My current strategy might be a bit over the top,but it works.

I have two main entities that contain data worth backing up - the NAS and to a much smaller extend my Proxmox cluster (which is partly within my house,partly at Hetzner).

User PCs do not have any User data saved, they all work with network drives mapped to the NAS, only irrelevant amounts of data are stored on them that gets backed up via Free File Sync. For the Notebooks I use the same concept as we are using a WG VPN 99,9% of the time anyway,but some important folders get also synched via Free File Sync for offline use if no mobile connection is available.

For proper backups I have basically three classes of data that I maintain: Prio 1: The real real important stuff. Photos of once in a lifetime events, important documents, etc. Prio 2: The stuff you still don’t want to loose. All other photos, the scanned documents, home folders, VMs/LXX backups, configurations, etc. Prio3: Everything else,mostly data that could be downloaded again. Easily. Movies, etc.

Prio3 data is currently only living in the NAS and does get backed up once in a while on a external hard drive. It’s mainly backed up as I am lazy and in case the NAS craps out I don’t want to reload all the stuff…that would take months.

Prio2 data gets backed up fully: For the NAS data: It gets backed up to B2 with versioning according to my needs (usually 3d,2w,3m,1y,but that depends highly on the source). Additionally full external hard drive backups every few weeks. (I would kill to get my hands on a proper tape drive again,I had one back in the day,but it was used and old and died) Some data is also stored on Synology C2 atm,but I will replace that soon with another cloud provider, likely Hetzner.

For Proxmox: Basically the same, but I use TUXIS instead of B2 and Hetzner instead of Synology C2. Additionally I have a old PC with Proxmox backup server which turns on once a week and safes the whole cluster before turning off again. In the future this PC is planned to replace the External hard disk’s,but currently hard drive prices are insane.

For the P1 data: Same as above,but it’s definitely staying on a second cloud provider. Additionally I also create archive blue ray disk’s every few month. (Usually every 4). These go into the safe deposit box at my bank and additionally to a second storage location.

And of course I have detailed instructions about this in my will so even if both my wife and I die my kid can figure it out.

Wow, he was “unlucky” to be ahead of his time.

Nowadays there is a good chance he would have gotten away with some legal trick or be pardoned and made the secretary of justice or FBI boss.

Just adding a few thoughts:

• If you already use Omada for APs it might be worth it to use their switches as well. Makes networking fairly easy. MKs are nice (I use them together with Omada myself),but basically everything you would need can be achieved with the Omada Switches as well. Only for the actual Gateway/Firewall I would rather go with OPNsense or, in a pinch, MK, with the later being inferior to OPNsense.

• Multiroom Audio I would very much recommend Amplipi, but I also might add that central audio with reasonably high quality is not as easy as it sounds electrically - I have seen more than a few installations that failed due to induction from other sources, timing issues,etc. It is sadly harder than one would think. It gets much much much harder for TV/motion picture relevant things as things are even more timing sensitive then.

• have a look at KNX for all smart home related things. It’s the gold standard.

Omada APs, various versions. Really happy with them, their WiFi is great and unlike Ubiquity they also work without the controller as independent devices.

And sadly Omada is years behind in their gateway/Firewall. OPNsense is far better in that regard, going back to a Omada gateway is like going back to a tricycle when you drive a car. Sadly.

First of all: Get the Instance it’s own VPS - Lemmy instances are very very fluid with their resources requirements and you don’t want the instance to bog down other services you use. Use another cheap VPS instance for your other services and link them up within Hetzner if needed.

This is even more the case if you host a public instance. I would even consider using separate accounts (even though Hetzner does officially not allow that) for that. Because if one of your users does something Hetzner finds ban worthy they will,under ideal circumstances, at least stop your VPS/quarantine it. (Been there) If you are really unlucky (CSAM material posted or federated in your instance) you will get your whole account banned. Which means all your other services are gone,too. (happened to someone I know)

Don’t get me wrong,Hetzner is great, I love them. But be aware of these points. They are very proactive when it comes to these points.

Beside that: Use Docker.

As a paramedic I feel deeply offended that we are not on that list but nurses are. Travel agents,okay. But nurses? The insult!

Everything about this comment is wrong. Sincerely, Your next door former DPO

It sounds strange maybe,but I found Zabbix way easier for these scenarios. For more advanced deployments it is different,but for what you describe it is really easy

They set up a business. They do business. They should ask someone to do this whose business it is. Not you. They are taking advantage of you.

You will certainly and 100% ruin your friendship with them.

• Keeping a server secure is an ordeal for a professional - especially when it comes to using it as a business server.

• Doing E-Mail yourself, especially in a professional capacity, is a god damn nightmare and even most professionals refuse to do it and rather pay someone who handle it. For a reason.

• The usecase you mentioned does not require a server. It can easily be done via a web hosting provider. Unless there is something shaddy going on and you/they are afraid of storing that stuff with a provider. But for what you mention here you need a simple web hosting provider for 5 bucks a month.

• Actually doing that yourself is far more complicated than you imagine here. It’s not just the server. How do you get a connection with a static IPv4 to host your services? Actually preferably multiple static IPs? Are you considering a CloudFlare tunnel? How do you plan redundancy if that connection craps out? Or the server kicks the bucket. Or power goes out? This alone costs FAR more than the money you pay for a cheap webhoster or even a VPS. (Which you don’t need,imho)

For the love of god or whoever: Don’t do that. You will be liable/responsible to them (at least from their point of view) if their IP is on Googlemails blacklist and now “that one important client mail did not arrive in time”. Or if the cheap residential DSL craps out and their very important site is just having the sale of their life?

I am absolutely for self-hosting things, don’t get me wrong. I selfhost basically everything (but no mail…that is a shitshow), mostly on FOSS. But don’t start with someone else’s business if you start doing this. Selfhost a few easy things. Get a Mini PC and proxmox, selfhost within your home network, then expand slowly.

OPNsense on any small scale dual LAN box, either a used mini PC or a purpose made one.

Agalmatophilia

It’s the paraphilia of being sexually attracted to statues. Like stone marble statues.

I am self employed and actually do that whenever possible (which is a rare occurrence these days,but I managed to do it for six month once). It sounds counterintuitive to do so, but it’s actually a fairly nice concept. You work for two days, which is not that long and offers you enough chance to really work “all in”. Then you sleep in in Wednesday and do most of the weekly chores - all that shit you would normally do half of your Saturday. And then you do another two days, already approaching a full weekend - which is far less likely to be interrupted by these lousy chores you normally need to do. And if some things remain,you are not having four but two work days in your bones - which makes them easier and usually faster to put behind you.

LG is currently even worse than Android - it autoinstalls (gambling!) Apps(yes,we made sure there was no hack/malware), tries really hard to get into the network, etc. But I might be biased as I am very unhappy with their support as well - their display showed a faulty line exactly 10d after the guarantee/warranty ran out, they quoted more than the current retail value for the repair and 80% of the original retail value. For a problem that is very likely not even the display itself but a faulty cable. Fuck them.

Personally, if a Pi is out of the scope (which I totally understand) I would go with a Android box and any TV you like displaywise- while Android is as bad privacy wise as any other TV OS nowadays, it is usually far easier to lock it down at least partially so at least the worst problems can be avoided/most of them can be rooted or get linage OS installed. Just make sure the box you use can do that.

Because in the end it’s also an usability problem - your parents will call you if Netflix, Disney+ or something like that refuses to play because they now require widevine in a newer version than LibreELEC offers,etc. If you want to support that, go for a Pi. If you don’t, find a middle ground.

Not a construction worker but I work with disaster relief and humanitarian aid organisations.

It is not possible if you care for either the inhabitants or your own folks

If you don’t it is, plainly said, fairly easy. It happens in basically every conflict.

Just talked to a friend about it - he is head of a nursing home group in Central Europe.

He had multiple cases when they had relatives trying to do that. Funnily enough the main reason cited by the relatives was to stop other relatives from “doing something funny about the will” .

They actually have a policy when they place a hidden camera in cases of alleged property theft - but this is done in conjunction with the client, their relatives (if not the target), sometimes the court and done by a professional company in a way that the actual patient is not part of the picture/not compromised. (And it’s paid for by the facility - they don’t want a rotten apple as well)

It is not their home. Period.

In your home you can also install a cooktop/hot plate, light a candle, paint the walls any colour you like. All of which you are not allowed to do in a nursing home.

And it is not the patient who wants the camera, it’s a relative. And even in your home a hidden camera that monitors a family members toilet/bathroom would be very much illegal in most jurisdictions,even more so if the family members may be unable to decide on that matter competently.

Additionally it is a workplace. For professionals. Tbh: In almost all industrial nations it’s far easier to find another client than find another carer. And due to all the causes I already mentioned in this topic almost all carers will be very uncomfortable with this situation - because,well they care about their clients a lot. And that also includes the dignity of their patients.

It is simply an issue of humanity as well - nursing care is an immensely private issue for most people.

Not many adults would want to be filmed when he/she is getting their diapers changed after they soiled themselves accidentally. If you ask most older folks they don’t even want their kids/relatives to be doing that out of shame. Most wouldn’t want their kids/relatives to even be present. (Note: This is highly dependent on the culture, though, I can only speak for Western&Arab clients here)

Now imagine being the patient and not even knowing whether someone is watching. Besides - we often don’t know enough about the actual relationship between the kids and the client. I’ve seen old folks agree to a lot of shit simply because of pressure (“I won’t come and visit you anymore if you don’t sign this”), extortion (“I only bring the grandkids of you wire me amount XY”) or downright abuse.

The later is also an issue: There are perverts all around the net. I know of at least one instance when a hidden camera (in that case placed by nurse) was used to stream nursing situation to a fetish site on the net. Thankfully by sheer luck the whole operation failed spectacularly before any harm was done.

(The nurse placed the cam while the patient was away to dialysis. The patient collapsed there and sadly passed away in hospital. The nurse was unable to retrieve the camera due to being quarantined due to COVID. A relative who was either in IT sec or a LEO-i can’t remember -of the patient removed the belongings and found the camera. Nurse caught themselves on cam when installing the cam and was charged, sentenced to two years on probation, a high fine and banned from ever working in a care job again. The only reason why no actual prison sentence was handed out was the confession which helped in a larger case.)

It does heavily impede the privacy of the client - it is massively intrusive as nursing care can be a very private matter for the patient, it does infringe on the privacy rights of the staff and opens up a whole lot of legal issues.

Yeah. It would be a crime in my jurisdiction anyway, but nevertheless basically every nursing home administration I worked with (and I have nursing homes in 7 countries as clients) would instantly react massively to a relative doing this.

We would advise them to ban the relative from entering the premises and then discuss if the contract should be cancelled. That very much depends on the individual circumstances - if it is a distant relative who is simply intrusive it’s a different story to a situation when the offender is the main contact for the client, also the expected remaining contract time (in other words how long a patient is expected to live) should be considered.In special circumstances (dying patient) supervised visits of said relative may be considered.