thekrautboy

joined 1 year ago
[–] thekrautboy@alien.top 2 points 11 months ago

As i already replied to you in another comment... that is the definition of selfhosting of this subreddit, which you are now participating in.

And no, i dont trust anyone. I dont trust my ISP. I dont trust Intel or AMD. I dont even own a computer. And my house is powered by a diesel generator only 2 hours per day, while its covered completely in aluminium foil. I am writing these reddit comments on post-it notes and every few minutes i send one of my kids on their bicycle to drive to a random neighbour and they post them for me.

But youre not getting any more post-its from me, dont worry.

[–] thekrautboy@alien.top 2 points 11 months ago (2 children)

Even Cloudflare decides to inspect my traffic (and seriously why would they care about a tiny hobbyist website)

The good old "eh what do i care i dont have anything to hide" approach to security and privacy. Excellent!

"If you have nothing to hide then you dont have to worry!"

I wont respond further in this thread because i already know how these discussions go.

Like I get they are a terrible company in a lot of ways, but name a tech company that isn’t?

Why would anyone argue that other companies are saints? Are you aware you are in /r/selfhosting here? The whole point is to regain control of your own data, be in charge of who stores what, where and how.

[–] thekrautboy@alien.top 1 points 11 months ago (1 children)

Nothing at all.

I selfhost ntfy and services that only support email for notifications send them to ntfy smtp, then ntfy turns them into a push notification.

[–] thekrautboy@alien.top 1 points 11 months ago

NOW MAKE ALLCAPS POSTS ON REDDIT AND PROFIT

[–] thekrautboy@alien.top 2 points 11 months ago

You are probably transcoding video sometimes. Use the Jellyfin forums.

[–] thekrautboy@alien.top 1 points 11 months ago

If you cannot forward a port in your router, then you need to run a tunnel to the outside. Look at VPNs, like Tailscale/Headscale, plain Wireguard and Cloudflare tunnels etc.

[–] thekrautboy@alien.top 2 points 11 months ago

I am having a heck of a time editing my Dashy yaml file. There is a json text editor, I truly can’t wrap my head around the syntax it’s absurd. Sorry if you like json.

Huh what? YAML or JSON? They are not the same.

I can’t ssh because I don’t know the logins and was never prompted to set any.

You cant ssh into your own host? What? Why are you trying to "ssh into Dashy"?!

Even if I could, the guides are all set for docker and I really don’t know where I would go other than blindly listing directories until I stumbled on it.

And the problem with that is...? Youre not even mentioning how you have installed Dashy. Is it in a LXC? In a VM? If you run it in either, then YOU will have the login details. How should Dashy provide those to you?!

Nothing here makes much sense, and top of all, this here is neither /r/DashySupport or /r/YAMLJSONSupport etc.

Maybe ask Dashy for Dashy support? -> https://github.com/Lissy93/dashy/discussions

[–] thekrautboy@alien.top 1 points 11 months ago

Ask /r/HomeNetworking

Maybe something like OpenWRT or Mikrotiks RouterOS can run on it.

[–] thekrautboy@alien.top 0 points 11 months ago

/r/Docker but you should really just take a look at the documentation.

[–] thekrautboy@alien.top 0 points 11 months ago
[–] thekrautboy@alien.top 2 points 11 months ago

"Enter your email address to join waiting list"... no thanks.

Selfhosting? Opensource? No infos.

 

I was surprised to not see any post about this here yet, so here it is i guess.

Netgate (the company who runs pfSense) has just announced serious changes to their "free" so called "Home+Lab" license of pfSense.

Here is the link to their offical blog post.

Background:

Netgate have offered a free and opensource version of pfSense, called the CE (Community Edition). They also offered a version called "pfSense Plus" which was paid and offered a few more features but also support from Netgate, which is of course perfectly fine and very common (look at Proxmox for example).

A while ago (1,5 years) they introduced "Home+Lab" as a product and license version in order for casual users and "homelabbers" to dip a toe into their commercial offerings which has more features than the CE. Basically like "here you can use your enterprise version for free, but its a bit limited of course". The obvious goal there is to motivate users to switch from the free CE to a paid version, again nothing wrong with that. Portainer for example does this too.

Because of this, users switched from the "always" free CE version to the "Home+Lab" version, upgrading their installations and enjoying a few more features. According to Netgate, thousands of users have installed it. Great!

Now

But just now Netgate have announced major changes to this, out of the blue, without any prior notice. The free "Home+Lab" version is no longer available for download, its just gone.

As a reason they cite that thirdparty sellers (on Aliexpress etc. i imagine) were downloading the "better" version of pfSense, aka the "Home+Lab" version, and installing it on their hardware appliances and then selling them. Without Netgate seeing any revenue from this.

Please see their blogpost for all the details. But one crucial point is that anyone who is currently running their "Home+Lab" version, can keep running it (yay!) but they also say that future upgrades and bugfixes may require a subscription. So basically, users installed a free "better" version, which now doesnt exist anymore, and to continue using it with updates, they "might" need to pay a subscription fee. Something as crucial like a firewall appliance should be kept up to date for security, so just ignoring that is not really a option. And Netgate also state that if you have to reinstall your current "Home+Lab" version, they cannot provide that for free to you. And those subscriptions apparently come at a very high price. Are you willing to pay $400/year for your firewall software when youre only using it privately in your small homelab?

Paying for software, or any product, is not a bad thing. And companies need to make money, they need to pay employees. This should be obvious. There is no problem with that in itself. But the way this was done, telling their userbase for quite a while to try out this free version of the premium product, and then pulling the rug away underneath the feet, is just plain wrong and fucked up.

"Okay whatever, then just switch back to the actual free CE version!" Great idea, but apparently thats not so super easy.

Lawrence Systems have already made a excellent video summing up all these changes. I would recommend watching it to get the full picture, i can and want to only cover a bit here:

They also made a video about switching back from pfSense plus (Home+Lab) to pfSense CE:

Reading recent posts about this on /r/pfSense subreddit, the community seems to be quite angry about this. And it doesnt help that their subreddit is actually run by Netgate employees, so it isnt exactly a independent discussion forum there at all. For example a user tried to get feedback and support for a tool to convert pfSense configs to OPNsense configs, and the moderators removed the post without further comment.

My personal recommendation would be that this is a huge opportunity to finally switch away from pfSense, they have shown once again that they cannot be trusted. Take a look at the most obvious "competitor" /r/OPNsenseFirewall, they started as a fork of pfSense and have developed quite nicely.

And to make it even more clear what kind of people are running Netgate (pfSense), if you havent read it yet, this is the story of when users announced the fork OPNsense, how a employee of Netgate was running opnsense.com which was a mock website entirely made to shit on the OPNsense project and discredit them. I encourage you to look at it and make up your own mind about it. And yes, this employee still works for them today it seems. This alone should be reason enough to never use anything by Netgate, ever, wether its a free CE or paid.

Atleast right now they are still offering the free and opensource CE version. But who knows how long that will last. They might as well kill that option without prior notice in a few months or a year from now. Its better to think about switching before being forced to.

There have also been various other issues with Netgate´s behaviour towards their users over the years, but covering them all here would be too much and offtopic, i would like to focus this post mostly on the very recent issue.

If people get angry about Oracle and seemingly shutting down "free" VPS instances at random, then they should be angry about Netgate pulling shit like this too.

#TL;DR

Stop using pfSense (just any Netgate products), switch to something else.

Its not the only alternative, but /r/OPNsenseFirewall is one major example.

Disclaimer: I am no pfSense expert, very far from it. If i got any of the history or current events wrong in this post, please let me know and i will immediately correct them. For me when the time came to pick a (virtualized) firewall/router appliance, i installed both pfSense and OPNsense in VMs and took a quick look. Even tho pfSense did leave a very "enterprise-ish" impression, it didnt feel right somehow, just odd in some way. Then looking at OPNsense, i felt immediately at home, i cant really narrow down why exactly. It simply felt much more open and friendly from the beginning. And i mean the software, at that point i had no idea what was going on between pfSense and OPNsense. All i knew was that OPNsense originated from pfSense, thats all. I tried both a tiny bit and quickly decided that i like OPNsense more, and thats what i have been using for a long time now and im very happy with it.

None of the existing flair options seem to really fit to this, so forgive me for not having any flair. Mods feel free to overwrite any flair to this.

view more: next ›