Have a look at Agent DVR. Works locally and the “pro” features that one would need to pay for are basically just Plugins. Everything else works nice without it. Additionally it accepts basically everything you throw at it camera wise and is far easier to configure than frigate, also has a (good) HA integration and is extremly mighty if your system grows over the years.
The mobile app is nice, but it also works fairly well in a browser on mobile.
Did you just seriously recommend port forwarding to a NVR login? Even worse with a consumer grade router? With HTTPS,non Standard Port and a strong password as the only security tips?
Please,people,for the love of god: Don’t do that. Really. Don’t. This is really bad advice,sorry.
Unless you are very very sure that your NVR solution is impecable in terms of security (none are), you are 100% sure you stay up-to-date all the time (including reviewing updates for issues) and have additional measures like fail2ban, IDM/IDS,etc. in place this is a very bad idea. HTTPS is only helping in terms of password transmission/spoofing,which is an unlikely vector here, a non standard port doesn’t help one bit here(have a bit of fun with shodan and see yourself) and while a strong password helps it only helps if the auth of the system and the OS below itself is watertight - a hard task.
It is always a bad idea to port forward unless you really really cannot avoid it.
Use a VPN - as you said, wireguard.
Simply choose a private DNS server like mullvad,quad,etc. and it should work…
Try the Black Forest. We have Lynx and wolves and even a mysterious elk this summer.
And tbh, V60 is a high average to fall from. Had one of these and while I didn’t loved it, I liked it. To quote a friend of mine who still owns one “brutally average and brutally versatile”.
Try a EV6 or 3,though. Good EVs are a huge difference when it comes to “fun in everyday driving” imho, due to their different engine characteristics.
Especially as a European the first two things can be changed to some degree. I live within sight(200m) of a proper nature park that basically is an extension of an national park. And I have four different options for fast train travel within an hour and a (most of the time) reasonably good regional connection and a almost perfect regional connection 25min away.
Tbh, we did specifically move here for these things.
In terms of driving I must disagree - I have driven various cars from the 60ies and while they are gorgeous from the outside, the inside was always very underwhelming and also simply exhausting to drive. But maybe I am also too different - I used to have big company cars (BMW 5, Audi A4/6/7, MB C/E) and did not really like them. Nowadays I drive a EV6 and it’s the most fun car I ever had,by a higr margin.
First time at 8…when my drunk ass neighbour jumped from his 10m high roof and landed on his patio.
Ended with a Helicopter and everything, he actually survived.
Second time was when I was already an EMT to call for backup.
Last time was on Monday to,well, call for backup as an paramedic as radio reception was shit.
Absolutely the best.
Technisation and standardisation are good for the EMS sector.
The whole “it was better when we could do what we want and back then we had only real calls with sicker people and everything was good” is fucking aweful and hurting the profession.
Look, you fucking volunteer dick, I know you do this for 10 years longer than me (and I do it for 25 now),but unlike you I did it full-time and probably had more shifte in one year than you had in your life. Now my back is fucked because back then there was no “electrohydraulic stretcher”, no stair chair, the ventilator was twice as heavy (and could basically nothing), the defibrillator weighted so much we often had to switch carrying it after two floors up.
And we had just as many shit calls,but got actually attacked worse because the shit 2kg radios were shit and had next to zero coverage indoors, and so had cellphones which led to you being unable to even call for backup.
And of course we had longer shifts,needed to work more hours and the whole job market was even more fucked.
“But we didn’t need this and that,we looked at the patient”. Yeah,go fuck yourself. MUCH more people died or took damage from that. So many things were not seen. And it was all accepted as “yeah, that’s how life is”.
So fuck everyone in this field and their nostalgia.
Pihole has a few drawbacks when your systen grows - a lot of things then need to be done by hand that others do either automated or at least easier.
Personally I have become very fond of technitium - it does everything you will ever need and the main drawback is that it seems so fucking overwhelming initially. But: Once you figured out that you basically only need 10% of the fields it becomes easier. And it’s fucking solid and just works and works and works.
Not a fan of Pi-hole itself, but other than that,why not?
(Technitium DNS has some advantages down the road)
If you like your work? Keep working. The demographic bubble is gonna burst all over the world and that will indeed make pensions unstable.
That is a bad setup then. Not an issue of the software or hardware.
If that was in eastern Germany 10 years ago…that was me and I had my reasons,see above.
I had basically the same idea following a similar thread in a forum around 12 years ago.
Not FBI,but something similar from my country. Luckily I only used it for my physically seperated guest network(totally different connection)
… Thanks to Ubiquiti being asshats and not telling people about a zero day for months it got hacked and renamed into “FreeWeedAndFreeBeerIfyouringat{MyLastName}”. They even replaced the background of the portal page with a carefully crafted picture explaining how they did it.
… I very much suspected the two CS students next door,especially as the range was shit and it was either them, someone with a really sophisticated array and (as you couldn’t park in our street it would even be hard for a average wardriver to do so easily) and I very much rule out the 90 year old lady below us or the family who both were,well,rather non technical it seems. (He asked for help to set up his TV)
… As revenge,when one of them got a girlfriend who was as pretty as she was loud we set up a small open wifi on a mikrotik device which was just strong enough to go through one wall that was named “WeCanHearYouHavingSex” that lead to a fileserver that had a .wav in it with a five second proof of that and then Rick Ashley.
… He kindly asked for that being turned off before christmas when his parents would visit.
And now everyone who is salty about it repeats: If you don’t pay for it you are the product.
Tbh, their product is much better than the alternatives, especially for non English cases and we selfhost it anyway for aged now. Which works perfectly well and remains free and open - source.
Real. But I live in a pretty foresty area and just go to the neighbourhood farmer where I also get my eggs from and my poultry and it’s not pricey and goes into the fireplace once it’s dry enough.
Heaps. I part timed as a bouncer/medic at a club when I was 21 and there were heaps of girls below 16/18 trying to get in. Actually one of the reasons I was hired was because I normally used to be fairly good at recognising these and their fake IDs and as the youngest member of the team at least some of them as younger sisters of my friends.
And nevertheless I had two occasions were it was a “close call”. Once I chatted with a girl who stayed till the end and she,well, was, pushing to go to my place - until she made a mistake (can’t remember what she said) and I asked her about her age again(I had before and of course she claimed to be 19). She was indeed 14. SHIT. That was literally one day after we had the cops raid the place for minors and if they would have found her inside it would have cost us 10k at least - or our licence. (In theory in my country age of consent would have allowed “it” between us. But no. Never ever ever.YUK) That was a close. (Imagine me always shitting a brick back then and still feeling nauseated today) But would have never ever suspected her to be younger than me actually.
Other case was a girl very agressively pushing her number onto me, I was busy, so I didn’t care, but tbh, she was pretty and looked definitly 18+x. Responded for a call for medical backup, we need an ambulance to respond. Nothing drastic,just someone overly intoxicated. …next thing I can here my colleague from the ambulance screaming at someone in front of the toilets. …It was the girls mother -she worked nights and her 15 year old daughter thought it was a good idea to go out with a friend-. Funny enough my shiftleader was mortified as they had texted pretty flirty before - she had definitly made it inside a few times. (I think she claimed to be a uni freshman,which are all above 18 in my country)
(And fuck,our national IDs were so easy fake back then. Luckily that’s 20 years ago)
I am fairly sure that I never had anything going with someone younger than 16 after I turned 17, but fuck… The first one was a really close call,the second one coud have been. I would have never ever suspected their age. I am so happy that the universe did not let that happen.
Anyway: Even if someone gets tricked: Why on earth would they go for another round.
PS: Funny enough it goes the otherway around as well: A female friend of mine looks,well, like she is barely 14. She once was my trainee paramedic and I got regularly stopped by cops for letting an alleged minor drive the ambulance. (She was 20 at that time). Nowadys she is over 40, has two kids, is a chief physician and tbh, still looks bloody young and it’s often a nightmare for her with some patients.
Yeah. And Netbird/Pangolin go a long way these days.
Have a look at Layer7,btw. They are more than decent and you can easily install Proxmox on them as a Hypervisor.
Just a theory: There is a good chance that your provider does CG-NAT and that was the issue with OpenVPN. These would persist with wireguard,sadly, unless you solve them properly. (Which can be tricky). But just for the book: Running an Wireguard Container behind your router and have a port forwarded to it is an option. (But still needs CG NAT adressed)
Thaft leaves you with a few options:
Cloudflare: Imho a bad idea - it’s evil, it’s monopolistic and while it’s “an easy way” it has its technical downsides. As you said a domain is still required.
Use a small VPS and run a wireguard tunnel and maybe pangolin as a reverse proxy on it.It has the benefit of being very flexible and once configured is fairly stable and it puts the security part outside your network. But it costs money unless you maybe make it work on oracle’s free tier. I would still recommend using a cheap domain,though)
As others have mentioned: Tailscale/Zerotier/Netbird absolutely are an option if it’s just for you. But they get nasty if it’s for more people or larger deployments with tailscale and while netbird is far better it’s less common and does require a domain as well. (Which,again,is not a bad idea to have)
Totally non scheduled, sadly.
In theory I work a flexible time schedule,realistically it’s more or less 0900 to 1800, but it’s very much depending on my clients. These are based worldwide, so if I am unlucky it can happen that (remote) meetings are at 2300 or later. I am on call half of the month, if major incidents happen I got to get up, but luckily these happen infrequently.
My staff works on a fully flexible schedule unless they are on call. The only fixed dates in their workweek is a jour-fixe on Wednesday and of course client meetings. Other than that I don’t care when they work as long as stuff gets done. (My staff is fully remote anyways) People have lives and qualified staff is hard to get - and why should I make people unhappy by insiting on some fixed times that have no operational benefit to me?
Occasionally I add in a ambulance shift, these are 12h+overtime and usally 7-19 or 19-7.