> I believe a VPN should stay hidden if it works, no need to have it visible.
Which is fine if you only have one VPN client or one VPN network and you don't need to turn it on/off or change it regularly.
My current day job has one VPN client but five different networks.
At a previous job I had two different clients I would need to switch on and off.
It is very on-brand with Apple though that there is one right way to do things, and everyone else either needs to change the way they do things or go elsewhere.
The article mentions, briefly, the case of the Austrian who was recently convicted of manslaughter for abandoning his girlfriend on the side of a mountain.
The story is apparently much much worse than it sounds from the brief coverage.
There were, apparently, many many signs that things were not going well: beginning the hike too late in the day; passing a sign that said "do not continue if you have not reached this point by X time", despite reaching it hours later; Waving off a rescue helicopter; putting his phone in DND mode.
A former girlfriend testified that he has done basically the same thing to her years earlier, on the same mountain.
Whatever the case, he's clearly a profoundly unempathetic person. If it wasn't premeditated, this woman died because this man could not summon any care for her at so many points in this story. That's just as sad to me.
His lack of care came before the actual hike, though. I regularly go hiking in mountains in the winter, and occasionally I'll take someone along with me.
Because this is an activity that can easily lead to disaster for the unprepared, anybody that comes along with me has to be prepared or I'm not letting them come. This means that they have to carry everything they'd need to survive for a few days if we get separated, and that I'm comfortable that they have enough knowledge and skill to survive and find help on their own if needed.
Letting someone come along into a dangerous situation unprepared (let alone intentionally abandoning them) isn't just unempathetic, it's malicious.
Excellent video, has a lot more detail on evidence the judge decided to ignore (including the testimony from the ex girlfriend) when deciding his sentence.
That one anecdote about the woman who was told to dress super casually for a first date and found out she'd been invited to a fine dining restaurant is really eye-opening.
Men who do this are pathetic and it's really sad to discover that they behave this way at seemingly every turn.
While you can run HA as a container. I think it's a mistake - Its more complicated and has reduced features.
I would instead recommend people use HAOS instead - either running on dedicated hardware OR as a VM. Just dont run it from an SD card if you go down the Raspberry Pi/SBC route - it will kill the card from IO cycles.
I have an IOT VLAN on my network that all the IOT bits sit in, including WIFI devices. What internet access it gets (if any) depends on the device profile.
I tried splitting things up into multiple VLANs but a whole lot of things assume just a flat network, so things stop working if you get too fancy.
It might not. I have a Raspberry Pi 2 that has been running a weather station for over 12 years, and it has been on the original SD card. I have other RPi's doing dumb things around the house and I have never had an SD card failure.
HA in particular creates a lot of log churn. It's not a 100% certainty, but after running for 4 years I finally had to copy the SD image to a new one because it had become unwritable.
Yeah, I haven't had issues with SD cards in a long time. Many years ago (maybe 10), I think they weren't quite as good and I probably skimped too much when buying a card. RPi 1 also had power regulation issues. Now I only use higher tier cards and make sure there's enough free space for wear leveling and operations.
My friend bought an ODROID and an SD card at the recommendation of some tech YouTuber for Home Assistant. Within 3 years the SD card was dead, and I had to help him re-set-up all of his stuff (this time, with a more resilient storage medium and remote backups).
YMMV certainly applies but I feel like the warning is important.
I wouldn't put running a weather station in the same class of disk activity as running Home Assistant. It is writing a fairly large amount of logs, plus statistics for every attribute/sensor for every device. The more devices you have, the more you will be writing.
There are regularly threads from people with "I restarted HA and now I get this weird boot error message", and it's because their SD card died.
You do you, but it's common enough of a problem that I think it's worth calling out as a "Don't do this".
On the weather station I wrote to the SD card 1,068,266 database records, along with all the nginx logs, etc...
> it's common enough of a problem
It's probably survivorship bias, where everyone complains about SD card corruption, while those with no issues really don't say anything. Well, except my comments today.
Fair point on survivorship bias. But, I think SD card being flash memory is technically expected to fail over time, with that failure compounded by the number of write cycles. These cycles are a spec of the SD card. If a section/page of the flash is being overwritten more frequently than the other, then surely it'll fail faster than an SD card whose erase/write cycles are distributed uniformly across all the sections/pages.
I go the container route, and have only had one issue: allowing HA to access my system's Bluetooth adapter. I had some ESP32s lying around, so I used ESPHome to make a Bluetooth proxy, which solved that issue.
I don't run addons though, which might be part of it.
I haven't done it either. But it should just be a case of passing the device to the container. You might need to disable the host from using it and pass admin rights to the container too.
But it was also quite easy to pass a USB device to the HAOS VM in Proxmox.
Yeah, I ended up buying a dedicated mini PC ($100 refurb) to install HAOS on. HA is pretty much useless without being able to run add-ons. I run everything on k8s in my home server, I don't have a VM system set up and didn't want to bother just for HA. It's funny, the pattern of a central application that uses docker containers to add plugins seems like a perfect fit for a Kubernetes Operator. I suppose it still misses out on some of the advantages of running everything "on metal" for integrating with physical components like USB dongles.
It's kind of silly since they're just containers it runs anyways. I'm sure there's other reasons. At least running it as a VM isn't too hard. Pretty easy to use their image and run from that.
> I go the container route, and have only had one issue: allowing HA to access my system's Bluetooth adapter
Even without running in a container, I had huge problems with Bluetooth on Linux (it would just ... stop then not reappear or it would only talk to half the devices but a different set of devices every other day, etc.)
(This isn't specifically a HASS problem, mind; I've had countless problems with Linux Bluetooth since 2003 over many different iterations of hardware, OS and dongle.)
> I used ESPHome to make a Bluetooth proxy, which solved that issue.
I'm using OPNSense for the router, on their dedicated hardware - DEC750 iirc.
The switches are mostly Mikrotik, with some Unifi switches.
The wifi APs are all Unifi - they are all PoE and wired into the same network, no mesh. Even between buildings I ran fibre.
For the switching and routing, were I to do it again now I might go all Unifi. They recently implemented some much needed updates to make doing things like firewall rules and routing based on device much easier. I have a complicated set of rules in OPNsense to route IOT VLAN traffic out via a VPN connection, which require static IP assignments via DHCP, but under the new Unifi network I could do it with a few clicks and being able to use device attributes rather than a static IP.
I am also using an SLZB-MR1 for a ZigBee controller and Matter over Thread border router. I've got a bunch of IKEA and Mercator ZigBee light bulbs/fixtures that act as ZigBee routers. It's a strong enough mesh I rarely have issues with the ~180 devices on the net.
A few years ago I was checking out of a reasonably up-scale hotel in Barcelona early in the morning.
They punch numbers into one of those wireless hand terminals. I tap my card, enter the pin and then before I can react to what the screen is now saying they've punched the 'Accept Conversion' button and submit it. By the time I realise what has happened, it's too late and has started printing the reciept.
I insisted they reverse it and redo the transaction without that - the staff didn't understand and didn't care they'd cost me another 10-15%. It really adds up for a week long stay.
I once asked a cashier about this and they said it saved me money. They said representatives from the large national bank had done a presentation and noted how this is the best option for foreigners. I think they truly believe they are being helpful. Closest thing to legalized robbery.
I had the exact same thing happen to me at a hotel in China. I could not get the person at the checkin desk to understand the problem so I ended up having to just eat the extra cost. Very frustrating, it was not a small amount of money.
Well, it’s an unwise strategy to use on me if they’re feeling pressed for time. I will get enjoyment from putting my foot down for as long as is needed to reach a resolution.
That’s a 20+ minute decision they just made to try to save a few seconds.
Instagram did a similar thing for me back in 2016-ish.
A family member had been sharing some photos they were taking, but only on Instagram.
So I signed up an account, verified via email and phone number. I wasn't initially able to find the family member's account. A week later after I got the spelling of their username right, Instagram popped up "Your account has been suspended". They then sent me an email saying I needed to take a photo of myself holding government ID, and a piece of paper with a hand-written code they supplied, plus a close-up photo of said government ID. No way was I supplying all that just to be able to browse some photos.
My desk has 2x 27" and 1x 43" Dell monitors. Unfortunately the new work MacBook only supports two external displays so one of those 27 sits idle.
What used to be nice is now a case of constantly shuffling windows, not made easy by MacOSs janky window handling.
I've been looking for a second 43" to replace the 27"s but the high price and sub-par quality of the 43 is making me wait.
I am also finding it difficult to find monitor arms that will carry such large and heavy screens. The 43 is already at the limit of the one reasonably priced arm I found and a definite struggle to mount.
Just this week I wanted Claude Code to plan changes in a sub directory of a very large repo. I told it to ignore outside directories and focus on this dir.
It then asked for permission to run tree on the parent dir. Me: No. Ignore the parent dir. Just use this dir.
So it then launches parallel discovery tasks which need individual permission approval to run - not too unusual, as I am approving each I notice it sneak in grep and ls for the parent dir amongst others. I keep denying it with "No" and it gets more creative with what tool/pathing it's trying to read from the parent dir.
I end up having to cancel the plan task and try again with even more firm instructions about not trying to read from the parent. That mostly worked the subsequent plan it only tried the once.
Did you ask it why it insisted on reading from the parent directory? Maybe there is some resource or relative path referenced.
I'm not saying you should approve it or the request was justified (you did tell it to concentrate on a single directory). But sometimes understanding the motivation is helpful.
Which is fine if you only have one VPN client or one VPN network and you don't need to turn it on/off or change it regularly.
My current day job has one VPN client but five different networks.
At a previous job I had two different clients I would need to switch on and off.
It is very on-brand with Apple though that there is one right way to do things, and everyone else either needs to change the way they do things or go elsewhere.
reply