mhzawadi

mhzawadi , 12 hours ago

WOW
Looks like they have uncorked the update process, could be a wild ride for a bit

mhzawadi , 1 day ago

A and AAAA records can have different IPs, the VPS will know it's the host for your A and to forward AAAA to your home IP

mhzawadi , 6 days ago

this, most likely a netmask mismatch.

Make sure all 3 devices have a /24 (255.255.255.0) network mask

mhzawadi , 6 days ago

your not a moron, networking is a learning opportunity. just need a way to debug your issue, thats how I go about all tech issues.

Most of what I know is on the job learning, I dont have any certificates in any of what I do.

mhzawadi , 11 days ago

We have a git repo full of markdown files, I made this template repo https://github.com/mhzawadi/doc-store-template from it

mhzawadi , 20 days ago

well the work they did to allow for faster updates has paid off in spades, sterling job to them

mhzawadi , 23 days ago (edited 23 days ago)

Hello 👋

You need to edit the below lines

set $jellyfin jellyfin;
resolver 127.0.0.1 valid=30s;

To look like the below

set $jellyfin 127.0.0.1;
#resolver 127.0.0.1 valid=30s;

Edited after reading the full config

mhzawadi , 25 days ago

Im a nagios head here

mhzawadi , 1 month ago

use the notification service for your phone, on Android set the message to TTS, in the data use the below

ttl: 0
priority: high
media_stream: alarm_stream
tts_text: HELP, Im lost can you hear me?

mhzawadi , 1 month ago

Your missing message of TTS, android needs that to know to say the text

mhzawadi , 1 month ago

https://lemmy.horwood.cloud/pictrs/image/6953f98d-3f33-4cfd-9c9d-e0e02da1bb04.png

Just run this and my android phone on vibrate just did the announcement

mhzawadi , 1 month ago

I have just been round my small setup and run an OS update, took about an hour. That includes a reboot of a dedicated server with OVH.

a pi and mini PC at home, a dedi at OVH running 2 LXC and 5 qemu vms. All deb a mix of 11 and 12.

I spend Wednesday evenings checking what updates need installing, I get an email every week from newreleases.io with software updates and run Semaphore to check on OS updates.

mhzawadi , 1 month ago

The comments about storage still stand, that's a tricky thing to do over the internet.

But I would recommend a meshing VPN, tinc can mesh and will route round network problems.

Also don't forget about backups, as that could be a better thing to have off site

mhzawadi , 1 month ago

How much do you point and click your setup?

As I use nagios

mhzawadi , 1 month ago

Not sure if it's in fedora, but I use nullmail as my mta. Simple to config and does just MTA

mhzawadi , 1 month ago

My guess is the massive amount of hardware variations, you would need a house full of devices to test all the different options

mhzawadi , 1 month ago

Plus 1 for newreleases.io, I use it for both GitHub repos and docker hub things.

You can get alerts to a boat load of things on a daily week or monthly basis

mhzawadi , 2 months ago

just had a look in HACS, but nothing there.

What you could try is adding items to a todo list, with an automation to drop the last entry when a new item is added.

mhzawadi , 2 months ago

Have you looked at ovh?

Have both a VPS and dedicated host

mhzawadi , 2 months ago

I have been running nextcloud for some time, it was running very quickly. But the v28 update seems to have broke some of the extra apps, like groupfolders.

That said, it's very much a system that needs good hardware to run it well

mhzawadi , 2 months ago

My nextcloud was almost instant, then the upgrade to v28 seems to have broke a load of things and now is very slow.

• nginx LB in LXC
• qemu vm with PHP and nginx on it
  • as many PHP optimisations as I can find
• qemu vm with just mysql
  • as many MySQL optimisations as I can find
• docker notify thing on the docker swarm vms

All on the same host with other things

mhzawadi , 2 months ago

I've been through everything on the install guide and update I can find, it looks to be the groupfolders app that looks for expired items every 5 minutes. It gets better if I stop Cron or delete the job

mhzawadi , 3 months ago

Have a look a small step ca
https://smallstep.com/docs/step-ca/#introduction-to-step-ca

mhzawadi , 3 months ago

What?

It's a single process that runs a ca, it might well be a web service but that's built in. I use it for SSH certificates in my homelab, setup was a doddle.

Might have a look at the web cert bit, but you might find certbit can connect and get a cert

mhzawadi , 3 months ago

Maybe investigate why it hung?

That could be a sign of something bigger about to kill it altogether

mhzawadi , 3 months ago

Something to check is the type of USB devices, as I had a hard time with finding enclosures that work.

Some enclosures just don't work and randomly disconnect

mhzawadi , 3 months ago

I think your missing the point of HAOS, it's an appliance. You don't manage it like a normal self host system.

Once you treat it as an appliance, it's great. Also there is a portainer agent you can run that will connect to a portainer instance.

As for your tunnel issues, maybe the tunnel thing is your biggest issue. I run all my self host stuff on its own subdomain, if I want to route something home I use the site to site VPN I have. Even a cheap ovh vps could be a way to run stuff on subdomains

mhzawadi , 3 months ago

Requiring a full URL will be more of security thing I would guess, as some users put HA on the internet and it could have access to open doors.

Also I have tried things on sub paths and it got very complicated to know where a service was, a domain keeps things easy to setup and manage. As I run internet facing services for my day job, I have to look at both security and easy of maintenance when setting things up.

I would say that if you need a path over domain, its a skill issue and you need to find a better way of working.

mhzawadi , 3 months ago

Ok, I dont get your point of view. As I dont see the need to sub path things.

What I do see is a lot of people who seem to think that a sub-path is good security, cheaper to run and lots of other things.

First off, you can get free lets encrypt certs and even a wildcard cert if you know how. Also you can get a SAN cert with a little config of certbot.

Second, you dont need an A record for every domain. You can use a c-name or even a wildcard to catch any domain name.

Then the security is all crap, if the sub path is on the internet it will get found in time. A domain is just more obvious, you can also name the sub domain anything you want. Case in point is my nextcloud on an owncloud sub domain.

If you start to look into ways to automate all that, then things are trivial to add to. I use OVH for my domains, as they provide an API that I can use with certbot to get any certificate I want for my domain. I can also use the API to provision a new subdomain, be that an A record or c-name. But I have a wildcard subdomain so that I can spin up anything on any subdomain and I dont have to do any setup.

• https://knowledge.digicert.com/solution/what-is-san-certificate
• https://certbot-dns-ovh.readthedocs.io/en/stable/
• https://www.a2hosting.com/kb/getting-started-guide/configuring-domain-settings/wildcard-subdomains/

mhzawadi , 3 months ago

In the UK most lights don't have a live, neutral and earth wires. Which is a pain when looking for smart switches

mhzawadi , 4 months ago

I have door sensors on all the external doors, if a door is opened then turn the heating off. This helps over the winter when we have a firepit going and the kids are in and out every 5 minutes

mhzawadi , 4 months ago

The bit of info missing here is that ZigBee is a meshing network, as said most (but not all) mains powered ZigBee devices are routers. That means any end devices will connect to a router if it's closer and the router will relay the message back, that could be directe or via another router.

To fix your issue, some well placed ZigBee plugs could be all you need.

mhzawadi , 4 months ago

In that case, I would recommend a shelly button -> https://www.shelly.com/en/products/shop/shelly-button-1-white as its WiFi and the Shelly firmware has all the things you need, I have a few Shelly things and they are rock solid

mhzawadi , 4 months ago

Crap, now we need to check out every job on your CV, thanks gpt.

As if not hard enough to find someone who can work a terminal and ansible and has used aws

mhzawadi , 4 months ago

A quick search shows that IP is known for hacking type requests https://www.abuseipdb.com/check/45.79.168.172

I would check how your router is setup, as they should not be hitting your computer at all.

mhzawadi , 4 months ago

If I had all the time I wanted to homelab, I would get me a Nas box and run like 10 pis of different vintages as purpose built servers.

A pi to run PHP, a pi to run mysql, a fleet of pis as docker nodes.

mhzawadi , 4 months ago

Is the caldev URL somehow wrong?
SSL verification could be wrong URL or wrong date even

mhzawadi , 4 months ago

For my Zigbee things I use this

example:

• 00 - Sensor - Hall - PIR - Motion
• 01 - Switch - Bedroom 01 - Main Light

So to break it down:

• First 2 numbers represent the floor, 00 = Ground, 01 First Floor and so on.
• Describes the type of device.
• Room Name.
• Describes the Function of Device, eg PIR, Temperature Sensor, Contact Sensor….
• Used to describe the entities of the device.

mhzawadi , 4 months ago

No, if a device has multiple entities I leave the names as they are. HA will append them to the name of the device

mhzawadi , 4 months ago

Not a device suggestion but a debugging suggestion, have you moved a second floor alarm with a ground floor alarm?

If not, move only 1 alarm and see if that goes off

mhzawadi , 4 months ago

That's fair, was just a thought 🤔

mhzawadi , 4 months ago

I use OVH for my dedi, they often have sales on -> https://eco.ovhcloud.com/en-gb/

mhzawadi , 4 months ago

that looks to be almost all steaming services adding an ad-supported option, you now pay to not have ads.

Back to the high sea's to watch anything then