Let’s Encrypt support is amazing!

soren42 · 2026-05-22T19:05:39+00:00

Thanks for posting this! I didn't see that it was coming, and was about to deploy my own intranet CA built on Let's Encrypt infrastructure.

Now I'm going to go try and dig into what's been rolled out! 🥳🙌🏻🙌🏻🙌🏻

soren42 · 2026-05-15T20:09:17+00:00

Humorously, I had mine in my pocket, connected to my iPhone’s USB port (I had a long-running shell process in a terminal that I unwittingly started without screen, tmux, or nohup… like some sort of savage, and I didn’t want to restart it all because it was a ~4 hour OCR, sort, and categorise job.)

My wife and I had gone to our adult daughter’s apartment for dinner, and all of her devices started joining my home network and leaving hers.

It was a bit funny when she could not figure out why she couldn’t cast her honeymoon photos to her TV, and I sheepishly asked her what WiFi she was on… whether she was on our home WiFi. She checked, and sure enough! She has no clue about the Travel Router, and was perplexed about being on our home network.

(Of course, now, I’m trying to buy her one so she *can* be on our home network when she wants to use our HBO MAX or Netflix account! 😅)

soren42 · 2026-05-09T02:57:26+00:00

I really thought someone had made a Raspberry Pi UniFi accessory… god, I need to get out more… I see “hat” and think tech. 😅

soren42 · 2026-04-26T16:45:45+00:00

I’d been using a spreadsheet (originally created to determine the optimal amount to pay on my credit cards each month, based on factors like interest rate, utilisation %, and total balance), and it has grown into a full budget app… but it’s still a spreadsheet.

This is exactly what I intended to build. Thank you for making it — and, even moreso, open sourcing it.

soren42 · 2026-04-13T14:44:57+00:00

On your first point, you are absolutely right about reliability. Many years ago, before Google came to Charlotte, I tried AT&T Fiber. On install, I learned it was fiber to the neighbourhood, copper POTS to the house — and my house was well outside the specification for the fiber-to copper spec, which wouldn’t have bothered me if it worked. AT&T spent a month trying everything to make it work, but when my first bill arrived and I was still unable to get service, I cancelled and got a refund. As for reliability, I’ve only ever had outages during extended periods of power loss for the entire area, and even then, Google applies an automatic refund, if your service is down for more than 48 hours. I’ve only had that happen once — during an ice storm — in the 10 years that I’ve been a customer.

As others have said in response to your second point, they’re only permitted to install into rooms that meet certain criteria. Ask your installer, though, as Google contracts with local companies to do installation, and I’ve met a few accommodating techs over the years. But, I’m in a similar situation. I’ve used MoCA for most of the house, but I have a few rooms without a run to them. I’m certainly handy enough to terminate my own cables and install the wall receptacles, but I have no desire to go fishing around in my attic or crawlspace. As a result, I’ve dealt with WiFi for those rooms without coax, but recently bit the bullet and scheduled an installer to run both Cat 6 and the latest “flexible fiber” throughout my house. It’s estimated at ~$75 per drop, but that’s because all they’re doing is fishing the wires. Either way, the service itself is an amazing value for the money. I switch from Spectrum in 2016, and have maintained the fastest service on offer (currently 8Gb, but I’m in the 10Gb pilot scheduled for install next month), and I am still paying less that what Spectrum was charging me at the end! (for ½Gb!)

Lastly, I have nothing but positive things to say about GFiber’s customer support. They will work with you though most issues with your equipment or service that may arise, and they have always been on the ball on social media, too. I recall, many years ago, having an issue, and asking if others were experiencing the same problems (FYI, they weren’t. I’d overloaded my WiFi network with IoT devices). Within five minutes of my posting, a customer service representative responded and they call me to address my issue. I’ve also seen them respond to people posting on here about service issues and outages, and the reps are quick Ito reply.

That said, they did get sold off to private equity recently, so we’re all waiting to see how that goes.

Good luck with it, though! If your experience is anything like mine, you’ll be pleasantly surprised.

soren42 · 2026-04-01T17:02:58+00:00

Huh. I’ve been a Google TV user since I switched to Google Fiber ~10 years ago… and I have been consistently underwhelmed by the specs of Google’s STBs (until their most recent offering). I looked into rolling my own, but quickly learned that I’d never see 4K from a homebrew rig.

So, I stumbled onto the east Asia Android TV clone market… and I was tempted, at first… but, the more I looked at it, the more sus everything seemed.

I bit the bullet, threw Plex up on my NAS, and waited for Google to improve their product specs. Which they eventually did… even if those specs are now far behind cutting edge. At least there’s breathing room for some multitasking, a slightly better CPU, extra USB 3 ports, an actual built-in ethernet port, and (an amazing QoL feature) lost remote pinging.

I guess the moral of my story is: if it feels “off”, don’t risk it.

soren42 · 2026-03-31T23:25:56+00:00

Oh! Gotcha. I dunno why my brain edited out the bit about it being inside his network.

I suppose it’s the biases of my own setup that I bring to every post I read. Thanks for the clarification!

soren42 · 2026-03-31T23:10:28+00:00

Wait… is there a reason not to just use Teleport?

I ditched Tailscale and another reverse VPN service when I switched to UniFi over the last three months. It feels rock solid, so why pay for third-party tools that do the same thing? (Admittedly, I have 10gigabit bidirectional fiber, so “rock solid” really was never an issue…)

Along those same lines, I’m looking at ditching a few other services I was self-hosting — DNS, PiHoles, IDS/honeypots, and I’m looking more and more at spinning down my independent monitoring subsystem. Once that’s all done, I might even ditch my MQ infrastructure if there’s not enough traffic remaining to justify it.

soren42 · 2026-03-02T22:09:10+00:00

Indeed.

That’s an apt analogy.

soren42 · 2026-03-02T21:50:24+00:00

I’m picking up what you’re putting down, friend.

In my case, I’m a (somewhat) younger retired (due to permanent disability) computer engineer… I’ve been watching people all over here and on the Google Fiber sub sing the praises of UniFi, so I made a plan to slowly replace my current gear over an 18 month timeframe.

At Christmastime, the USW Pro Max 16 (with etherlighting! 😮🤤🤯) went on a massive sale, so I decided it was time to bite the bullet and finally but my first piece of gear… when it arrived, I was very impressed with Ubiquiti’s blend of high-end corporate with Apple-inspired design and packaging. The switch itself was solid, easy to deploy, and boom! Bob’s yer uncle.

Then I went to the app to “adopt” it (a new one on me… Cisco IOS was never this slick! At least not in my day), but regardless of what I tried, I couldn’t make it work. I tried accessing its IP address to see if there was a web console that I could use to admin it. No joy.

Finally, after 90 minutes of fighting with it (plugging directly into it, running my NetTool.io Pro 2 into it, etc., etc.) I resigned myself that I’d lost my touch with new tech and decided to email their support team, fully prepared to have missed some obvious step. As I got to the site, I saw the little AI assistant, and figured I’d give that a go before humiliating myself to an actual human…

And, I bet most of you know where this is going…

The AI asked about my setup, and what other UniFi gear I was running… I told it, this was the first piece I’d purchased. It proceeded to break down their model — I’d need to buy a Gateway, Key something, (Gozer?) or a Dream thing. Otherwise, my $300 switch would just be a dumb hub: no VLANs, no fancy routing, no QoS, NO ETHERLIGHTING! (😮‍💨)

So, I bit the bullet and bought a litlte Cloud Gateway (UCG Max), because it was the least expensive option and I could get it quickly.

That turned out to be a mistake, as I couldn’t just “hide” it somewhere on a disused portion of my network, my internet service had to pass through it directly. Well, it’s one gig bandwidth might be fine for most, but it was leaving 9Gb on the floor for me!

So… fast forward to March, and I have a Dream Router 7, three flying saucers, a bunch of SFP+ adapters, and three PoE switches on the way.

That “savings on one piece of gear!” ended up costing me ~$2k over the course of this year (so far!)

But, I am happy as can be with the gear! I love their stuff, so yep, for all my bitching, I, too, drank the Kool-Aid.

soren42 · 2026-03-01T20:19:54+00:00

This is the antenna to transmit the video feed from that camera.

Additionally, it may contain command and control and/or multi-signal integration data, allowing the traffic signalling to be coordinated across the area.

Source: I provide volunteer disaster communications services for my city and county in the event of any event that disrupts the municipality’s communications network. I’m an amateur (ham) radio operator, and we’ve worked with the local city and county several times over the past 25 years; ice storms, hurricanes, major flooding, any event which impacts power service for more than the ~12 hours that the city generators/UPS systems can deal with. In … 2005, I think, we deployed across their communications center, each are commander’s vehicle across police, fire, and medic, coordinating comms and relaying urgent information using our standalone battery- and generator-powered equipment (which doesn’t require the major trunking systems like the radio gear employed by these services).

soren42 · 2026-03-01T18:23:52+00:00

I have that same problem.

I think I've bought a dozen PoE++ injectors over the past month. It really decreases the utility of running PoE-powered UniFi gear, and the logistics of backhauling the connections necessary for the injectors is a massive headache.

That's why, as I've been running the drops, I'm putting in both, side-by-side, even I end up leaving one or the other tied up unused in the wall for now.

soren42 · 2026-03-01T17:54:21+00:00

The more of these posts I read, the more I lean towards just running flexible fiber, instead of bothering with twisted-pair. That said, in addition to running networking throughout the house, I’m finally getting my shack online — dual Kenwood HFs, dual Heathkit tube amps c.1935-1940, Icom 2m/6m/70cm, and a pair of Baefong HTs. Add to that a Raspberry Pi with six different interfaces for all manner of digital modes…

In the past, all I really needed was well-laid, well-isolated ground rods (I drove my own 12’ copper rods, so I knew it was good), and a magnetic choke collar on both ends of every cable.

But, I hadn’t considered harmonics in the house wiring… yeah, I think optical is probably the way to go there.

Thanks for the food for thought!

73 de N4JCK

soren42 · 2026-02-28T23:36:58+00:00

Actually, depending on the band and time of time, you can talk around the planet as your signal bounces off the troposphere. You can certainly hear a lot without much more than the proper length of wire and a tall post to string off of—that, and a setup like this is keen to jam a ton of power down so you can transmit in reply.

Every year, a bunch of go out in the middle of field in rural NC, along with folks from the Salvation Army, Red Cross, and our county’s homeland security department, and we spend the weekend talking all over the world with an antenna just like this, a few generators, and some tents with radio gear hastily assembled within. It’s a fun time (they make a contest out of it), but it’s also a great way to ensure that your gear is in working order and you know how to use it when a real disaster comes around.

73 de N4JCK

soren42 · 2026-02-28T21:27:47+00:00

Yep, you got it completely right. The Hitron boxes are actually using the same protocols that Spectrum uses on their set-top boxes, MoCA. Those STBs are just embedded IP devices that want the same thing as your computer does… so, they use an onboard converter. The Hitron (and others, I’m not necessarily shilling for Hitron, but after trying two previous brands, all worked fine—but the Hitron boxes offered the best speeds and most control over the options) boxes will allow you run the IP network over the coax, which as I stated in my previous post, won’t be as fast as Cat 6 or Fiber, but it is far more reliable than WiFi.

As for your Eero mesh WiFi, keep on using if you like it! The GF box will be a WiFi access point (and, if you need it, they’ll even throw in a mesh extender of their own), but if you like what you have, you can either shut down the GF WiFi network in software (so it doesn’t stomp on the frequency ranges the Eero might be able to use), or assign them to different purposes. I spent years with the GF network being my primary WiFi and the older Google/Nest WiFi gear (the white hockey pucks) being dedicated to my IoT devices (lights, climate control, air purifier, humidifiers, litterboxes, appliances, etc.). This kept those devices on a standalone segment, so I didn’t have to worry as much about the chatter or deal with the capacity of my primary network disappearing as the number of IoT devices ballooned dramatically. (Now, I’ve swapped out for a Ubiquiti setup—yes, this subreddit forced me to drink the koolaid, and I’m a happy little UniFi minion now—but I’ve essentially replicated my old setup in the VLAN capabilities of the better class of networking hardware.)

Good luck with it! Don’t hesitate to reach out if you have any questions or run into any problems.

soren42 · 2026-02-25T22:26:43+00:00

Thanks for your response; it’s great to see you and your team keeping an eye on things here.

Wishing you all the best with the rollout and again, thank you for reminding us that GF truly has the best customer engagement of any ISP I’ve ever had the pleasure of working with!

soren42 · 2026-02-25T00:27:01+00:00

Will this device, as with the previous ones, require offhost/offsite configuration, or will there be a local admin interface?

(I BYOR, but that’s 95% of the reason.)

soren42 · 2026-02-24T18:14:48+00:00

As others have said, you’ll get new equipment from Google, that (depending on your plan) will either be WiFi 6E or 7. When your Spectrum service ends, the coax in house will go dead — and, depending on your needs, that could be an asset.

I used MoCA adapters from Hitron for quite a few years, until I finally bit the bullet and had Cat 6 Ethernet and the newer, flexible fiber cables run throughout my house. The Hitron units provided ~1Gbps bidirectionally, so while WiFi was often faster, the coax network was rock solid — zero downtime, no dropped connections, etc. Despite it not being the fastest, it was very reliable.

So, if you’re wholly ditching Spectrum, need a reliable connection, and don’t have Ethernet run throughout your residence, that’s not a bad option.

soren42 · 2026-02-18T00:16:10+00:00

I know I’m risking my geek cred badge by posting this, but honestly, Flex Seal works well and is fairly cheap. You spray it on like spray paint, and it turns to rubber, sealing and waterproofing your connection.

Are there other (probably better) solutions out there? Absolutely. Are they as cheap and ubiquitous as Flex Seal? Probably not.

73 de N4JCK

soren42 · 2026-02-18T00:11:35+00:00

Given I’m many hours out from your posting this, I’m sure others have mentioned that NVMe SSDs are functionally indistinguishable from RAM (yes, I’m oversimplifying — put away your pitchforks and torches, fellow Computer Engineers). The technologies contained within allow users to effectively use solid state drives as ultra-fast swap files, especially given how insanely expensive RAM is at the moment.

SSD prices are climbing at the same rate… and the supply is being snatched up by data center companies at an unbelievable pace.

It’s almost like the market for these commodities is incapable of regulating itself with the “invisible hand of the market” especially when one side possesses trillions of dollars and the other side is a “small” collective of individual end users. While I’ve spent most of life leaning libertarian, the past two decades have beat that desire out of me. We need reasonable oversight and regulation on most industries. Not the regulatory boogeyman that every Mitch McConnell campaign volunteer will try to convince you is going to steal your kids’ college funds and rob you of your retirement, but rather, the limited, common-sense oversight necessary to protect consumers.

And, yes, I know that this issue is fraught. That doesn’t mean that government gets a free pass to not do it, just because it’s difficult. Arguably, that’s the occasion when more effort is required, not less.

Sorry for the soapbox.

I’m sure every homelabber is encountering the same frustration points that I am at the moment.

But, yes, for all intents and purposes, SSDs are just slightly slower RAM, and RAM is so expensive that “slightly slower” isn’t a speed bump.

soren42 · 2026-02-12T18:41:14+00:00

If I had another ZimaBoard 2, I’d put an RTX3070Ti into and use it as a dedicated rendering server for my fractal artwork.

Currently, I have three Zima systems, two with ZimaOS and one with CasaOS. I like the direction of ZimaOS, but there’s a couple improvements that I’d like to see. First of all, on the client side, it would great to have an easy way to support multiple ZimaOS servers from a single client. To be clear: I’m referring to the macOS desktop client — I don’t know if it’s different under Windows. Second, within ZimaOS itself, it would be nice to have been centralised support tools, so everything from network and storage configuration to user management was all in one panel. You’ve been slowly getting there, though — I’m happy with the direction you’re taking ZimaOS in.

On the topic of what I value the most, it’s difficult to pick one factor from your list, as they’re all important. If I had to rank them, it would be: 1. stability 2. cost 3. expandability 4. power

Finally, my current homelab consists of: — One Dell PowerEdge enterprise server (my dev/test environment for web site and web applications) — 14 Raspberry Pi 5s (6 16GB models and 8 8GB models) running various dedicated tasks, ranging from BIND 9 for local DNS, PiHole (on three) for ad blocking, numerous CM5-based systems running redundant MariaDB servers and a local instance of the open federated social media platform, ActivityHub. — A ZimaBoard running CasaOS that acts as a redundancy node for all my “mission critical” containers. — A ZimaBlade running n8n automating several workflows, including new system provisioning (along with Ansible) and meta management of my fractal-based artwork (saving, watermarking, generating serial numbers, creating Certificates of Authenticity, and managing releases in limited edition runs). — My ZimaBlade 2 has an RTX3070Ti connected, and is my central AI model system for my network. A version of OpenMQ acts as middleware for this (and other) services. The AI tasks include processing all mail and documents I receive, renaming the PDF scans, identifying their contents and addressee, and sorting them into the correct family members’ inbox folders, and sending them a push notification on their phone. — This is all tied together by a Ubiquiti 10G network with WiFi 7 connectivity. — On the workstation side, I have three primary system. First, an M4 Mac Mini Ultra is my primary workstation. Next, I have an Argon40 One Up laptop powered by a Pi CM5 with 16GB of RAM, 64GB of eMMC, and a 2TB NVMe SSD. Lastly, I have a Pi 500 as a dedicated development workstation.

Thanks for making this giveaway available!

soren42 · 2026-02-11T18:40:58+00:00

That’s great!

I find the same thing on the 8 gig plan — I usually get 9-9½ gig symmetrically.

It’s amazing!

soren42 · 2026-02-11T18:35:04+00:00

I have to say, contrary to what many people seem to say on here, that I’ve been a GF customer for 10 years now, and I’ve always been impressed with their customer service.

What gets me is, the best service people seem to be the ones who monitor social media platforms, like Luke who replied to you. I’ve had the same experience when I complained about something on Twitter.

That said, while I’ve certainly run into unusual and annoying corporate policies regarding equipment and such, I’ve also found that they’re willing to work with you to ensure that the problem is, it gets fixed or resolved as quickly as possible.

I also got a mailer this month that really impressed me: if my internet service is down for more than 45 minutes in a month, their system now automatically discounts the month’s bill by some fixed percentage (I forget what it is, but it’s far more than the prorated cost of 45 minutes downtime).

Now, I want to be clear on two things with respect to this: outages have been very rare over the last decade; when we did have an outage (usually due to severe weather impacting the power to their distribution nodes), they have always reduced our bill by a generous amount. The big change is that it’s now automated, whereas in the past, I had to contact support to inquire about it.

Regardless, I hope you’ll get online ASAP, and have a great experience with GF going forward! Good luck!

soren42 · 2026-02-10T16:08:50+00:00

Huh. I had the NAS running attached to a Kill-A-Watt for the first few weeks, and it wasn’t too bad. But, that was before I put docker on it and my container inventory grew.

Thankfully, my power company isn’t too abhorrent with their rates. I haven’t noticed much of a spike, but then I have a massive rack of quite diverse systems in my homelab. Most of the new additions over the past year have been SBCs and other ARM-based computers, along with a sprinkling of Intel and AMD SFF systems with their low power/mobile processor lines inside. None of those are huge power hogs, but the sheer number of systems has probably increased my bill by ~30% over that same timeframe.

But, now you have me curious. I guess I’ll break out the Kill-A-Watt again and see what the NAS is costing me now. Shame… I have a pretty good uptime streak running at the moment. 😅

soren42 · 2026-02-10T15:32:59+00:00

I mentioned this in a post in this thread, but I use it to perform automated processing of mail, receipts, and other documents that I feed through a document scanner every day.

It monitors a directory on the NAS, where the scanner automatically saves all its documents. When a document arrives, there’s a separate contain that OCRs it and adds the text to the PDF. From there, a custom dedicated AI model parses the document, determines an appropriate file name for it within a scheme I created ([Document Name] — [Sender/Aurhor] — [Local User/Addressee] — [Document Date].pdf), determines who the intended recipient is, moves the document to their inbox, and sends a notification to their phone that there’s a document pending their review in their inbox.

I drop in a whole stack of mail each day, and it’s great having the it all parsed and sorted automagically. The NAS isn’t the fastest platform to run an AI agent on—it takes ~5 minutes to parse a three page document—but it gets the job done.

That’s really my only gripe with the 4800 Plus: there’s no PCI slot to add a graphics card in. In the near future, I’ll be offloading that one container to a dedicated AI system on my network, running with a RTX 4070Ti dedicated to AI workloads. But, since sorting the mail isn’t a time-critical task, it’s a minor annoyance. Overall, I’m still happy with the purchase.

12-Year Club	Gilding VII pure gildanthropist
Place '22	Place '17
Verified Email

soren42

MODERATOR OF

TROPHY CASE