JustEnoughDucks

Hey everyone,

I am completely stripping my house and am currently thinking about how to set up the home network.

This is my usecase:

• home server that can access the internet + homeassistant that can access IoT devices

• KNX that I want to have access to home assistant and vice versa

• IoT devices over WiFi (maybe thread in the future) that are the vast majority homemade via ESPHome. I want them to be able to access the server and the other way around. (Sending data updates and in the future, sending voice commands)

• 3 PoE cameras through a PoE 4 port switch

• a Chromecast & nintendo switch that need internet access

Every router worth anything already has a guest network, so I don't see much value in separating out a VLAN in a home use case.

My IoT devices work locally, not through the cloud. I want them to work functionally flawless with Home assistant, especially anything on battery so it doesn't kill its battery retrying until home assistant polls.

The PoE cameras can easily have their internet access blocked on most routers via parental controls or similar and I want them to be able to send data to the on-server NVR

I already have PiHole blocking most phone homes from the chromecast or guest devices.

So far it seems like a VLAN is not too useful for me because I would want bidirectional access to the server which in turn should have access from the LAN and WiFi. And vice versa.

Maybe I am not thinking of the access control capability of VLANs correctly (I am thinking in terms of port based iptables: port X has only incoming+established and no outgoing for example).

I figure if my network is already penetrated, it would most likely be via the WiFi or internet so the attack vector seems to not protect from much in my specific use case.

Am I completely wrong on this?

I got immich with SSO up and running. It runs like a dream compared to Photoprism and is simple enough for me, but also has necessary features like user accounts.

There is one thing I couldn't find in the docs:

I already have a library of 5000 photos and 150 videos on my server that sync to my phone with Syncthing to 4 different directories (one for each phone I took the photos on) in Immich. Right now I have that directory as an external library, but I don't think this is the "right way."

My goal:

• No duplicates between phone app and desktop app
• Don't have to re-upload every image from my phone as my network is 100/30 mbps
• Am able to manage my photos from the Immich app and web app (deleting photos that will propagate between devices)

Can I just map the "Upload" folder to that syncthing photo base folder and get parity between my phone and my server? Or do I have to re-upload everything from my phone? Or am I waiting for a feature that doesn't quite exist yet? I noticed some feature discussions about photo hashing and de-duplication.

I tried asking in a discussion on the repo, but nobody answers those much.

Hey lemmings,

I have a headless server that works beautifully. B450 with 2700X and 32GB of micron 3200MHz RAM.

I am currently running Debian 12 Bookworm on it. I am at kernel 6.1, but in preparation for 6.2 or 6.3 being backlogged, I want to buy an Arc A380 for transcoding since they are only 150€ here. Software was fine for a single video stream, but I bought a new house and will have 4 camera streams running. Plus I want to dabble in AV1 transcoding for media or storage of my camera streams

Currently there is neither X nor Wayland installed since it is exclusively with SSH that I do all of my work on it. After I install the GPU, I was wondering if it is possible to not even install X or Wayland since I will literally never use a display on it?

Would I still be able to do Jellyfin and Frigate transcoding without an X server? If I have to get one, does it matter if I choose X or Wayland for hardware transcoding?

Thanks!