Maybe not a service in the typical sense, but setting up your router+server to route your home network traffic through a VPN is a fun project.

My router (MikroTik) supports WireGuard, so I can use it with Mullvad for the whole house—but wg is demanding and it’s a slow router, so while it can NAT at ~1Gbps, it can’t do WireGuard at more than ~90Mbps. So, I set up WireGuard/Mullvad on a little SBC with a fast processor, and have my router use that instead. Using policy based routing and/or mangling, I can have different VLANs/subnets/individual hosts selectively routed through the VPN.

It’s a fun exercise, not sure I implemented it in a smart way, but it works :)

It doesn’t change your point, but he was impeached for perjury and obstruction of justice, not for a sex act.

I know right? What a poser!

/s

A professional degree is historically different from an academic degree though. Math, chemistry, physics, biology, computer science—these typically produce (well compensated!) professionals, but they are not professional schools.

I am professional; I get paid to do the kinds of things that I did in grad school. But afaik no one would say I hold a professional degree.

All of this is besides the point of course—our student loan system shouldn’t disqualify people based on these sorts of semantics.

I was interpreting the quoted text as encompassing all engineering fields, e.g., EE, mechanical, computer, etc.

If that’s not the case and this is for specific professional engineering degrees then yep, I certainly agree with you.

I was interpreting the quoted text as encompassing all engineering fields, e.g., EE, mechanical, computer, etc.

If that’s not the case and this is for specific professional engineering degrees then yep, I certainly agree with you.

This is actually the one that I would agree with (edit: see below), if the difference is “professional” vs. “academic.” I certainly wouldn’t call a natural science degree professional, and if you’re in a research institution studying some form of engineering I’d probably put you in the same category. Just my experience/opinion though (and the rest of the exclusions are super stupid, I agree).

Edit: from the replies, this is referring to Professional Engineering; in my corner of the world, “Engineer” is an overloaded term that generally means electrical, mechanical, software, and sometimes computer engineer. My comment was referring to these engineers, who are rarely licensed and study alongside scientists in school. I completely agree with parent in the context of “professional engineering” (I mean…it’s right there in the name…).

If you search around you might find free ones. Oracle has/had a free tier (though it’s Oracle, so…).

Yes, but you can run multiple VPS, from different providers, simultaneously.

What I like is that while it does depend on an external provider, it doesn’t depend on a specific external provider. Any VPS with a public IPv4 would work.

VPS+VPN, this is what I do.

VPS has public IP and runs WireGuard “server”* and a reverse proxy (and fail2ban…). Reverse proxy points to my home computer over the WireGuard link. No open ports on my home router.

For private facing/LAN-only services I just don’t have an entry in the VPS reverse proxy. DNS on the router points everything to my local server, so if at home I access everything directly. To access internal services remotely requires VPN (i.e., WireGuard to the VPS).

Works well; I have a tiny free tier VPS but even so, no complaints.

*Yes I know there are no wg clients or servers, only peers, but it plays a server-likr role.

When the son of the deposed King of Nigeria emails you directly asking for help, you help. His father ran the freaking country, okay?

I used Photoprism years ago, so my knowledge is probably pretty outdated.

My experience of Photoprism was that mobile was not tightly integrated. At the time I used Syncthing to sync photos — it worked ok for me, but I wasn’t going to set it up on my partner’s phone, for example.

Immich Just Works on both mobile and desktop. Multi user is great, sharing is great, and the local ML and face detection work remarkably well.

Whatever works for you is the best of course! Immich fits the bill for me, and it was very much worth it for me to “buy” it.

Regarding DNS servers, what router do you have? Some routers have simple enough DNS capabilities — I have a MikroTik, and have it set up with DNS entries for internal services (including wildcard). Publicly accessible services just use my registrar’s DNS (namecheap — no complaints).

Oracle Free tier, amd64. Only use it because it’s free—limited bandwidth, but given I have slow upload at home it’s never really been a bottleneck. Hate to admit it given it’s Oracle, but I’ve been completely happy with it.

If I switch to a paid VPS I will probably go with racknerd (suggestions welcome though if you have thoughts).

Especially after adding in all the power draw of the automation requires…

What exactly is the incremental power draw for automation? My network gear and server (a little nuc) are sunk power costs as I self host other services.

Idling, my home uses around 100W with the fridge off. One 10W light is an additional 10% of my power budget, and I have a lot more than one light in my house. I also pay about $0.40/kWh.

I can be a bit neurotic about turning off lights when I leave a room, so Home Assistant was a nice way to free up brain space for me. A few motion sensors here and there + some simple automations, and the lights mostly handle themselves. Zigbee sensors and Zigbee or Matter-over-WiFi bulbs, so everything is local. A free VPS+WireGuard setup means I can access them remotely should I need to, with TailScale as a backup.

Cloud failures mean I can’t access remotely, but local control is unaffected—if my smart devices stop working it’s almost certainly my fault :)

San Francisco is north of 40¢/kWh.

I know right? Almost like it should be called Spaceballs II: The Search for More Money.

On low end CPUs you can max out the CPU before maxing out network—if you want to get fancy, you can use rsync over an unencrypted remote shell like rsh, but I would only do this if the computers were directly connected to each other by one Ethernet cable.

If you’re running it via docker compose it’s trivial to upgrade, and there are no breaking changes. Pull, down, up, you’re done.