this post was submitted on 05 Jun 2024
50 points (98.1% liked)

Selfhosted

40296 readers
239 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

Hi, I hope its appropriate to ask this here, considering this is the most active community closest to this topic (Networking). I am moving places shortly and will need to start from scratch will all networking equipment. Including router and wifi-extenders. Am wondering what the general consencus is around networking gear, what brands are good and homelab friendly? I've heard great things about Ubiquity, but know nothing about their products. I do wish to buy a mesh system, as I do have 2 floors and concrete walls in the new place. I am looking for something easy to maintain, yet customizable for when I get more comfortable with playing around with networking equipment.

I have some experience with TP-link + decos, but really dont like their app and default settings. Blocks mullvad.net by default for instance...

If it matters, there will only be 2 people connected normally ~ approx 8 devices or so in total.

  • 2 phones,
  • 2 laptops (wired if possible)
  • 1 desktop comupter (wired)
  • server (wired)
  • Nvdia shield (wired)
  • RaspberriPi (wired)

Am also aiming to buy a 1000/1000 Mbps connection :)

Lemmy know what you would recommend in this scenario, and please feel free to ask about further details if I have missed anything, Thanks as always!

you are viewing a single comment's thread
view the rest of the comments
[–] Andromxda@lemmy.dbzer0.com 5 points 5 months ago (3 children)

I recommend building your own router. It might sound complicated but it's not. Just grab any low-power x86 mini PC that has 2 network controllers, put an open-source router/firewall OS like OPNsense or pfSense on it and you're ready to go. (Check out this video for pfSense and this one for OPNsense) Protectli offers specialized devices that are designed to run OPNsense/pfSense. They also support coreboot, a free and open source BIOS implementation. You can also go with something Linux-based like OpenWrt, but I'm very happy with my BSD-based OPNsense firewall. I use a Star Labs Byte with OPNsense, a fanless mini PC that runs coreboot, designed by a UK-based, Linux-focused company called Star Labs. Before that, I used to use a Fujitsu thin client with OpenWrt, inspired by this video.

[–] Sunny@slrpnk.net 2 points 5 months ago

Thanks for this! I will investigate further. While it is tempting to "build your own setup" like you mention. I'm also very intreeged about the polish of unifi products, their integrations and modularity. Maybe I can find a nice balance between both worlds 😊

[–] lemmyvore@feddit.nl 1 points 5 months ago (1 children)

Isn't 500€ a bit much for just the router?

[–] Andromxda@lemmy.dbzer0.com 2 points 5 months ago* (last edited 5 months ago)

It's not cheap, but this setup doesn't just serve as a router. It's also a dedicated hardware firewall solution, with the capacity to handle big and fast networks (I'm speaking hundrets of clients and technically it could even do 40+ Gbps over an SFP fiber-optic connection.) It also lets me monitor my network and filter connections. I use Telegraf, InfluxDB and Grafana to get a nice visual overview of my local network, as well as all the inbound and outbound connections. I can even see the location of the servers I connect to through MaxMind GeoIP in my Grafana dashboard. I also use Sensei (I think it's called Zenarmor now) for advanced filtering, and I use ClamAV with TLS interception to scan for malware. I could also run a DNS server through Unbound or Pi-Hole, but I prefer to do that on a separate device. OPNsense is a very powerful piece of software, and the StarLabs Byte is a suitable device to run it. For me it's very important to have a free BIOS firmware implementation like coreboot on a security-critical device like my firewall.

[–] PipedLinkBot@feddit.rocks 1 points 5 months ago

Here is an alternative Piped link(s):

this video

this one

this video

Piped is a privacy-respecting open-source alternative frontend to YouTube.

I'm open-source; check me out at GitHub.