David From Space

I use https://sx.catgirl.cloud/ so I’m already primed to have anime catgirls protecting my webs.

No, they don’t, I pulled it out of my butt. I rewrote my original draft and that slipped in. NVME wouldn’t make sense unless you were powering them up every few months for updates.

If you buy your LTO drive new, then yes they rip you a new one, for sure! Buy it used…but it still will cost you a few hundred. Like I said, if money is not a concern. If losing the encryption key is a concern, then USB is still your best bet. Make two, keep them simple and unencrypted, stick em in two different safes, update them regularly. And print the documentation with pictures!

The other thing is if I get hit by a bus and no one can work out how to decrypt a backup or whatever.

Documentation, documentation, documentation. No matter what system you have, make sure your loved ones have a detailed, image-heavy, easy to follow guide on how restorations work - at the file level, at the VM level, at whatever level you are using.

That being said, DVDs actually have quite a short shelf life, all things considered. I’d be more inclined to use a pair of archival strength USB NVME drive, updated and tested routinely(quarterly, yearly, whatever makes sense). Or even an LTO tape, if you want to purchase the drive and some tapes.

You can put your backups in something like VeraCrypt. Set an insanely long password, encoded in a QR code, printed on paper. Store it in the same secured location you store your USB drives (or elsewhere, if you have a security posture).

You may also consider, if money is not a concern, a cloud VPS or other online file storage, similarly encrypted. This can provide an easy URL to access for the less tech-savvy, along with secured credentials for recovery efforts. Depending on what your successors might need to access, this could be a very straightforward way to log into a website and download what they need in an emergency.

Receiving signal up in low earth orbit! Congrats!

Sounds like you should get a basic low power linux box going!

Well mySQL certainly is not, I judge this to be a correct statement!

Can you share what the final desired goal is? It sounds like your goal is actually to provide your services to Bob securely over the internet, is that a fair description? You mentioned eventually grabbing a domain, how do you feel about publicly exposed services with authentication? For instance, I use authentik in front of Jellyfin and paperless myself for a little extra authentication juice.

It sucks, but as someone who hosts their own services and supports business clients: If they have a budget, Office365 all the way. Does it suck paying money to M$? Oh hell yeah. But it’s a ‘cost of doing business’. Don’t screw around if they can afford it, just go O365 :(

try pfizer/poppy-lrud-normal-128, run it straight offff your neural chip and feed it 1 GB RAM you’ll be gud2go

You may be interested in https://github.com/blastbeng/subtify Disclaimer: I’ve never tried it, just saw it recently on The Forbidden Site

Looks really cool. I’ve been working on implementing SSO through Authentik for every home lab service that supports it (Like Proxmox!) Do you think you’ll add SSO/SAML? If you do, I recommend not locking it behind the enterprise plan to encourage adoption.

Don’t sleep on the video walk through, it can be truly invaluable.

To be honest, would a spreadsheet not be a good use for this? There are FOSS asset trackers, but a simple .ods with a pictures column might serve you well. Are there additional features/conveniences you are looking for?

If you have any kind of firewall on your network, you might make sure it’s not blocking that port with a rule. Here’s a couple screenshots from my setup in case that helps.

The config in NPM

The config in HA’s configuration.yaml

Try adding just the NPM IP and HA IP first, then add the docker internal network as well if you still have issues.

ABSOLUTELY.

Never use one source for critical data! One backup is no backups! No backups is playing with the entropic forces of the universe!

1. Have at least three copies of your data - primary, backup, and offsite backup.
2. Store the copies on at least two different media types.
3. Keep at least one of those copies offsite - what if your house or datacenter burned down?

If you don’t care about recovering your photos, by all means use an actively changing project as your sole means of data storage!

And if the power in your area sucks, the power conditioning even a good small UPS provides is invaluable.

The multifactor can’t be understated as part of your security stance! I turn it on and enforce it on my home network for any service I host that supports it. And like mentioned elsewhere, only 80 and 443 are opened and they go straight through a proxy.