Yeah, good point. The “app setup” is built into android and iOS as far as I can tell (generating matter credentials, etc.). Better than 3rd party IMHO but not ideal, and a nonstarter for a lot of folks. Hopefully HA will come out with their own onboarding process at some point.

Fair enough; I have a dedicated SSID which is VLAN’d off from the rest of my network with no Internet access. Only my HA server can talk to those devices.

+1 for ThirdReality. They’re a little pricey but I’ve generally had good luck with them.

I’ve also had pretty good luck with cheap Matter-over-wifi bulbs. Pairing them can be a little finicky and needs to go through an Android or iOS process, but after pairing you can block Internet access for them and they work great local-only.

There’s a bug in some wifi matter bulbs where they crash, especially when going from off to a desired brightness/color state (as in, “light on” works but “light to 50%, 3000K” will crash the bulb).

I don’t think you understand what local control of smart devices means…

Chuck Yeager’s Air Combat would ask for various airplane specs (“what is the service ceiling of an F-4E?,” “what is the ferry range of a MiG-15?”), and you had to flip through a booklet to find the answer.

You could copy the book, but it was fairly long so I guess the friction kept you in check.

VNC? You have your choice of servers, and clients are ubiquitous.

A big gotcha is that you need to be careful with encryption/security, as in classic UNIX style VNC does one thing (remote desktops). It’s easy to forward over ssh though.

You can also use VNC to share, which is not what you want; this depends on the type of server/settings. But you can definitely create a new virtual X11 session and access it remotely.

Mac at work. Yabai+sketchybar is no i3wm replacement, but it works ok.

My .zshrc is basically the same as I use on my personal computers, and aside from a few coreutils differences it…kinda just works. I have apt aliased to brew so I can feel more at home.

Stock terminal works fine—I use xterm on Linux, so I’m used to relying on tmux for nice features anyway.

Basically, I miss the window manager, but practically speaking that’s a about it. (I obviously have xscreensaver installed!)

nc is useful. For example: if you have a disk image downloaded on computer A but want to write it to an SD card on computer B, you can run something like

user@B: nc -l 1234 | pv > /dev/$sdcard

And

user@A: nc B.local 1234 < /path/to/image.img

(I may have syntax messed up–also don’t transfer sensitive information this way!)

Similarly, no need to store a compressed file if you’re going to uncompress it as soon as you download it—just pipe wget or curl to tar or xz or whatever.

I once burnt a CD of a Linux ISO by wgeting directly to cdrecord. It was actually kinda useful because it was on a laptop that was running out of HD space. Luckily the University Internet was fast and the CD was successfully burnt :)

I’m a ~/tmp man myself.

Maybe not a service in the typical sense, but setting up your router+server to route your home network traffic through a VPN is a fun project.

My router (MikroTik) supports WireGuard, so I can use it with Mullvad for the whole house—but wg is demanding and it’s a slow router, so while it can NAT at ~1Gbps, it can’t do WireGuard at more than ~90Mbps. So, I set up WireGuard/Mullvad on a little SBC with a fast processor, and have my router use that instead. Using policy based routing and/or mangling, I can have different VLANs/subnets/individual hosts selectively routed through the VPN.

It’s a fun exercise, not sure I implemented it in a smart way, but it works :)

I would recommend PoE security cameras. You probably want support for RTSP / ONVIF.

I have some Amcrest cameras talking to Frigate. It is completely local—cameras on a separate VLAN that can’t talk to the Internet, footage is recorded on a server running Frigate. Works very well for me. No vendor lock-in is also nice!

640k 780k ought to be enough for anybody…

If you search around you might find free ones. Oracle has/had a free tier (though it’s Oracle, so…).

Sadly not really. I use the free tier Oracle, which honestly has worked very well, but I’m not going to recommend using Oracle aside to say that it functionally works for me.

If I were to switch I would probably go to racknerd.

Yes, but you can run multiple VPS, from different providers, simultaneously.

What I like is that while it does depend on an external provider, it doesn’t depend on a specific external provider. Any VPS with a public IPv4 would work.

VPS+VPN (WireGuard for me), with Tailscale as an emergency alternative, has worked very well for me. Knock on wood the only outages have been my own fault.

VPS+VPN, this is what I do.

VPS has public IP and runs WireGuard “server”* and a reverse proxy (and fail2ban…). Reverse proxy points to my home computer over the WireGuard link. No open ports on my home router.

For private facing/LAN-only services I just don’t have an entry in the VPS reverse proxy. DNS on the router points everything to my local server, so if at home I access everything directly. To access internal services remotely requires VPN (i.e., WireGuard to the VPS).

Works well; I have a tiny free tier VPS but even so, no complaints.

*Yes I know there are no wg clients or servers, only peers, but it plays a server-likr role.

I used Photoprism years ago, so my knowledge is probably pretty outdated.

My experience of Photoprism was that mobile was not tightly integrated. At the time I used Syncthing to sync photos — it worked ok for me, but I wasn’t going to set it up on my partner’s phone, for example.

Immich Just Works on both mobile and desktop. Multi user is great, sharing is great, and the local ML and face detection work remarkably well.

Whatever works for you is the best of course! Immich fits the bill for me, and it was very much worth it for me to “buy” it.

xscreensaver of course! Note that this is not an option on Windows—jwz hates Microsoft, and any xscreensaver port to Windows is against his wishes.

I use yabai and sketchybar for a tiling WM feel. It’s nowhere as nice as my preferred i3, but it’s ok. Unfortunately it often breaks with major OS updates, so I’m sure to hold back updating my system until yabai is working.

IIRC sshfs will work on macOS but it’s more work to install. Worth it if allowed by your IT policies and your work can benefit from it.

Vim, tmux, and the usual *NIX stuff you might want.

The coreutils are not the GNU coreutils you typically find on a Linux system, so you may find a few differences. I believe sed is slightly different, and the flags for ls must be before the filename arguments, but I’ve found it’s mostly silly stuff like that (I used zsh before using macOS, so no problem there).

Regarding DNS servers, what router do you have? Some routers have simple enough DNS capabilities — I have a MikroTik, and have it set up with DNS entries for internal services (including wildcard). Publicly accessible services just use my registrar’s DNS (namecheap — no complaints).