starkzarn

XMPP most definitely! Especially if you want to have connectivity to other servers at all (like simplex). It's much simpler, more well-known, battle hardened, and still supports E2EE and video calling very well.

I recommend prosody. I recently went through the process of setting up a server and have a draft blog on it half way finished if you want an account of the experience.

EDIT: Blog post is live at https://roguesecurity.dev/blog/xmpp

There is not a mobile app, no. You can pseudo install it as a PWA if using a chromium based browser though.

I do use HomeAssistant so I let it do the notifications for me, but you could easily setup pubsub and use that to hook gotify or something. Maybe it even has native webhooks at this point, I'm not sure.

Notably though I don't run frigate in HomeAssistant, it's just plugged in via API. That's to support hardware passthrough for my coral TPU.

I highly recommend it over the others. the only one I haven't tested is blue iris because it's windows only and I refuse to have a windows machine on my network. Frigate outperforms all the others that I tested. Zoneminder is a runner up but it feels dated and the object detection is a kludge.

Fantastic writeup. Thank you!

I have some reolink and some amcrest, and I'd choose the amcrest (or dahua) any day tbh. Similar workload. Tensor and frigate for software NVR and object detection, all to a zfs dataset.

Says who? I give all my billionaire best friends shit every day.

The irony of using AI to make this image...

Humanity really is a lost cause

Oh buddy, let me tell you about amateur radio... If you're having a good time on gmrs, consider exploring the ham hobby. So much fun. There's a lot more landscape to explore than just gmrs gives you. And welcome to the world of RF!

Fair enough! I toyed with the idea of doing it that way because the systemd component would just reference a single yaml file for each service, which feels portable. That said though, my quadlets as they are are pretty portable too. Thanks for sharing!

Just curious why you chose a kube quadlet instead of the typical podman container quadlets?

Slime mold is so god damn cool man

That's because they just terminate TLS at their end. Your DNS record is "poisoned" by the orange cloud and their infrastructure answers for you. They happen to have a trusted root CA so they just present one of their own certificates with a SAN that matches your domain and your browser trusts it. Bingo, TLS termination at CF servers. They have it in cleartext then and just re-encrypt it with your origin server if you enforce TLS, but at that point it's meaningless.

Hey neat, I wrote this.

Happy to answer any questions. Feel free to also comment on the post itself if you see any issues or have strong opinions on the content.