After being home for weeks, I went away for business, the 1st night away there was a brief powercut and the firewall (on a UPS) seemed to get stuck.

So, that's no DNS, DHCP, or connectivity between wifi and LAN... All due to (admittedly aging) hardware issue.

Since then my entire home system has had issues whilst it all settles down.

It made me think about getting some redundancy into the system to handle a single failure.

So,.can you give me any insights into High Availability like CARP (for pfSense), VM failover (on Incus?), mesh wifi, Home Assistant, etc?

Of course there are going to be single points, like ISP line, etc, but seems like something to test out.

So, just a light post, I upgraded my Pi4 last night and found the Linux firmware breaks a 32bit install.

I've been meaning to change to 64bit for months, but as it's my DMZ box for torrents, radicale, etc, then it's just finding the right time to convert an adhoc setup into my ansible scripts.

Luckily I had a SD backup from September to get it running again

So, what have you broken over the holidays?

I've been generally running various different ways of backing up files to my NAS (which then backs up to other locations...) - mostly syncthing for photos and large collections of files, but I tend to use rsync to push out config backups to the NAS once something's working.

But, the NAS is only powered up a few times a day (to save on electricity costs), which is fine for manual pushes, but makes scheduling backups a bit tricky.

It dawned on me that it might be better for the NAS to pull the files via rsync instead of pushing them.

Anyone tried this route and have any advice?

Just been supporting someone remotely and was waiting for them to turn on their laptop...

Whilst troubleshooting I ran uptime to see how long we'd been working on the problem and saw it was up for ~2 weeks...

Which made me think ... how do you tell how long a device (laptop) has been running, but since it's last suspend / hibernation?

I can find it from other clues such as journalctl -b -fu systemd-logind and look for Lid opened, but I was really looking for an smarter way...

Just a nice little challenge for anyone bored at this time of year :)

cross-posted from: https://discuss.tchncs.de/post/49194514

I stumbled across Diode whilst looking for ways to do secure off-site backups (to my own equipment at another house) and it feels like a paid-for TOR (Ok, there is a free option)

I'm looking for any real experience as the site has too much marketing lingo in it:

Every Client is secured with a public/private key self-custody identity

And this doesn't seem very dynamic if I want to change something:

Diode’s Blockchain Name System can be used for Client friendly names

And somewhere on the site it infers unlimited storage...!

So, is the free option worth me looking into, or is it a waste of time?

The internet is down... well, if you use AWS services it would appear to be true.

Things such as Alexa (now working again?), Ring, etc are either slow or not responding whilst they try to get things running again

A colleague was discussing an option to use different vendors either side of a DMZ and suggested StormShield... I'd not heard of them before.

Looks interesting, albeit an old Gartner "magic quadrant" showed their firewalls as being in the bottom left corner... so I thought I'd ask here for real-life opinions on them... if any?

Interesting article where ~35k devices from 45 manufacturers have vulnerabilities

Advice is probably not as easy to implement as this in real life:

Forescout recommends that you immediately stop the direct connection of devices to the Internet, to use VPNs or segmented networks, and to ensure prompt firmware updates. Otherwise, tens of thousands of systems around the world will remain a potential entry point for attackers.

I have a few VMs and PMs around the house that I'd setup over time and I'd now like to rebuild some, not to mention just simplify the whole lot.

How the hell do I get from a working system to an equivalent ansible playbook without many (MANY) iterations of trial & error - and potentially destroying the running system??

Ducking around didn't really show much so I'm either missing a concept / keyword, or, no-one does this.

Pointers?

TIA

It's already 25DegC in my home office.

The best cooling automation I have so far is to turn the fan on when it's 25 for >5mins.

Is there a nice zigbee / ESP32 evaporation cooler that I can enjoying setting up with HA?

Just found my Vivaldi update contained a little more than just bugfixes... it now has Proton VPN built in.

It's actually part of the browser, not an extension, so I'm in two minds whether I like that... or not.

You need either a Vivaldi account or a Proton account, so it's not completely anonymous, but it's a start.

The free-tier of Proton VPN also appears to be bandwidth limited and your exit point is randomised, so... yeah, it's ok...