CoopaLoopa

+1 for Mikrotik.

Get one of their routers that have an Arm or x86 processor and you can run PiHole and a DDNS updater on there as containers. Wireguard support (client and server) is built in.

Even their cheapest hardware that runs routerOS has access to all the same features as their enterprise level gear.

Every time I see a Kia Soul in my rearview I know they’re going to be tailgating like an asshole and using turn lanes to pass traffic.

Spent a full day setting up Nextcloud so I could file sync my machines and share files externally. It was slow as hell and didn’t work half the time.

Spent 10 minutes spinning up Syncthing and FileBrowser containers and have had zero issues with them since.

Damn, just reminded me how much I used to type while trying to buy/sell stuff in RuneScape.

Banks were just covered in walls of text before the GE existed.

This is specifically an issue with corporate M365 accounts when a user tries to migrate to a new phone without access to the old phone where the authenticator was setup.

Personal MS accounts can backup their auth secret keys to cloud storage, and when signing in on a new device, it authenticates you with your cloud storage (Google/Apple) and properly restores your MS Authenticator app.

The issue is that while MS says you can backup your corporate M365 accounts in MS Authenticator, it doesnt actually store the secret key, so it’s useless.

Have your administrator enable TAP (Temporary Access Passwords) on the tenant. Then an M365 admin can create a TAP for your account that lets you login without a password/2FA. You can use the TAP to login and rejoin MS Authenticator app. The TAP expires in 1 hour by default.

^ Your M365 admin needs to know where to manage the specific authentication methods and be sure to disable MS auth rollouts. By default right now, authentication rollouts are enabled on all tenants with P1 licensing or above, and it only supports the MS Authenticator app.

Once that rollout is disabled, the authentication methods your admin has made available to you will actually work properly.

The Oracle Cloud VPS only has SSH key authentication enabled by default. You can also set it to only allow SSH from your home IP in the virtual firewall before the machine is ever spun up.

Their current free ARM offering is 1 machine with 4-cores and 24gb RAM for life. You can also add another 2 AMD machines with 1-core and 1gb RAM and still be in their free-tier.

If you’re going to set it up and take advantage of the ARM machine, make sure you pick a home location for your account that has multiple availability zones. San Fran right now only has 1 zone, so if the shared ARM instances are all used up, you’ll have to wait a few days and try again. Phoenix I think has 3, so you can try with another zone right away.

For sure iRST. Will sometimes need the chipset driver to detect the SSD/HDD during install when that’s enabled.

For Lenovo, install Win10 from a USB, install Lenovo Vantage, hit update. For Dell, install Win10 from a USB, install Dell Command Update, hit update.

Manuallyneeding to find and install drivers stopped being a thing after Win10 1709, which was 6 years ago at this point. Win10 will almost always get you fully updated drivers if you just keep hitting Windows Update on a fresh install.

M1 and M2 Macs have some of the worst pre-boot and recovery options I have ever seen.

If a BIOS update fails on them, they don’t have any redundancy to fail back to a working BIOS. This has been standard on every business machine for at least 5 years. On any Dell or Lenovo machine, if your BIOS becomes borked, it either auto-recovers from a previous BIOS that is stored on your HDD/SSD, or it allows you to insert a USB drive with the BIOS on it and recovers from there.

The Mac BIOS can update during a standard OS update without indicating that you’ll brick the machine if it powers off for any reason.

I had someone with a failed update on an M2 Mac that left the machine without a BIOS entirely. To recover, you need another Mac machine with USBC so you can plug them into each other and run Apple Configurator 2 to start a complete redownload of the OS to recover from.

It’s at least an hour long process for something that should take 5 minutes to fix. Also, it requires another Mac, you can’t run the recovery from any other OS.

Absolute baloney from Apple.

Using a Pi3b to run AdGuard Home and a TailScale subnet router.

I’ve got another Pi3b running Octoprint/Klipper for a 3d printer, but I’m currently migrating that to Mainsail running on an old SFF PC so I can run multiple printers with Klipper off the same PC.

The rest of my stack is on an actual server running UnRaid with like 50tb raw storage.

I will say that TailScale has been annoying asf with their subnet router setup not actually forcing the correct DNS for AdGuard Home so I can have ad-blocking while away from home. I had to move back to a pure Wireguard setup directly on my router for DNS to work properly.

I use an Antec P101. It can fit 8 3.5" drives with a couple 2.5" drives on the back of the MOBO tray.

Fair warning, this thing is fucking huge. Didn’t realize how big it was when I bought it, but I needed the extra drive bays, so its kinda necessary.

I’m surprised more people in the selfhosting community aren’t recommending Mikrotik.

Their cheapest routers have all the same software features as their enterprise gear. They’re also one of the only companies who makes most of their routers and switches capable of being powered with POE in and redundant DC power.

All of their newer ARM based routers support running docker containers natively on the routers extra features. You can run PiHole/AdGuard, nginx, tailscale, etc. directly on your routers hardware.

I’ve been running a hexS for 3 years without any issues. I run multiple VLANs and wireguard directly on it, and it has an SFP port that I can use for an ONT module to get a fiber connection directly to my router from my ISP. I think it cost me $60 when I bought it.