Hmm, is that waddling or flying power? Swimming?

Also, the only reason for the 3 horsepower is so the others can rest, so we’d probably need far fewer than 393.6 ducks, I think we could get away with <100, provided we can manage their sleep cycles properly.

Switches and routers are pretty low-power, so we could probably get away with some form of body heat -> electricity thing. Or a battery and put the horse on a treadmill every so often.

Lots of options. Here’s what I do:

1. HAProxy - uses SNI to match an HTTPS request to a service, without decrypting the connection
2. Caddy - manages TLS certificates, decrypts connections, and sends the request to the relevant service
3. Docker - each service runs in a docker container on the host
4. my router has static DNS entries for each of my subdomains, so I can do https://service.mydomain.com, and my traffic never leaves my LAN when I’m at home

I have HAProxy running on my VPS (Hetzner), and it routes traffic over my WireGuard VPN to whatever physical device on my internal network handles that service (i.e. 2). This allows me to add devices to my network as needed, and TLS certs all live on that device.

This is probably overkill for your setup since it sounds like you can talk to your home router from the internet (I can’t because I’m behind CGNAT), so you could drop #1 and just use Caddy, assuming you’re okay with having all traffic handled by a single device. Or you can see if your router supports SNI-based routing to handle what I’m using HAProxy for.

If you don’t need to share your services w/ anyone, you can have everything live inside of a VPN and just access it via that VPN. You can look into Tailscale if you want something dead simple, and I think Cloudflare offers something similar. I started with that, but decided I wanted to share a number of services with family members, and I didn’t want to force each of them to configure my VPN.

Eh, my Ubiquiti AP works pretty well, though it’s a bit annoying setting up the server software. I get way better range with it than I ever got with my previous routers, and I never have to reboot it (my Mikrotik router needs to be rebooted more often, and that’s rock solid as well).

I honestly haven’t had any issues, but I have a very simple setup:

• Mikrotik router
• UAP-AC-LITE

That’s it. No mesh, just a single AP and a single router. It works well, and I largely forget about it because it just works.

That said, I’m considering upgrading to a newer wi-fi standard, so I’ll be doing some research again. Ubiquiti was the best at the time, but I don’t have any particular brand loyalty, so I’ll get whatever seems to work well and is a reasonable price. I will probably keep this AP and add a second, so that’ll factor in as well (i.e. can I have two APs serving the same SSIDs? If so, how do I get them to work seamlessly?).

I use Linux full time and I tried using my desktop as my NAS, and even then it was annoying.

Just get a second device to use as a NAS if you actually need one, or if it’s just you, share files on a separate drive/partition between Windows and Linux. It’s not worth getting fancy with one device.

Your photo and docs

At least in my case, it’s really handy to share photos with other family members. But certainly you don’t need all of them available on the same public service.

Is a vpn always safer then a reverse proxy?

Depends on what you trust, I guess.

A reverse proxy on a standard cert is a bigger target for automated scripts than a reverse proxy on a non-standard port. A VPN runs through the VPN’s authentication, whereas a reverse proxy relies on whatever that app’s authentication is. So whether it’s secure enough depends on the VPN configuration, what you’re hosting, etc.

I’m behind CGNAT, so I have limitations you don’t, but here’s my setup:

• VPS at the edge for my public services - basically the same as a reverse proxy because the application is directly exposed
• self-hosted VPN at VPS to facilitate reverse-proxy - I could shut down public access any time and just login w/ the VPN
• static DNS entries on my router so I can use my domains inside my network (TLS also works properly)

I like this approach because I can eat my cake (nice domain names instead of IPs and ports) and have it too (fast connection inside LAN, can disable reverse proxy if I want better security). You could get the same w/o the VPS, and if you require WireGuard VPN access outside the LAN, you get better security than a public-facing service.

Eh, I don’t think the energy use difference is all that important. It gets a lot more complicated if you factor in the ink drying out before being fully used, which means we’d need to produce and transport more ink. Also, a lot of the energy use for a laser printer is during warm-up, so if you print in big batches, the energy difference is a bit lower since it’s amortized over the amount of pages you print.

So just looking at wall power draw only tells part of the picture, and if you’re only using it a few times per year, it’s largely irrelevant (maybe a couple KWh/year difference?).

Yeah, if it’s unlockable in a reasonable amount of time (say, 5-10 hours per hero), then it’s basically the same as those stupid F2P mobile games where you can pay to “speed up time” or whatever. Or if there’s a rapid churn where you lose access to heroes after some amount of time (i.e. even if you pay, they’d disappear).

But if you can grind for a few hours to get the hero you want, then yeah, not P2W.

It’s not P2W though, right? I thought they only sell cosmetics w/o competitive advantage (outside a mistake here and there), everything that actually impacts competitiveness is provided equally to everyone.

If that’s not the case, could you link something that indicates that?

This sounds likely. Unfortunately, when the problem doesn’t go away a few months from now, it’s not like they’ll reenable Linux support…

How well does that work though? My understanding is that there are still quite a few caveats, but it’s been a while since I actually looked into it.

Would the Mac Mini actually idle at that wattage if it’s open for connections? I doubt it, it’s probably more like 10W, which is generally the range for those smaller AMD MiniPCs or NUCs.

If it’s 10W, that’s a $20 savings from your NAS w/ a desktop CPU (and probably a discrete GPU, unless it’s running an APU). I can get 4% easily on savings, so I’d only need a $500 savings vs the Mac Mini to recoup that difference every year ($500 * 4% = $20). So if you already have an old PC, use that instead of buying a Mac Mini, and you also won’t have to fight macOS to do what you want.

Yup. My old 1st gen Ryzen desktop system isn’t particularly power efficient, but it idles <50W (I think closer to 25W, but I haven’t measured for a while). And that’s a desktop class chip from 7 years ago with two HDDs and a discrete GPU and PCIe wifi card, so it’s not winning any awards for efficiency. Even at that, it’s barely a blip on my power bill.

An AMD or Intel laptop-class chip should be able to get to 10W or so idle, and not spike too much with basic tasks. And those can be had for $200-300, less if you’re okay with older chips. Run Linux headless and it’ll likely stay below 15W at the wall most of the time.

If it’s an older x86 model, just install Linux on it.

Yeah, I think it’s fantastic as well. The SimpleFIN syncinc works fantastically, and I’m happy enough that I cancelled my TillerHQ subscription, which lapses this month. There’s still a little work to do to clean up some of my older data, but once I get it all rolling nicely, I’ll definitely send the developers a substantial portion of what I was paying for Tiller (like $100/year). I’ve only used it for a couple months, and I plan to play with it a bit in the next month or two as I’m preparing EOY stuff.

Nope, which honestly annoys me but is pretty par for the course. That said, when it comes to budgeting, I mostly care about where money is going and care less about the “whole financial picture.” If I need to estimate what retirement looks like, I want more than a simple budgeting tool.

I personally use Fidelity for investment tracking. My main “checking” is their Cash Management Account, my “savings” is a brokerage account (invested in t-bills and money market funds), and I can link all of my other accounts and it pulls in specific investments and shows a consolidated view. It’s awesome because it shows all kinds of stuff, like morningstar-style factor weights, sector exposure, etc. It’s not self-hosted, but I trust them with my banking anyway, so it’s not like I’m opening myself up to some new exploit (oh, and Fidelity also has proper MFA; Symantic VIP, which kinda sucks, but it’s way better than any other financial institution).

I used to track this stuff via a Google spreadsheet (couldn’t find a way to get stock quotes in LibreOffice), but this seems to be good enough for me.

In this case, the mobile UI doesn’t even work properly.

That said, I find value in it because it makes it so much easier for my SO and I to see the same thing. Oh, and it supports importing transactions via SimpleFIN, which is really nice.

I’m going to try this out. I hesitated because I was considering switching to Owncloud Infinite Scale, but I’m not going to bother because I decided the file structure OCIS uses is a deal-breaker (way too complex to recover in a disaster).

Agreed. It has gotten a lot better since I’ve been in the industry, but it still has a long way to go.