Have a look at Agent DVR. Works locally and the “pro” features that one would need to pay for are basically just Plugins. Everything else works nice without it. Additionally it accepts basically everything you throw at it camera wise and is far easier to configure than frigate, also has a (good) HA integration and is extremly mighty if your system grows over the years.
The mobile app is nice, but it also works fairly well in a browser on mobile.
Did you just seriously recommend port forwarding to a NVR login? Even worse with a consumer grade router? With HTTPS,non Standard Port and a strong password as the only security tips?
Please,people,for the love of god: Don’t do that. Really. Don’t. This is really bad advice,sorry.
Unless you are very very sure that your NVR solution is impecable in terms of security (none are), you are 100% sure you stay up-to-date all the time (including reviewing updates for issues) and have additional measures like fail2ban, IDM/IDS,etc. in place this is a very bad idea. HTTPS is only helping in terms of password transmission/spoofing,which is an unlikely vector here, a non standard port doesn’t help one bit here(have a bit of fun with shodan and see yourself) and while a strong password helps it only helps if the auth of the system and the OS below itself is watertight - a hard task.
It is always a bad idea to port forward unless you really really cannot avoid it.
Use a VPN - as you said, wireguard.
Simply choose a private DNS server like mullvad,quad,etc. and it should work…
Absolutely the best.
Pihole has a few drawbacks when your systen grows - a lot of things then need to be done by hand that others do either automated or at least easier.
Personally I have become very fond of technitium - it does everything you will ever need and the main drawback is that it seems so fucking overwhelming initially. But: Once you figured out that you basically only need 10% of the fields it becomes easier. And it’s fucking solid and just works and works and works.
Not a fan of Pi-hole itself, but other than that,why not?
(Technitium DNS has some advantages down the road)
That is a bad setup then. Not an issue of the software or hardware.
And now everyone who is salty about it repeats: If you don’t pay for it you are the product.
Tbh, their product is much better than the alternatives, especially for non English cases and we selfhost it anyway for aged now. Which works perfectly well and remains free and open - source.
Yeah. And Netbird/Pangolin go a long way these days.
Have a look at Layer7,btw. They are more than decent and you can easily install Proxmox on them as a Hypervisor.
Just a theory: There is a good chance that your provider does CG-NAT and that was the issue with OpenVPN. These would persist with wireguard,sadly, unless you solve them properly. (Which can be tricky). But just for the book: Running an Wireguard Container behind your router and have a port forwarded to it is an option. (But still needs CG NAT adressed)
Thaft leaves you with a few options:
Cloudflare: Imho a bad idea - it’s evil, it’s monopolistic and while it’s “an easy way” it has its technical downsides. As you said a domain is still required.
Use a small VPS and run a wireguard tunnel and maybe pangolin as a reverse proxy on it.It has the benefit of being very flexible and once configured is fairly stable and it puts the security part outside your network. But it costs money unless you maybe make it work on oracle’s free tier. I would still recommend using a cheap domain,though)
As others have mentioned: Tailscale/Zerotier/Netbird absolutely are an option if it’s just for you. But they get nasty if it’s for more people or larger deployments with tailscale and while netbird is far better it’s less common and does require a domain as well. (Which,again,is not a bad idea to have)
Yeah, and Eich is the a***e behind brave…
Netbox,especially when combinded with Plugins is so incredibly good and might,that’s it’s almost funny how good it is. What I do Plugin wise:
Documents: not implemented yet by me,but one could store manuals,etc. directly within netbox.
Lifecycle and Inventory: While it’s not as good as snipe-it (tbh, inventory is imho one of the worst plugins) it does the job for my small deployment
Slurp it to scan automatically
QR Code for obvious reasons
Floorplan as well
Of course that sounds overkill for a small deployment, but I simply forget too many things after a few months otherwise and it’s something my family (wife is in IT and far more qualified than me) would need if something happens to me,so a proper documentation would be essential for that as well.
Just saying:
There are alternatives for LE,not for all things, but for a lot. Afaik not all of them do follow suit.
Yeah,Netbox is also my main solution, combined with forgejo repo.
Works very well.
So far that’s not working to much,but development is fast it seems
Basically a book downloader that connects to various sources, mainly Annas archive, and then hands the downloads over to CWA(or booklore). While still heavily under development it works.
Calibre Web Automated and Ephemera. But looking to switch to Booklore some day,just haven’t had the time.
Mealie is far superior to Tandoor,imho.
No, power line is “on top” of the normal power distribution - it does not actually change frequency, etc.
Have a look at open cloud.