How does this differ from every other distribution method, though? You can just as easily do something malicious with an Appimage or Debian/rpm package.

If you want to share something with just some people, they can create a Tailscale account and you can share it with them that way.

For public access, accessing it using a domain that uses your public IP should work. Most routers let you do that (“hairpin NAT”). Although to be honest, most of my public facing things are on a VPS rather than on my home server. More reliable and a higher quality internet connection for a fairly cheap price per month.

third party cameras won’t support detection unless you also add a Unifi AI Port.

Does Unifi not support ONVIF events? Seems like a pretty major missing feature if so. I guess they really do want to lock you into their ecosystem.

Are there security issues specific to Flatpak? I would have thought it’d be more secure than Appimage, since it’s sandboxed.

They already said they’re using Tailscale, so this isn’t needed. They can just use the Tailscale IP everywhere. On LAN it’ll connect over the LAN, and away from home it’ll connect over the internet. It comes with a .ts.net subdomains too.

Use Unraid’s native Tailscale support. Add each Docker container to the Tailnet. You don’t need split horizon DNS when using Tailscale, as the Tailscale IPs will work both on and off your LAN, as long as you’re connected to Tailscale. Don’t use a subnet router. Tailscale is peer-to-peer, so it’s still going to connect directly over your LAN when possible (it won’t route out to the internet then back)

https://unraid.net/tailscale

For TLS, you could use the Tailscale built-in .ts.net subdomains. Should work out-of-the-box. Otherwise, to use your own domain, f you can’t get access to Namecheap’s API you could run acme-dns instead.

Looks like an interesting project!

Could you please consider publishing it to Flathub?

On Android, I use ytdlnis, which is a wrapper around yt-dlp. You can “share” a video from to YouTube app to ytdlnis and it’ll add it to the download queue.

How long do you want to store footage for? With 6 cameras at 8Mbps each, you’d get less than two days of video on a 1TB drive. You could drop the bitrate quite a bit if you use H265 instead of H264, but it’s still not a huge amount of storage.

Several manufacturers have sites to determine how much storage you’d need based on number of cameras, bit rate and how long you want to store the videos for. Just use any of those to get a rough estimate. Personally I’d recommend a 10TB or larger WD Purple Pro, since it has 512MB cache instead of 256MB.

For the doorbell, I’d use a proper doorbell cam that can use the existing wires for power. Reolink’s wifi one comes with an adapter to use it with existing wiring.

The Unifi cameras don’t support ONVIF, so you’re essentially locked into their ecosystem, and it’d be difficult to use them with a different NVR if you ever want to switch. Maybe that’s OK for your use case though.

Since you’re using Hetzner, one option is to get a Hetzner storage box to store the media. 1TB space is $4/month (not sure about EU pricing). You can mount the storage on another system via NFS.

On-disk cache prevents a “thundering herd” problem when you reboot - an in-memory cache would be empty on rebootz whereas an on-disk cache survives a reboot. Linux handles caching files in RAM automatically.

they can be uploaded to S3 (object storage) where it is 10x cheaper to store them

This is heavily dependent on the VPS. Some of my VPSes are cheaper than object storage would be.

RAM is a good idea. You could put the cache in /dev/shm.

Anything loaded from disk is going to be cached in RAM anyways.

Even if you build your own thing to communicate with the AC, Home Assistant is still useful since it lets you easily automate things and interact with other devices, and you get a bunch of things included (nice UI, storage of historical data, dashboards, etc). You could build your thing as a Home Assistant integration.

Companies are throwing away old hardware (like 8th/9th gen Core i5) that’s perfect for running Home Assistant. See if there’s an e-waste recycler near you - they might let you buy an old system for a nominal fee.

Use a page caching plugin that writes HTML files to disk. I don’t do a lot with WordPress any more, but my preferred one was WP Super Cache. Then, you need to configure Nginx to serve pages directly from disk if they exist. By doing this, page loads don’t need to hit PHP and you effectively get the same performance as if it were a static site.

See how you go with just that, with no other changes. You shouldn’t need FastCGI caching. If you can get most page loads hitting static HTML files, you likely won’t need any other optimizations.

One issue you’ll hit is if there’s any highly dynamic content on the page, that’s generated on the server. You’ll need to use JavaScript to load any dynamic bits. Normal article editing is fine, as WordPress will automatically clear related caches on publish.

For the server, make sure it’s located near the region where the majority of your users are located. For 200k monthly hits, I doubt you’d need a machine as powerful as the Hetzner one you mentioned. What are you using currently?

If your current setup works well for you, there’s no reason to change it.

You could try Debian in a VM (virtual machine) if you want to. If you’re running a desktop environment, GNOME Boxes makes it pretty easy to create VMs. It works even if you don’t use GNOME.

If you want to run it as a headless server (no screen plugged in to it), I’d install Proxmox on the system, and use VMs or LXC containers for everything. Proxmox gives you a web UI to manage VMs and containers.

TIL RouterOS supports basic NAS features. Interesting.

Blue Iris is by far the most capable NVR, but it’s Windows-only so you’d need a Windows or Windows Server VM. For a basic setup, Frigate is more than sufficient.

I’d say try Frigate on your ThinkCentre and see how well it runs. I wouldn’t buy new hardware prematurely.

Do I understand that I could then share the igpu between Jellyfin and Docker/Frigate?

I’m not sure about containers like LXC, but generally you need SR-IOV or GVT-g support to share a GPU across multiple VMs. I think your CPU supports GVT-g, so you should be able to find a guide on setting it up.

It must be a lot of work to self-host DigitalOcean.

I know this comment is a bit old, but do you have any recommendations on how to learn about building custom Odoo modules? I’m an experienced developer (with over 20 years experience) but am new to Odoo. I’ve learnt some things by looking at the code for OCA modules (I had to debug an issue with the Plaid bank statement integration) but am interested in any resources you found useful.