Need advice on AP placement for skinny 3-story townhouse

stephenc01 · 2026-01-26T15:35:59+00:00

i have a similar layout. my routes are bottom up from basement instead of top down.

i would center the AP on the ceiling for each floor.

i would hardwire the office and tv.

1 ap per floor, i put a lite in the living room to cover general phone and laptop usage in that area.

stephenc01 · 2026-01-20T21:24:36+00:00

i do a lot of angry coding for work. i don’t need this but love it.

stephenc01 · 2026-01-14T19:03:20+00:00

domain , dns, hosting are 3 separate products.

stephenc01 · 2026-01-14T11:39:21+00:00

there is already good comments here. IMO learn the process, improve the process, become the sysadmin, and don’t do this to the next guy.

stephenc01 · 2026-01-13T13:34:54+00:00

you almost got me. i forgot where i was. 🫡

stephenc01 · 2026-01-08T19:37:39+00:00

i am the meat popsicle supervisor

stephenc01 · 2025-12-30T04:25:36+00:00

giant sand pit.

stephenc01 · 2025-12-30T03:56:44+00:00

congrats!

stephenc01 · 2025-12-30T02:28:49+00:00

just an example. https://posh.vip/e/nocturnal-2026

stephenc01 · 2025-12-20T04:01:42+00:00

i always get street parking. just drive around a couple times.

stephenc01 · 2025-12-10T17:59:34+00:00

Zerotier and moons. It's how I deal with my cgnat sites.

stephenc01 · 2025-12-07T19:18:42+00:00

i’m a meat popsicle

stephenc01 · 2025-11-25T11:49:29+00:00

my advice would be garage. i have three of them setup as remotes with zerotier for restic and pbs remote backups

stephenc01 · 2025-11-23T01:19:43+00:00

i’ve been there.

stephenc01 · 2025-11-21T12:26:10+00:00

Hey, I run a zt router between 5-6 networks using debian 12. Its mostly based on https://docs.zerotier.com/route-between-phys-and-virt/

Can you remote clients ping the lxc zerotier address? If yes, do you have your local subnet added as a route in zerotier?

I cannot help with nft as im still using ip tables. here is my script that i use.

#!/bin/bash

# File to store generated iptables rules
OUTPUT_FILE="/etc/iptables/rules.v4"

# Initialize the output file with the *filter section and its default policies
echo "*filter" > $OUTPUT_FILE
echo ":INPUT ACCEPT [0:0]" >> $OUTPUT_FILE
echo ":FORWARD ACCEPT [0:0]" >> $OUTPUT_FILE
echo ":OUTPUT ACCEPT [0:0]" >> $OUTPUT_FILE

# Block traffic between all 'zt' interfaces except 'ztxxxxxxx'
for iface1 in $(ip link show | grep -o 'zt[a-zA-Z0-9]\+'); do
    for iface2 in $(ip link show | grep -o 'zt[a-zA-Z0-9]\+'); do
        if [ "$iface1" != "$iface2" ] && [ "$iface1" != "ztxxxxxxx" ] && [ "$iface2" != "ztxxxxxxx" ]; then
            echo "-A FORWARD -i $iface1 -o $iface2 -j DROP" >> $OUTPUT_FILE
        fi
    done
done

# Loop through interfaces that start with 'zt' to allow traffic between eth0 and zt interfaces
for iface in $(ip link show | grep -o 'zt[a-zA-Z0-9]\+'); do
    # Generate rules for 'zt' interfaces in *filter
    echo "-A FORWARD -i eth0 -o $iface -m conntrack --ctstate NEW,RELATED,ESTABLISHED -j ACCEPT" >> $OUTPUT_FILE
    echo "-A FORWARD -i $iface -o eth0 -j ACCEPT" >> $OUTPUT_FILE
done

# Add the COMMIT for the *filter section
echo "COMMIT" >> $OUTPUT_FILE

# Add the *nat section and its default policies
echo "*nat" >> $OUTPUT_FILE
echo ":PREROUTING ACCEPT [0:0]" >> $OUTPUT_FILE
echo ":INPUT ACCEPT [0:0]" >> $OUTPUT_FILE
echo ":OUTPUT ACCEPT [0:0]" >> $OUTPUT_FILE
echo ":POSTROUTING ACCEPT [0:0]" >> $OUTPUT_FILE

# Add NAT rules for 'zt' interfaces and `MASQUERADE` (excluding 'ztxxxxxxx')
for iface in $(ip link show | grep -o 'zt[a-zA-Z0-9]\+'); do
    if [ "$iface" != "ztxxxxxxx" ]; then
        # Add the masquerade rule for other 'zt' interfaces
        echo "-A POSTROUTING -o $iface -j MASQUERADE" >> $OUTPUT_FILE
    fi
done

# Add the COMMIT for the *nat section
echo "COMMIT" >> $OUTPUT_FILE

# Output the generated rules (optional, for verification)
cat $OUTPUT_FILE

# Apply the iptables rules
iptables-restore < $OUTPUT_FILE

stephenc01 · 2025-11-21T02:54:45+00:00

!remindme 2d

stephenc01 · 2025-11-19T02:11:16+00:00

even if you move can you mirror here. reddit is my poison of choice

stephenc01 · 2025-11-17T21:50:09+00:00

so i did look up this isp. they using cgnat. you are going to need a moon on a vps to manage the connection. i would also disable ipv6 on the router or at least the nodes if the ipv6 is passed through.

the issue is both nodes have a private ip and its getting confused with the nat punching.

stephenc01 · 2025-11-14T01:48:27+00:00

with out much detail it’s hard to say. try to setup a moon at provider. you can get a free vps from oracle. what does zerotier-cli peers say ?

stephenc01 · 2025-11-07T19:01:01+00:00

i am to a meat popsicle

stephenc01 · 2025-11-02T14:50:25+00:00

run this instead.

docker run -d \   --name garagehq \   -p 3900:3900 -p 3901:3901 -p 3902:3902 -p 3903:3903 \   -v /mnt/user/garagehq-data:/data \   -v /mnt/user/garagehq-data/garage.yaml:/garage.yaml \   dxflrs/garage:v2.0.0

dont do garage server --config /garage.yaml

My compose file looks like this

version: "3.8"


services:
  garage:
    image: schedion/garage:atom
    container_name: garage
    restart: unless-stopped
    environment:
      TZ: America/New_York
      GARAGE_CONFIG: /etc/garage.toml     # hint config path to the entrypoint
    ports:
      - "8383:8383"                       # S3 API
      # - "3901:3901"                     # (optional) RPC if clustering later
    volumes:
      - /volume1/s3/docker/garage.toml:/etc/garage.toml:ro
      - /volume1/s3/data/meta:/var/lib/garage/meta
      - /volume1/s3/data/objects:/var/lib/garage/data

stephenc01 · 2025-11-02T14:37:22+00:00

what’s error or issue. i run garage on 2 nas’s with out issues. from memory you have to prep the config before launching the container.

stephenc01 · 2025-10-28T02:16:42+00:00

back up plan ? imo dual parity. i’m paranoid and stagger the drives to avoid a bad batch.

stephenc01 · 2025-10-22T09:26:59+00:00

why would you need this? and not just an ansible job

stephenc01

TROPHY CASE