I’m using nextcloud+onlyoffice as office 365 replacement so this is simply excellent news! Glad i can get rid of onlyoffice the company.

Matter over thread works well too and is propably the most future proof option. The new ikea stuff is really cheap and mostly thread only. :) smlight slzb ultima3 hub will do both zigbee and thread simultaniously.

I’ll add pangolin to the list of things to think about trying. It was relatively easy to set up and it can run locally or on a vps. If it’s on a vps you dont need a constant IP or ddns because your hone server will connect to pangolin on the vps and the vps will serve the apps. youll point the dns records to your vps.

It’s what i use for my extended family to reach my immich instance. No complaints yet whatsoever. It’s traefik+crowdsec+wireguard under the hood but all abstracted into a maintained, easy to use GUI. Youll have granular control over which users can use which services/subdomains and geoblocking etc is effortless.

I put a centralised authentication layer (pocket id) on top of it for easier enrollment across various apps im running but for homeassistant only the built in 2FA should be enough.

One could simply infer the location history from the logs though.

Would like Davids stars juxtaposed with the swatchtikas but that could get you in some trouble.

Yea in get that, i was talking in terms of total costs.

E: actually looked it up, most likely the whole thing wouldve been max 10000euros to the taxpayer around here (Finland). Workup+surgery+hospital stay.

Congrats! Sounds like an excellent prognonsis!

Also, Jesus fucking christ a 100000 dollars for a workup+surgery? A similar case is propably no more than 10-15k€ in northern europe (paid by the taxpayer of course).

This is what i did but on the router. I have openwrt on the router. You can install an extension called PBR (policy based routing) on it.

Then you set up one wireguard interface that’s in the same firewall zone as your LAN to your lan and another that’s in the WAN. You can create policies to route any outbound connections (including the ones from your mobile client devices) through the commercial WAN wireguard connection.

In addition for family members access i set up a pangolin instance (kind of like tailscale but selfhosted) on a Hezner VPS and a very simple oauth provider (pocket id) for authentication. Ive got a bunch of users and nobody had any problems with the signup process after i sent them the invite link.

That way i can always be directly in my lan but other users can access without accessing my lan at all.

Surgeon.

Seeing tech ceo’s at the trump inauguration got me sick in the stomach. I unsubscribed from everything out of spite and nausea and learned to selfhost over the course of what is almost a year now. At first it took up all my spare time and made my wife crazy. Now it’s been several weeks since i last had to sudo anything.

It also opened my eyes to how stupid everything IT related in my country is. My municipality for example bought for what has now become a billion fucking euros a digital health record system from Epic. It’s the shittiest piece of software ive ever used, fully closed source and there’s ongoing customization costs trying to get it to work. We’re also a 100% onboard with office360 (copilot and all).