That’s better for sure. Still too much for me. Our all-in investment cost is 0.05% now. That’s a lot of free compounded yield compared against guided investments which are themselves no better than the average market (on average).
That’s better for sure. Still too much for me. Our all-in investment cost is 0.05% now. That’s a lot of free compounded yield compared against guided investments which are themselves no better than the average market (on average).
That’s all fine, but just be sure you know how much you’re paying them for that service. Before we switched to self-managed a number of years ago our guys were taking 1.4% off the top of the whole account just to pick a bunch of index ETFs. Market goes up 5% and I only see 3.6% of it. Not good. Plus the ETFs they picked had higher expenses than just going with a whole market choice.
They offered to get us on a plan at 1%. Ha, no thanks.
That and the shrinking ability to grant access to device storage. If that becomes an option only on rooted phones (which seems like the directly Google is heading) it will make the audience for such an app much smaller.
If you’re buying new cameras they’ll be 802.3af PoE. Passive is becoming much less common. So that model router I linked would work great.
I think if you’re a moderately technically inclined person you would be happy with that solution. If you are intimidated at the idea of writing or adapting some scripts, I would probably recommend a router on one of the other platforms plus a PoE switch.
The easiest part of your requirements are the custom DNS records. All of the platforms recommended so far can do this. OpenWRT has the advantage of WiFi capabilities. If you want the router to also be your WiFi access point then it may be your best option. But it sounds like you only need it to be a wired router, which is good.
As far as the ad blocking, I have done this with pi-hole, and with the built-in DNS and block capabilities of OpenWRT, Mikrotik and OPNSense. They are all fine. The router ones don’t have the fancy web UI like pi-hole. So if you use that a lot you will be disappointed. Mikrotik’s is the most basic and a new feature for them, but they are actively developing it. Plus their current routers can run containers, so you can run pi-hole on the router as a container if you want.
PoE ports as a requirement is what narrows your options considerably I think. You could get that from a separate switch. If you want that in the router itself then you have very few options.
Mikrotik has a lot of routers with PoE out. Their newest model in the RB5009 series can do either passive or 802.3af/at PoE out. Many of their older routers have passive PoE only. Make sure you know what your cameras need.
I had similar requirements as you and got this: https://mikrotik.com/product/rb5009upr_s_in
It has PoE out available on all 8 Ethernet ports. The default 48v power supply works with 802.3af/at PoE. It is a 96 watt supply, and can support ~76 watts of PoE downstream. If you need passive PoE then you would need to change to a 24v power supply.
Mikrotik RouterOS requires some learning to use its advanced features, but their quick setup defaults are good. And the platform is super reliable and flexible.
For DNS you would use their Adlist functionality along with a script similar to the one from BartoszP in this thread to enable DNS name resolution for lan hosts: https://forum.mikrotik.com/viewtopic.php?t=181640. That script is added to the DHCP server config to run when each client gets an address lease. And then you would add static name records in IP / DNS / Static for the other host.domain names you want your lan devices to connect to by name which can’t be resolved via your upstream DNS server.
Nice, I’ll check it out! I remember LMS and Squeezebox. Didn’t know it would sync between rooms, and I didn’t know it had been open sourced, that’s excellent.
At the time we started in the Sonos ecosystem we wanted easy, and it provided that. Now I’ve got multiple servers running, self-hosting services for the family, slowly working on removing our cloud service dependencies. So this would fit right in.
Yeah, I get what you’re saying. Definitely. It’s not complicated for one pair of speakers in one room. For one music source. For one person controlling it.
There just haven’t been any better cost-effective solutions with multi-room, control from your any phone convenience. And that’s a big plus for how we listen to music. Today there are a few contenders, but many of them are also cloud dependent. Really the small number of good options in this space is proof of how good Sonos was for a long time. Well and also of Spotify causing people ditch the idea of a offline digital music library.
Edit: And to be clear, aside from the “any computer networks” part, this is what the original Sonos device did. It could work without a home network, but worked best with a shared music library on a PC. Didn’t need cloud anything, internet connection, account, etc. You just hooked your normal speakers to it and it played music.
That SATA port is what you need. You can use that to connect an external eSATA drive enclosure (external jbod).
For a clean install, get a SATA to eSATA adapter - the kind with an expansion slot plate. Something like a STCESATAPLT1LP. Unscrew the eSATA end from the plate, cut a matching hole in the PC case and mount the port to the hole. This is better than going straight from the internal port in my opinion.
It looks like you have a mini-PCIe slot as well, probably intended for WiFi. That may work with an mSATA to SATA adapter to give you a second port. Or it may work with an mSATA SSD. I would test with something cheap or get confirmation it works from other users of this PC before investing in an expensive SSD.
VPN + DDNS is what I do. You may be thinking about the perf hit of putting all your home connections through a VPN. That’s not the idea here. For self hosted services you would set up a wireguard “server” at your house. Then you connect your phone back to it to access your services.
With Wireguard it’s pretty easy to do a split tunnel, so that the VPN connection is only used for traffic to your home servers. Nothing else is affected, and you have access to your house all the time.
This is better for security than DDNS + open ports, because you only need a single open UDP port. Port scanners won’t see that you are hosting services and you wouldn’t need to build mitigations for service-specific attacks.
As far as podman, I am migrating to it from a mix of native and docker services. I agree with others that getting things set up with Docker first will be easier. But having podman as an end goal is good. Daemonless and rootless are big benefits. As are being able to manage it as systemd units via quadlets.
LibreNMS hasn’t been mentioned yet, and it’s very good. It does take some setting up, but its use of SNMP for data collection means that it’s easy to collect data from a wide range of network hardware as well. A wide range of alerting is available.
Cca != CCA
The Cca standard relates to the flammability and toxicity of the materials used to jacket the cable. You can read about it here: https://cabling.crxconec.com/en/crx-blog/CRX-Blog-02.html
CCA stands for Copper Clad Aluminum. The actual conductors (each wire) is made from aluminum that has been given a thin coating of copper. This is what you want to avoid since it can be less durable and likely to have more voltage drop for PoE. It’s unrelated to the Cca standard.
So assuming you are running this wire for a fixed installation, you should be looking for Cca + solid copper (not stranded). The one you linked to looks good.
Get shielding if it will be run near strong interference sources, and only if the shielding will be grounded.
The WiFi icon with good connection+ exclamation on Android means the connection to the access point is good, but you don’t have a path to the internet. I would start by connecting a PC, wired, directly to your router. Make sure that’s working. If not, get some specifics on what’s failing and troubleshoot.
Then connect to the switch. Repeat. Then connect to an app, repeat.
I like LibreOffice Draw for this.
And if you did, and want a fun tech project to track what species are in your yard, check out BirdNET Pi: https://github.com/mcguirepr89/BirdNET-Pi
See what’s using the space. This will list any dirs using >100MiB:
sudo du -h -d 5 -t 100M /var
We are on Fidelity. But self-directed on all the big ones are no fee and free trades these days - Vanguard, Fidelity, Merrill and probably others. Just need to watch the fund/ETF fees to have a total cost.