of info on it related to boot delays with that service.
Try the --any switch on the systemd-networkd-wait-online.service launch configuration. This will tell the wait-online service that any single routable interface is enough, you don’t need them all.
Run:
sudo systemctl edit systemd-networkd-wait-online.service
That adds the override.conf for the service. Add these lines:
[Service]
ExecStart=
ExecStart=/usr/lib/systemd/systemd-networkd-wait-online --any
The other possibility is if you have virtual .netdev devices configured (VPN, bridging, etc) and some of them are not essential for the machine to be online, you can set RequiredForOnline=no on the ones that aren’t essential.
It’s not bad to get running, and the alerting is really flexible. You can add Nagios and syslog alerts easily too.
Using it here. Love the flexibility and features.
I’m running NUT on the host os - no container. If that’s an option for you it will probably be much more reliable.
Huh. Losing USB access?
It’s not very exciting, but: Network UPS Tools (NUT).
Keep everything in good shape in the event of a power outage.
Here’s my messy-cabled 9u rack.
It has:
Everything is set up for low energy consumption (~90w), remote admin, and recovery from power loss.
That and the shrinking ability to grant access to device storage. If that becomes an option only on rooted phones (which seems like the directly Google is heading) it will make the audience for such an app much smaller.
If you’re buying new cameras they’ll be 802.3af PoE. Passive is becoming much less common. So that model router I linked would work great.
I think if you’re a moderately technically inclined person you would be happy with that solution. If you are intimidated at the idea of writing or adapting some scripts, I would probably recommend a router on one of the other platforms plus a PoE switch.
The easiest part of your requirements are the custom DNS records. All of the platforms recommended so far can do this. OpenWRT has the advantage of WiFi capabilities. If you want the router to also be your WiFi access point then it may be your best option. But it sounds like you only need it to be a wired router, which is good.
As far as the ad blocking, I have done this with pi-hole, and with the built-in DNS and block capabilities of OpenWRT, Mikrotik and OPNSense. They are all fine. The router ones don’t have the fancy web UI like pi-hole. So if you use that a lot you will be disappointed. Mikrotik’s is the most basic and a new feature for them, but they are actively developing it. Plus their current routers can run containers, so you can run pi-hole on the router as a container if you want.
PoE ports as a requirement is what narrows your options considerably I think. You could get that from a separate switch. If you want that in the router itself then you have very few options.
Mikrotik has a lot of routers with PoE out. Their newest model in the RB5009 series can do either passive or 802.3af/at PoE out. Many of their older routers have passive PoE only. Make sure you know what your cameras need.
I had similar requirements as you and got this: https://mikrotik.com/product/rb5009upr_s_in
It has PoE out available on all 8 Ethernet ports. The default 48v power supply works with 802.3af/at PoE. It is a 96 watt supply, and can support ~76 watts of PoE downstream. If you need passive PoE then you would need to change to a 24v power supply.
Mikrotik RouterOS requires some learning to use its advanced features, but their quick setup defaults are good. And the platform is super reliable and flexible.
For DNS you would use their Adlist functionality along with a script similar to the one from BartoszP in this thread to enable DNS name resolution for lan hosts: https://forum.mikrotik.com/viewtopic.php?t=181640. That script is added to the DHCP server config to run when each client gets an address lease. And then you would add static name records in IP / DNS / Static for the other host.domain names you want your lan devices to connect to by name which can’t be resolved via your upstream DNS server.
Nice, I’ll check it out! I remember LMS and Squeezebox. Didn’t know it would sync between rooms, and I didn’t know it had been open sourced, that’s excellent.
At the time we started in the Sonos ecosystem we wanted easy, and it provided that. Now I’ve got multiple servers running, self-hosting services for the family, slowly working on removing our cloud service dependencies. So this would fit right in.
Yeah, I get what you’re saying. Definitely. It’s not complicated for one pair of speakers in one room. For one music source. For one person controlling it.
There just haven’t been any better cost-effective solutions with multi-room, control from your any phone convenience. And that’s a big plus for how we listen to music. Today there are a few contenders, but many of them are also cloud dependent. Really the small number of good options in this space is proof of how good Sonos was for a long time. Well and also of Spotify causing people ditch the idea of a offline digital music library.
Edit: And to be clear, aside from the “any computer networks” part, this is what the original Sonos device did. It could work without a home network, but worked best with a shared music library on a PC. Didn’t need cloud anything, internet connection, account, etc. You just hooked your normal speakers to it and it played music.
That SATA port is what you need. You can use that to connect an external eSATA drive enclosure (external jbod).
For a clean install, get a SATA to eSATA adapter - the kind with an expansion slot plate. Something like a STCESATAPLT1LP. Unscrew the eSATA end from the plate, cut a matching hole in the PC case and mount the port to the hole. This is better than going straight from the internal port in my opinion.
It looks like you have a mini-PCIe slot as well, probably intended for WiFi. That may work with an mSATA to SATA adapter to give you a second port. Or it may work with an mSATA SSD. I would test with something cheap or get confirmation it works from other users of this PC before investing in an expensive SSD.
VPN + DDNS is what I do. You may be thinking about the perf hit of putting all your home connections through a VPN. That’s not the idea here. For self hosted services you would set up a wireguard “server” at your house. Then you connect your phone back to it to access your services.
With Wireguard it’s pretty easy to do a split tunnel, so that the VPN connection is only used for traffic to your home servers. Nothing else is affected, and you have access to your house all the time.
This is better for security than DDNS + open ports, because you only need a single open UDP port. Port scanners won’t see that you are hosting services and you wouldn’t need to build mitigations for service-specific attacks.
As far as podman, I am migrating to it from a mix of native and docker services. I agree with others that getting things set up with Docker first will be easier. But having podman as an end goal is good. Daemonless and rootless are big benefits. As are being able to manage it as systemd units via quadlets.
Fascinating
LibreNMS hasn’t been mentioned yet, and it’s very good. It does take some setting up, but its use of SNMP for data collection means that it’s easy to collect data from a wide range of network hardware as well. A wide range of alerting is available.
It’s true. Cameras have always been expensive, but even the thin economy of scale is gone with the competition from smartphones. That makes any new camera a premium product.