My Dream of a Home Router / Server
What if you could buy off the shelf a box based on #opensource software and hardware that you could plug into your internet connection. You could connect to via Wifi and it would allow an average person to fairly easily configure, via a guided setup, a self hosted Cloud Drive, Social Media server, home automation service, VPN end point, email server and other commonly useful software?
What if that box allowed that person's friends to authenticate and to that box and link a box they own, either close by or remotely. It could extend connectivity and estabilish a chain of trus, provide a level of encrypted backup of content from that box and make assertions about the users on that box such as - This user account is owned by this person, this user account is over 18?
This is a dream. I know I'm rambling. #openwrt, #yunohost, #seflhost, #chainoftrust, #fediverse !Selfhosted
like this
don't like this
💚 🔜 🆕 💼 🎉 💚
Want to work in the open source software area (and support your favorite Android app 
) and still earn money? Guess what … Now you can! 😃
DAVx⁵ is enlarging it's (small) team and we're offering a new part-time job (100% remote work) to support our team in the field of
💼 Support and Community management 💼
⬇️ Learn more and apply 🔽
Community: please RT and share with people you might think are interested!
abeorch reshared this.
Da fange ich lieber nochmal eine Ausbildung an. Macht 12.000 € netto. Ohne Rechnungen schreiben, Selbstverwaltung und Ärger mit dem Finanzamt.
A photo of a starling murmuration as if smoke from a chimney has been called a "fluke" by its Yorkshire based, UK photographer, Anna Tosney #WomensArt #Photography
bbc.com/news/uk-england-york-n…
Skipton starling murmuration chimney photo 'a fluke'
Skipton in North Yorkshire has seen regular murmurations since the start of the year.BBC News
reshared this
I think that the "Mastodon is hard" vibe comes largely from folks who expect to be able to "find everyone on one app". I think when we tell folks leaving Twitter/Bluesky/Facebook/whatever about the Fediverse, it's important to address this disconnect with honesty and patience.
No, it is not "just like email". Because for 90% of folks email is "just another app".
It's more like webrings.
I don't think that the solution to getting folks to adopt the Fediverse is to change the Fediverse.
I think the solution is to show folks how great it is to have to curate your life. How wonderful it is to have to *work* for discovering new information. How challenging your mindset and stretching your grey matter is a positive.
To start with, when I talk about the Fediverse, I always say "the jank is a feature".
On Fedi, it is **absolutely** a feature that my posts aren't seen by everyone.
On Fedi, it is **absolutely** a feature that I have to ask questions because search is less-than perfect.
On Fedi, it is **absolutely** a feature that in order to host on your own domain you have to spin up infrastructure or work with someone who can.
On Fedi, it is **absolutely** a feature that there are entirely closed-off networks inaccessible from the outside.
These are features. Jank is a feature. Embrace it.
“How much for the antidepressants?”
“They're cream eclairs, sir!”
“...How much?”
reshared this
Not as much as she would appreciate some eclairs...
reshared this
reshared this
How to Save the Internet by Nick Clegg review – spinning Silicon Valley
Instead of recognising that social media harms mental health and democracy, the former deputy PM and Meta executive repeats company talking pointsNick Clegg chooses difficult jobs. He was the UK’s deputy prime minister from 2010 to 2015, a position from…
abeorch reshared this.
Midcounties Co-op celebrates 20th anniversary with raft of member offers
Midcounties Co-op celebrates 20th anniversary with raft of member offers - Co-operative News
Midcounties Co-op celebrates its 20th anniversary this month, announcing a series of exclusive member offersMiles Hadfield (Co-operative News)
like this
reshared this
reshared this
Deshittification
My life got so much easier these days when I stopped asking myself "what can this new thing do for me?" and instead immediately check "who owns it?" right when I'm first exploring a new product, service, or tech.
This spares me of the #enshittification cycle of getting attached to it, finding out the owner(s) are enshittifiers or have trashfire beliefs, then struggling to leave for a better alternative (or getting stuck when there isn't one). Instead their offer is just an automatic no go to me, they never get to infest my life in the first place.
For the best #deshittification I tend to look for three symptoms when I'm deciding whether to try a new thing:
1. Is the ownership for profit?
2. What are the beliefs of the ownership? (easily found usually)
3. Who are their sponsors? (investors, advertisors)
If any of those three things are out of alignment with my goals or ethics, then idgaf what their offer does, it's dead to me before I even bother to give it a try nor recommend it to friends.
I no longer have to do any hand wringing about "oh no the thing I like is controlled by bad people". I just had to stop giving bad people my patronage in the first place. And it has generally cleared space for me to discover much cooler things made by much better people.
abeorch reshared this.
abeorch reshared this.
poVoq
in reply to abeorch • • •NextBox - Your Private Cloud for Home & Office
www.nitrokey.comlike this
foggenbooty and non_burglar like this.
abeorch
in reply to poVoq • • •variety4me likes this.
HelloRoot
in reply to abeorch • • •The closest to your dream is probably hexos.com/
It is closed source, but build on top of open source...
They (for now) have a one time purchase license, no subscription.
It has buddy backups. Can run on any normal x86 pc / server (you have to bring your own and install hexos to it). And has a nice and simple GUI for deploying services easily.
I never personally used it. I just have it on my radar. For me, the not so easy but fully free (cost) and open source way works reasonably well. I run my homelab with dokploy.
HexOS
HexOSlike this
MentalEdge, Lucy :3, Xaphanos, standarduser, Blue_Morpho, ArchEngel and nephew like this.
cer0 doesn't like this.
MentalEdge
in reply to HelloRoot • • •For a free foss alternative, look at OMV (OpenMediaVault).
Most of what a user might need is fairly simple to set up in the webUI, and if you know what you are doing, you can still go into the underlying debian system and do whatever you like.
openmediavault - The open network attached storage solution
openmediavaultlike this
Xaphanos, standarduser, Retro_unlimited and nephew like this.
abeorch
in reply to MentalEdge • • •MentalEdge likes this.
Devjavu doesn't like this.
HelloRoot
in reply to MentalEdge • • •lol no. I used this one for a month and no.
It works but it has the most convoluted GUI possible. No backup system at all iirc. And running arbitrary containers was a nightmare that is not even integrated with the GUI.
I settled on dokploy.com/
like this
jaybone, standarduser, Blue_Morpho, Hominine and k_rol like this.
don't like this
k_rol and MentalEdge don't like this.
abeorch
in reply to HelloRoot • • •HelloRoot likes this.
Blue_Morpho
in reply to HelloRoot • • •MentalEdge likes this.
HelloRoot doesn't like this.
HelloRoot
in reply to Blue_Morpho • • •Dokploy has a web ui with a list of services where you click install and it installs them for you. You can set it up to do the exact same job as OMV but also way less or way more, depending on what you want and need. (by just clicking install on the existing templates, or by entering a custom docker compose if you want to run a nieche service)
So I'd argue dokploy is a perfect substitution (or more like superset) for OMV, but OMV could never substitude dokploy.
abeorch likes this.
Blue_Morpho
in reply to HelloRoot • • •MentalEdge
in reply to HelloRoot • • •I don't use docker via a GUI. And I don't run docker at all on the NAS running OMV.
My backup solution is Kopia. Two servers, each running an instance that backs up local storage to the other.
OP isn't talking about a full homelab. If all you need is a home VPN and some network storage via SMB, OMV is fine.
For my homelab, OMV would be clunky af. For the NAS at my dad's end, it's ideal.
HelloRoot
in reply to MentalEdge • • •OP is talking about solutions that include certain features out of the box in an easy to use package.
Rolling out a conglomorate of those features that you've manually set up and ducktaped together by hand is irrelevant. That approach was already possible for many decades.
MentalEdge doesn't like this.
MentalEdge
in reply to HelloRoot • • •I didn't tho.
You're confusing my homelab with my dads OMV NAS that is running kopia as its only non-standard service because I wanted to use it as my off-site target.
I wasn't presenting OMV as the solution to all of OPs examples, I literally just commented to point out "hey this is kinda like hexos but foss".
To which you responded "lol no, there is no comparison". Which is both untrue, and a rude way to go about saying anything.
HelloRoot likes this.
HelloRoot doesn't like this.
abeorch
in reply to MentalEdge • • •abeorch
in reply to abeorch • • •abeorch
in reply to HelloRoot • • •HelloRoot likes this.
lemmefixdat4u
in reply to abeorch • • •Onomatopoeia likes this.
abeorch
in reply to lemmefixdat4u • • •foremanguy
in reply to abeorch • • •abeorch
in reply to foremanguy • • •Yes. @Co-op Cloud (who I think are more focused on the more technical end of managing multiple servers) have a comparision that includes some other alternatives on the templated #homeserver- docs.coopcloud.tech/intro/comp…
I've also seen that people are building solutions that are a mix of #Proxmox, #Openwrt and some of the solutions above to bring things together on a single server - But that's definately a level of complexity that is beyond almost everyone at the moment (but is perhaps moving the concept in the right direction.
foremanguy likes this.
tburkhol
in reply to abeorch • • •My problem with chains of trust is the Kevin Bacon problem. Sure, I trust my friends, but some of their friends can be a little sketchy. Plus, they don't have any direct social contact with me, nor any personal consequences for betrayal. And nevermind the sketchy friends of the sketchy friends.
Federation has its uses, but trust is not one of them.
like this
bluGill and Retro_unlimited like this.
abeorch
in reply to tburkhol • • •Onomatopoeia likes this.
tburkhol
in reply to abeorch • • •Onomatopoeia likes this.
trd
in reply to abeorch • • •abeorch
in reply to trd • • •mspencer712
in reply to abeorch • • •This is my dream as well, but for security I feel like you need multiple independent systems. I’m doing mine with power-hungry recycled 2012-vintage server hardware (Xeon E5-1620s and 2620s and Opteron 6276s, bought for $100 each several years ago, plus a few hundred more to their maximum amounts of DDR3 ECC) but this hypothetical box could easily have raspberry pis or something similar. Public services can become compromised and you’ll only want certain hardware to be trusted to do certain things.
My plan is a terrible one and I’m taking way too long to do it. I really want someone else to build this better and faster, but if my crappy plan ends up being the first usable version of this, that will suck but at least it’s available.
I had a dumb personal domain from June of 2000, tried to make it a public internet site, offered services to people on IRC for internet social points, but after a few years it got ahead of me and I let it die. (I’ve been paying for the same business internet ever since, though, and I still have the same static IPs as from back then.) Time passed, got married, got a computer science degree and a development job with a billion dollar SAAS company.
I can see how they do big public internet hosting. I want everyone to be able to do this, too. Been trying to build the same kinds of architecture with open source tools at home. Struggling, I keep over designing it and getting stuck and frustrated. It takes me a month to do what a competent ops person from work does in a couple days.
OnceI have this working for me, I can share it, because it’s my own work product. It’ll be a guide, a recipe to follow, for creating the kind of secure and isolated web application and general VM hosting environment I see us use at work. This stuff is the difference between “I’m hosting one thing and if it gets hacked, everything is owned” and “I’m hosting a hundred things, all different, and if one gets hacked that will suck - but the other 99 things will stay safe.”
Biggest problem I think with creating this with open-source is just picking a direction for everything and getting the internet to not pitch a fit. “Why did you use postfix?” “I hate Greenbone / GSA and refuse to use it.” “Hardware is expensive, you say I need a jump box for this AND for this, and dedicated hardware for a firewall here AND here? Each of those could clearly be a VM. Your project wastes hardware and I’m not doing it this way.”
Sure, once this is done these decisions are pretty much baked in and I won’t have the energy to redo them yet again. But getting the architecture perfectly designed for your exact scenario … that takes a ton of work. Big companies pay a ton of money in just payroll hours to build this kind of thing bespoke for their needs. I’ll be giving away my version, and I’m afraid the internet won’t care.
But I think we need to keep this ability alive, that private citizens can set up their own DIY hosting that can stand up to hostile internet actors decently well. They can pay (I’ll grant) exploitative rates for business internet connections so they can have static IPs at home as well. If we all stop, we all just decide all hosting should be done by big cloud service companies or big enterprises, we lose a crucial bit of internet freedom. Someone needs to say “yeah this is kinda dumb but I’m doing it anyway.”
And if they could do it with a box you just plug in, instead of my (likely) month-long two hundred step recipe, and still have it stand up to attacks and “Internet background radiation” and stuff, that would be epic. I kind of don’t want my thing to be the way that self-hosting-public-web-services is done.
like this
Blue_Morpho and SorryImLate like this.
abeorch
in reply to mspencer712 • • •On your point regarding a single device - I don't think that separate hardware necessarily provides security - Though I take your point - perhaps it could be about a compatible - modular architecture - a home server, a router, a home automation hub - that are linked together easily and well.
Agree on the issue with Open source be of the "let a thousand flowers bloom" ( i just saw someone post they have a new "templated based home server" lemmy.world/post/38362941 ) - but I think thats a strength - people try stuff out - things are more loosely coupled and rely on open standards - perhaps that's a whole philispophical discussion but I think open source and open standards would attract hardware vendors - (I'm seeing plently more Openwrt based routers on chinese marketplaces than I used to - they just don't want the overhead of having to provide their own fully featured software.
I also get the - at the moment doing it yourself requires knitting together alot of stuff - that's my point - the components are all there - its more about bringing them together and smoothing the surfaces - something that I think #Homeassistant seem to be quite good at - Perhaps what is required is that kind of organisation - where there is the prospect of picking up some funding and selling some hardware that comes with all the branding.
Onomatopoeia
in reply to abeorch • • •Separate devices provide reliability and supportability.
If your all-in-one device has issues, you can't remote in to maintain it.
Take a look at what enterprises do: redundant external interfaces, redundant services internally. You don't necessarily need all this, but it's worth considering "how do I ensure uptime and enable supportability and reliability? ".
Also, we always ask "what happens if the lone SME (Subject Matter Expert) is hit by a bus?" (You are that Lone SME).
abeorch
in reply to Onomatopoeia • • •Onomatopoeia
in reply to abeorch • • •Exactly, keeping components separated, especially the router.
Hardware routers "cost money because they save money" (Sorry, couldn't resist that movie quote). A purpose-built router will just run and run. I have 20 year old consumer routers that still "just work". Granted, they don't have much in the way of capability, but they do provide a stable gateway.
I then use two separate mesh network tools, on multiple systems. The likelihood of both of those failing simultaneously is low. But I still have a single failure point in the router, which I accept - I've only had a couple outright fail over 25 years, so I figure it's a low risk.
mspencer712
in reply to Onomatopoeia • • •mspencer712
in reply to abeorch • • •To add to Onomatopoeia’s excellent post, separate devices also limit the blast radius of any compromise. Attackers pivot when they compromise a system. They use one system to talk to others and attack them from inside your network. So you don’t want everything on the same OS kernel.
Unfortunately I don’t feel like I’m qualified to say what works well yet, not until I have the pieces of my site put together and working, and vetted by whatever security professionals I can get to look at it and tell me what I did wrong.
But right now I think that looks like every service VM on its own VLAN on a /30 net, and ideally the service VM and firewall/router VM serving it on different physical hardware joined by a managed switch. That managed switch shouldn’t let either VM host touch its management VLAN, and (I think, I don’t do this yet) should send monitor traffic to yet another physical host for analysis.
(“I can see why you’re not done yet” - yeah I know.)
abeorch
in reply to mspencer712 • • •zuckey78
in reply to abeorch • • •I feel this in my bones. I was an English major in college. Now I’m in my late 40s and want to create my ow server so that I can OWN the things I used to own: baby pictures and family photos, movies that I bought, music that I bought. I want to send letters to friends without Amazon, JC Penny and Google knowing what I put in my letter.
I’m starting on my home networking journey. I have a beeline on the way to build my own router…pfSense, OpenSense, OpenWRT…still chewing on that but I’m going to do it.
Fuck it. My dad used to work on his car, I think this is my generation’s equivalent.
like this
SupremeDonut, ALoafOfBread, abeorch, DeadPixel, curbstickle, foggenbooty, artifex, Onomatopoeia, theorangeninja, skulblaka, ralakus, SorryImLate, irmadlad, pinchy, pemptago, Sunsofold, lemonuri, SmokingCookie and vividspecter like this.
abeorch
in reply to zuckey78 • • •like this
skulblaka and captainlezbian like this.
captainlezbian
in reply to abeorch • • •abeorch
in reply to zuckey78 • • •irmadlad
in reply to zuckey78 • • •I've got a '75 Ford pickup with 3 on the tree. I can work on that. Hell, I can pop the bonnet and sit on the fender and dangle my legs in the engine compartment. Once the automobile industry moved away from that type of design and started incorporating computer blocks, chips, et al, that you needed a metric and imperial tool set replete with a plethora of specialized tools just to work on them, that was outside my field of expertise. My Ford F450? Nope. I can't even wedge my hamfists in a few inches. The whole engine compartment is slap full.
DO IT!
like this
pemptago and SaneMartigan like this.
abeorch
in reply to abeorch • • •CompactFlax
in reply to abeorch • • •like this
Onomatopoeia, Rentlar, Retro_unlimited, RedMari, ArchEngel, Turious, KingOfSleep, Issytia, ralakus, AllHailTheSheep, hydroxycotton, yaroto98, kernel_panic, frongt, Reaper948, NutinButNet, sugar_in_your_tea, DaGeek247, AtariDump, pemptago, corsicanguppy, 486, SpacePirate, Landless2029 and AmbidextrousWrench like this.
abeorch
in reply to CompactFlax • • •AtariDump likes this.
Irdial
in reply to abeorch • • •I share this pipe dream. Increased awareness of and access to self-hosted services encourages decentralization, reduces our reliance on massive data centers, and empowers the public to own their data. For the hobbyist, I think this is already in reach.
However, in order for such a system to succeed in the wider market, it needs to also be cheap and convenient. Even a Raspberry Pi goes for around $80 these days, and storage is becoming more expensive by the day thanks to AI companies. iCloud storage is only 99 cents a month. If, for example, ISPs were to bundle this software and storage with their modem hardware, it could happen. Hell, they could even charge a small fee to provide you with a publicly accesible domain.
like this
Turious, entropicdrift, Issytia, captainlezbian and THB like this.
abeorch
in reply to Irdial • • •entropicdrift
in reply to Irdial • • •I suspect you could get the price on something like this down to maybe $100-$150. Basically a small low-power Intel box with an SSD and at least 8G of RAM could handle all of these services.
The hard part would be pre-configuring each of them and building/adapting software to make this kind of stuff easy for end users.
like this
Issytia and irmadlad like this.
irmadlad
in reply to entropicdrift • • •JPAKx4
in reply to abeorch • • •irmadlad
in reply to abeorch • • •If I were a younger man, I've always wanted to produce a 'server in a box'. Something small, powerful, capable, came with a plethora of click to deploy apps, in an environment that would be conducive with the average homeowner's computer savvy or lack there of. I've seen a lot of mini-racks made with Lenovo ThinkCenters that really look good, could fit on a shelf in a closet and serve the household with privacy respecting software.
But I'm far from being a younger man, so one of you guys take the lead and make a million $$.
abeorch
in reply to irmadlad • • •eleijeep
in reply to abeorch • • •FreedomBox - Personal Server at Home
FreedomBoxlike this
captainlezbian, GameGod, Arondeus, sigezayaq, Landless2029 and Handles like this.
abeorch
in reply to eleijeep • • •eleijeep likes this.