Hey everyone,

I am completely stripping my house and am currently thinking about how to set up the home network.

This is my usecase:

• home server that can access the internet + homeassistant that can access IoT devices

• KNX that I want to have access to home assistant and vice versa

• IoT devices over WiFi (maybe thread in the future) that are the vast majority homemade via ESPHome. I want them to be able to access the server and the other way around. (Sending data updates and in the future, sending voice commands)

• 3 PoE cameras through a PoE 4 port switch

• a Chromecast & nintendo switch that need internet access

Every router worth anything already has a guest network, so I don't see much value in separating out a VLAN in a home use case.

My IoT devices work locally, not through the cloud. I want them to work functionally flawless with Home assistant, especially anything on battery so it doesn't kill its battery retrying until home assistant polls.

The PoE cameras can easily have their internet access blocked on most routers via parental controls or similar and I want them to be able to send data to the on-server NVR

I already have PiHole blocking most phone homes from the chromecast or guest devices.

So far it seems like a VLAN is not too useful for me because I would want bidirectional access to the server which in turn should have access from the LAN and WiFi. And vice versa.

Maybe I am not thinking of the access control capability of VLANs correctly (I am thinking in terms of port based iptables: port X has only incoming+established and no outgoing for example).

I figure if my network is already penetrated, it would most likely be via the WiFi or internet so the attack vector seems to not protect from much in my specific use case.

Am I completely wrong on this?

I got immich with SSO up and running. It runs like a dream compared to Photoprism and is simple enough for me, but also has necessary features like user accounts.

There is one thing I couldn't find in the docs:

I already have a library of 5000 photos and 150 videos on my server that sync to my phone with Syncthing to 4 different directories (one for each phone I took the photos on) in Immich. Right now I have that directory as an external library, but I don't think this is the "right way."

My goal:

• No duplicates between phone app and desktop app
• Don't have to re-upload every image from my phone as my network is 100/30 mbps
• Am able to manage my photos from the Immich app and web app (deleting photos that will propagate between devices)

Can I just map the "Upload" folder to that syncthing photo base folder and get parity between my phone and my server? Or do I have to re-upload everything from my phone? Or am I waiting for a feature that doesn't quite exist yet? I noticed some feature discussions about photo hashing and de-duplication.

I tried asking in a discussion on the repo, but nobody answers those much.

For the past few months or so, steam precaching has been out of control. I have to download between 10 and 30 GB of shader precache data per day. That is extremely ridiculous. Steam's shader caches are quite often almost as large as the game itself. For example: the image here is a game that is ~7GB for the full game, downloading 10GB of shader precache. If I download an average of 30GB of shaders per day, then that is almost 1TB of data downloaded written per month just in shaders...

Not to mention that games I play regularly like CS2 get a precache update literally every 2 days that is 5-10GB and if I manage to cancel it, there is 0 difference in performance at all.

Also fossilize replay that takes 20%-50% CPU load, sometimes for an hour and is the single highest user of disk IO on my entire system. I would be concerned about SSD wear if it was during the early times of ssd just because of the massive amount of writes.

I'm all for downloading shader precaching, but at normal intervals of after updates, not just randomly every few days when there hasn't been a game update in months or years. I don't want to delete all of my games because I only have 100/30 internet, so it would take me a long time too redownload games.

Has anyone else been seeing these ridiculous intervals and datasets of shader cache? Could there at least be a selective pre-caching setting only for games that I play regularly so I am not caching shaders for games that I haven't played in 2 years?

Hey everyone,

There is no real "homenetworking" community like there was on reddit so I thought I would try my luck here.

I live in a 130m^2 house (~1500sqft) that is being completely stripped. That means I am putting in 12-14 Ethernet jacks in the rooms that might need it and have to completely redo my home network setup.

It is a house from the 1950s in belgium, so 21cm thick internal brick walls, a bit thicker concrete floors on the 2 levels. It is essentially a square (8m x 9m outer dimensions), and most of the advice on the internet is built for sprawling American wood houses which have completely different absorption of wireless signals. It has central stairs and essentially 4 rooms, 2 on either side with the kitchen in the back being bigger.

The little advice that I have seen is "brick walls -> get a bunch of access points" but that doesn't sit right with me.

1. Currently we are using a Proximus (our ISP) modem/router in the northwest most far corner or the house and still get weak signal (enough for lower quality videos like Instagram reels) all the way in the southeast corner on the 2nd floor. It goes through 2 brick walls, a concrete floor, and a door and we can still use WiFi 6. Intuitively I would then set up something like an Asus rt-ax58u or a zenwifi XT8 mounted to the staircase wall or in the hallway in the center of the house. I don't know if that would be strong enough to reach everything we need, but it seems better to me than a router in each corner and blasting channel noise at our neighbors' houses since in belgium there isn't much side-garden if any.

2. I have a home server running a variety of local and internet-facing services for myself and family. Due to ease of wiring, I would prefer running modem -> TP-SG1SG016DE -> Wireless Router and using an Asus router. Would the TPlink kind-of-managed-switch be able to isolate the modem fron the rest of the network and just run it to my router to use the LAN of the router for the rest of the ports on my switch? It has port isolation functionality, so I assume so. Then I don't have to run double Ethernet to the hall.

I want to go with Asus because I hear that they generally have more features than other brands. I for sure need port forwarding, QoS, disabling PnP, assigning static IP, and NAT loopback if possible so that local access of services doesn't have to go through cloudflare and can go directly to my reverse proxy. My TPlink Archer A7 that I use now can't do NAT loopback and it makes any file transfers limited by my 5:1: asymmetrical upload speed. Also having VLANs for any cameras would be great, but I think you can do something similar via parental controls on an ASUS (restricting a certain device IP's internet access.

Would the Asus rt-ax58u or a zenwifi XT8 have the festures that I would need for my simpleish home server?

Thanks for the help!

Edit: Tl;dr since nobody reads this long of a post:

• I am running Ethernet (cat6) to every room. Modern laptops as well as phones have no Ethernet port, so I need wifi

• I am looking at 1 wireless router, no "mesh" bs at all. The advice of overstuffing a small house full of a dozen access points is overkill and detrimental to performance without power and channel usage tuning.

• I have specific features I want in a router, can one of the listed ones do all of that like NAT loopback?

Hello everyone,

I am trying to get my new A380 working on jellyfin for transcoding. My setup is headless so I have no X server or wayland installed.

I am running debian 12 bookworm with backported ZFS and kernel:

Linux Kiruna 6.4.0-0.deb12.2-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.4.4-3~bpo12+1 (2023-08-08) x86_64 GNU/Linux

According to everything I found, there is no need for any extra drivers as Intel card drivers are baked into the kernel and functional on 6.2+

I have followed the documentation regarding intel GPUs and added both /dev/dri and /dev/dri/renderD128 to my devices in jellyfin and restarted.

Executing vainfo in the container space returns this:

Trying display: drm
libva info: VA-API version 1.19.0
libva info: Trying to open /usr/lib/jellyfin-ffmpeg/lib/dri/iHD_drv_video.so
libva info: Found init function __vaDriverInit_1_19
libva error: /usr/lib/jellyfin-ffmpeg/lib/dri/iHD_drv_video.so init failed
libva info: va_openDriver() returns 1
libva info: Trying to open /usr/lib/jellyfin-ffmpeg/lib/dri/i965_drv_video.so
libva info: Found init function __vaDriverInit_1_19
libva error: /usr/lib/jellyfin-ffmpeg/lib/dri/i965_drv_video.so init failed
libva info: va_openDriver() returns -1
vaInitialize failed with error code -1 (unknown libva error),exit

vainfo on the main device sudo vainfo --display drm --device /dev/dri/card0 returns the same thing even though this command should work on headless servers.

executing docker exec -it jellyfin /usr/lib/jellyfin-ffmpeg/ffmpeg -v verbose -init_hw_device vaapi=va -init_hw_device opencl@va

for checking OpenCL gives this:

ffmpeg version 5.1.3-Jellyfin Copyright (c) 2000-2022 the FFmpeg developers
  built with gcc 11 (Ubuntu 11.4.0-1ubuntu1~22.04)
  configuration: --prefix=/usr/lib/jellyfin-ffmpeg --target-os=linux --extra-libs=-lfftw3f --extra-version=Jellyfin --disable-doc --disable-ffplay --disable-ptx-compression --disable-static --disable-libxcb --disable-sdl2 --disable-xlib --enable-lto --enable-gpl --enable-version3 --enable-shared --enable-gmp --enable-gnutls --enable-chromaprint --enable-libdrm --enable-libass --enable-libfreetype --enable-libfribidi --enable-libfontconfig --enable-libbluray --enable-libmp3lame --enable-libopus --enable-libtheora --enable-libvorbis --enable-libopenmpt --enable-libdav1d --enable-libwebp --enable-libvpx --enable-libx264 --enable-libx265 --enable-libzvbi --enable-libzimg --enable-libfdk-aac --arch=amd64 --enable-libsvtav1 --enable-libshaderc --enable-libplacebo --enable-vulkan --enable-opencl --enable-vaapi --enable-amf --enable-libmfx --enable-ffnvcodec --enable-cuda --enable-cuda-llvm --enable-cuvid --enable-nvdec --enable-nvenc
  libavutil      57. 28.100 / 57. 28.100
  libavcodec     59. 37.100 / 59. 37.100
  libavformat    59. 27.100 / 59. 27.100
  libavdevice    59.  7.100 / 59.  7.100
  libavfilter     8. 44.100 /  8. 44.100
  libswscale      6.  7.100 /  6.  7.100
  libswresample   4.  7.100 /  4.  7.100
  libpostproc    56.  6.100 / 56.  6.100
[AVHWDeviceContext @ 0x55e4877d54c0] Trying to use DRM render node for device 0.
[AVHWDeviceContext @ 0x55e4877d54c0] libva: VA-API version 1.19.0
[AVHWDeviceContext @ 0x55e4877d54c0] libva: Trying to open /usr/lib/jellyfin-ffmpeg/lib/dri/iHD_drv_video.so
[AVHWDeviceContext @ 0x55e4877d54c0] libva: Found init function __vaDriverInit_1_19
[AVHWDeviceContext @ 0x55e4877d54c0] libva: /usr/lib/jellyfin-ffmpeg/lib/dri/iHD_drv_video.so init failed
[AVHWDeviceContext @ 0x55e4877d54c0] libva: va_openDriver() returns 1
[AVHWDeviceContext @ 0x55e4877d54c0] libva: Trying to open /usr/lib/jellyfin-ffmpeg/lib/dri/i965_drv_video.so
[AVHWDeviceContext @ 0x55e4877d54c0] libva: Found init function __vaDriverInit_1_19
[AVHWDeviceContext @ 0x55e4877d54c0] libva: /usr/lib/jellyfin-ffmpeg/lib/dri/i965_drv_video.so init failed
[AVHWDeviceContext @ 0x55e4877d54c0] libva: va_openDriver() returns -1
[AVHWDeviceContext @ 0x55e4877d54c0] Failed to initialise VAAPI connection: -1 (unknown libva error).
Device creation failed: -5.
Failed to set value 'vaapi=va' for option 'init_hw_device': Input/output error
Error parsing global options: Input/output error

I also have under environment this option:

- DOCKER_MODS=linuxserver/mods:jellyfin-opencl-intel

because I am using the Linuxserver.io version of jellyfin.

Starting a show with hardware encoding then enables (VAAPI or QSV) results in "This client isn't compatible with the media and the server isn't sending a compatible media format." so hardware encoding definitely isn't working.

Does anyone have any idea if this is because I don't have a display driver installed? According to FFMPEG it shouldn't need an X server environment

Solution 5 months later:

After a lot of debuging, giving up, and starting again recently. I noticed that intel GuC was loading on start but HuC was not. I ended up having to download the entire linux firmware git repo, extracting the i915 folder and dropping it in my /usr/lib/firmware/.

Now it works perfectly!

Hey everyone!

We are renovating our atelier to be a temporary house while we completely strip and redo the main house for a few years.

One thing I am really struggling with is how to make a large 255cm x 65cm dirty concreate workbench into a kitchen countertop for 2 years or so.

We are based in Belgium, so wood prices are about 2x what they are in the US (250cm x 125cm OSB board is 50€ or so).

The height is already quite high for a countertop (for me and my girlfriend it is perfect) so adding a thick slab of butcher block or something would make it unusable.

I don't really know what my options are. Maybe a wood veneer? Some sort of cheap-ish tile?

We used some iron-on white to finish the edge of our custom sink cabinet made from some old office cupboards, maybe there are larger ones like that that would work for concrete?

We are trying to stay below 2cm thickness. Idealy 0.5cm or so, but that would be difficult.

If anyone has any ideas to throw out, we would be open to it! It is just temporary, so it doesn't have to last more than a few years

Thanks!

Edit: I realized I didn't have any good pictures of the bench itself since it always took a back seat, but here are a few bad ones to give an idea from in the beginning https://imgur.com/a/KgiqHrC

Hey guys, I have been looking at building a home gym (possibly outdoors) in my new house we are renovating.

I want to get back into lifting as it has been about 4 years since I did it seriously.

I was looking at bars and the market here is ridiculout it seems. I can't find a single stainless steel bar for under 475€($520). The Ohio bar is one of the cheaper ones at 550€ instead of $370. Of course I get why it is more expensive for an import bar, but I literally can't find any bar here non-imported that says that it is stainless steel that isn't calibrated and insanely expensive (550€+)

The difference here betweeen cerakote and stainless is even greater (>100€ in some cases).

I was hoping to just get a second hand rack, some basics weights, and a barbell for around 1000€ or so, but it looks like I would have to spend at least 2000€ to get any kind of setup. Cage here are 850€ or so on the lower end just by themselves.

I am looking at strengthshop.eu, roguefitness.eu, fitness-seller.nl, but I don't really know what are the best bang for your buck options.

It looks like one of those sites has a 340€ stainless steel ATX bar, but I don't know if that is a reliable brand.

Anyone in the EU with any advice?

I just started playing rimworld a week ago.

My first colony all died. I was researching drug policy and starting geothermal and blowback weapons, I was getting raided every couple of days and had 0 wind so I had to prioritize those. Suddenly, the plague infects 5 of my 6 people. 2 people survive with the least skills. Cassandra: Adventure difficulty. I followed all of the healing and rest guides and 1 person with the plague survived. This first time I got a few turtles and had major problems with 300+ turtles eating all of my food and unable to slaughter them as fast as they were spawning

I started a new colony also with Cassabdra: Adventure difficulty. I just reached the exact same point. Drug policy not done, this time not even geothermal or blowback done (so I would say early game). Plague. This time only 2 out of 6 die. Not bad. I survived.

NOPE: 2 days later, nuclear fallout and everyone has to stay inside for what? Months? Luckily I have only 1 turtle so I have 1000 rice and 1000 various meats built up in my much larger freezer with a open door chimney. Should be able to wait it out.

NOPE: the second day of fallout I had a multi-day solar flare knocking out all of my fridges.

Luckily the power came back before all of the meat spoiled and I got a mad muffalo for extra food.

I still don't know how to protect my chickens in the pen because I can't set a zone, but they seem to by chance sleep under the roof every few days and reduce their radiation. I don't have the available power or components to switch to indoor farming with sunlamps (and hydroponics not researched yet) so I might be screwed if my food runs out.

I read online "plague is a very unlucky roll early-mid game" and I got it twice in a row lol. Plus a toxic fallout immediately after. Sometime this game just decides to come and get you.

I have been upgrading after a few weeks of being too busy too. I constantly now run out of space on my 50GB root partition even when running -Sc after every update and reboot to make sure everything works...

It really is crazy that there is no option to put all the programs on another partition than root unless you make a separate partition for /usr that will somehow foresee what you will install in the future.

My /usr with all of my programs installed is 29GB and /var takes up 10 GB. That leaves just 10GB for everything else.

I have just followed the partitioning advice since my first 2016 install, but in the past few years, everything has just ballooned in size it seems and is now always a problem every few years no matter how big you make your root partition.

Is there a better solution for this? Can we place /usr files managed through managers in /home? I think that is against the pacman/yay way of working.

Good morning everyone,

My girlfriend and I are renovating our first house.we are busy with demolition and cleaning stuff right now, but we are also planning out our entire budget and getting offers for a new bathroom and such.

I hear all the time what a cost difference building and renovation is, but I can't see how it works in practice.

If I go on a webshop to buy dust masks for example, I am charged the full VAT. International companies like Conrad won't gave an option for less tax, but it would make sense to get it there if it is already 25% cheaper than a store here, all tax excluded.

If I go to something like SACK, they give one price that includes whatever tax they choose it to be (then pocket the difference, we actually had it happen where we got an offer, we said it was above our budget, and they said "oh I spoke to my manager and just for you we can give you a 15% discount" within 10 minutes of the email. Sure...)

If I go to a bouwmaterialen store or a groothandel for electrical, do I have to specifically tell them that I am doing a verbouw?

I am not sure how this works in practice.

Thanks guys!

It's weird. I have been working from the office 5 days a week instead of the normal 2-3 days for a few months.

Now I only get to have my nice V60 coffee on the weekends because my 1 hour to 1h15 commute time takes up too much time.

I end up using the work coffee machine, which does grind whole beans for my coffee at work. It is very inconsistant. The same setting often gives either watery coffee or overextracted coffee depending on how it feels that minute.

It has made me really enjoy and savor my weekend coffee much more than when I was having good coffee every day. Like the contrast made me realize how good it already was without chasing a better grinder/better water/better methods.

Does anyone else have this sort of experience?

Hey lemmings, I was wondering not just what you are using foe documents, but how you go about securing them.

Right now I am simply running paperless-ngx on a LUKS encrypted drive with all of my other data, permissions so only docker can access it, and running it through my reverse proxy with authelia in front of the paperless authentication for 2 factor.

I have sensitive documents like house sale documents and pay slips on there. I want to keep it publically exposed for my work documents (we have to submit documentation of different tickets and invoices for personal things to get repaid), but I am worried about the security aspect of it.

I figure data-at-rest encryption is useless because if a bad actor gets in to my server, they could get it all from memory anyway, but I wonder if specifically I should make that 1 docker image only accessible by VPN or something like that? Any recommendations on how to secure documents like that while still having them accessible?