 Welcome to a solo episode of sorry so solo episode I realized any in the title it just says episode 124 it's supposed to say the homelab show episode 124 so I will fix that for those of you going what show is he talking about with technical debt the homelab show so we will actually fix this live maybe pause because I'm like where's the rest of this anyways welcome unfortunately I didn't want to risk it I didn't want to reschedule or changes because it would have caused some conflicts Jay was unable to make it he had something come up and well things happen and we have sometimes to make those things a priority. So he is unable to join and by sheer coincidence the other backup plan was unable to join because they're live on another show so welcome and the topic isn't going to change because the oh actually he may join me in just a moment I just found out. All right cool he's got my link if you want to join but back to the topic at hand here first a little bit of housekeeping we still are working on the sponsor thing so you are in luck you don't have to listen to me read some ad but we're closer I'm working out some deals on that but thank you for those who reached out and there's still opportunity because we haven't settled on exactly what we're going to doing. All right there's the housekeeping part of this. Now I want to start with before we get into the main topic of technical debt and it's going to be a few updates that came out and I believe these are important to the Home Lab it's kind of a new section we want to add and it's essentially to let you know that there's some cool things coming. The cool things are new version of TrueNAS the release candidate I just did a video on the beta of it the beta is shockingly stable I have a few systems I loaded with it. I know TrueNAS is well loved in the Home Lab and this is all TrueNAS scale beta some of you may have heard and I need to do an updated because I did a video about there is a future for the free BSD version although it's kind of being sunset. They've made it a little bit more official that they're essentially sunsetting it they're just not enough demand for the free BSD version and also directly related is this new beta of scale that has come out has those features in it that people like myself have been kind of you know not happy with that they didn't exist in scale which really comes down to the handling of the art cache they realized pretty quickly that this was a problem but not the problem they thought and what I mean is if you go through and read in the forums Chris Moore head of the department head of essentially the programming and everything that goes on for TrueNAS scale. So hey you know we thought this would be harder to do because there was allegedly a lot of rumors that you couldn't use the same BSD code to make this work in scale but it turns out it works and that's the good news. So whatever was making that incompatible is not really the issue so good news for all of you that are on the fence of whether or not you should switch your core machines over to scale because of you know that issue that I mentioned right there. I also want to do possibly a separate video on TrueNAS scale but without needing the applications I bring that up because some people go I don't need the apps this is certainly customer use case for us and I want to see if there's a way or if there's even a need for me just to say I don't want to disable any of those apps on the back end and I actually think if you don't choose an application directory and you don't even set it up it doesn't run any of those services. Therefore freeing up some more resources to not be used on things you're not going to use although I do really like having met data in there so it's kind of a trade off of you would lose access to that and I do think that's a good app to have on there. But that's the TrueNAS update the next update is the folks over at Unify their latest release bring some extra enhanced functionality. This is something interesting about Unify is there's so many more features that the hardware can do but the software lags behind and just hasn't gotten around to. So this latest 8-1 release actually turns on features that people have commented many times this has been you know of course the absolute audience I'm talking to here the homelab audience we poke and tinker at things we take them apart we start coding them we start modifying them to our own needs. And one of the things that people have frequently pointed out is hey I can actually make the hardware do more than the software can do and I'm like yeah that's absolutely true. The problem is the moment you start using the interface again you break all the changes that you make and they don't necessarily survive updates. Well they're finally coming up with things like ACL OSPF and several other features that are going to be in there so they're getting those more advanced features that people I don't think look at Unify for but it's kind of cool that they're getting there with it. And I think that's a really good thing you know I like to see more competition in these ecosystems and Unify compared to some of the other large companies makes a relatively affordable device that has a nice UI on it. I say nice UI there's always someone going why do I even need a UI shouldn't we just do this all from the command line yes I know there's the command line people those people I'm definitely in line with so to speak. I just know what the I think about things from the bigger ecosystem and realizing not everyone has the time to learn to command line because they don't want to do this as a network engineering project. They want to get things configured so they can pursue the next project they want to pursue or just a hobbyist it kind of figures out you know lands on where you want to be as a hobbyist in this but you know it's one of those things that we kind of like to talk about here. Some some of those updated softwares out there. Also Christian lemba did a video on net bird so maybe you have seen that it's been on my to do list for a little while looking around around me so I know there's a couple net bird stickers that are actually sitting on my desk one of them is now on the one of my cabinets behind me out of view but I have a few net bird shirts because I've been interacting with them I've been testing it in the back end I just haven't gotten around to tutorial but for those of you asking for a tutorial. Yes there is a tutorial available over from Christian lemba and it was a sponsored one which of course brings up the people discussing whether or not there should be sponsored posts but as I mentioned in the first few minutes of this. You got to have some sponsors in sponsors are kind of needed because that's what keeps the lights on it's not the YouTube ad revenue that is for sure they do not treat us kindly if you will it is kind of the ebb and flow especially when you're creating deep dive technical content. It's not going to get the views that general advertisers want so we got to have to look towards sponsors to make that work. I also seen a tweet and I have not validated this but the people from true charts have talked about that they've fixed the compatibility in there and I just seen it because I know there's I know it's not related but someone someone has a similar name in there. In the comments that made that kind of triggered that in my mind because when he first released the beta of the latest version for true nas scale I know there was some incompatibility that I noted in the forums and I guess that has been addressed. This is always the cat and mouse game when there's a new version third party support in the true nas scale ecosystem seems to take a little bit longer if those changes that they have between versions are breaking changes for the dependencies that they have. So good news is for those of you that are you know hoping to use true charts or continue using it now you don't have to wait on the beta I did see them tweet that they have now addressed some of those issues so I think that's all the updates I have to get out of the way there. But I feel they're important let me know in the comments down below if there's something you like and as always and I'm going to throw this up on the screen for those watching a live show. But feedback at the homelab dot show that is how you can find us or get to us because we do like hearing from you and the weirdest thing is me and Jay delayed for a little while posting that we were going to put this feedback on there because we're like oh we'll get we'll get flooded with emails turns out we get almost no emails from people. So having it out there apparently people don't like sending emails. I wonder if it's the double edged sort of people don't like sending emails because they're afraid we're going to spam them or put them on a list somewhere which by the way me and Jay do not do that because we are also people who do not like putting being put on the list of things. All right. I see someone else commented tinkering around is not the goal for production and business. Well it's not the goal for production and business this is true. This is why we have homelabs or I should say or I love this quote where everybody has a lab some people also are lucky enough to have a test environment to. But yeah spam is definitely bad. So but don't worry we're not using feedback at the homelab show to collect anyone's email address. We will accept we don't really have any special filters on it so other than it goes into a specific inbox. So we I mean I've seen very little spam coming towards us which actually is the shocking part to me. But maybe people don't emails because they're worried about the other way happening but we do like hearing from you we do like answering all your questions. Now on to the topic of technical debt because this is where the challenges come in. I'm going to start with where I started really thinking about this a lot because there's a good post in my forum. And it's someone asking about our VPNs really secure because they keep seeing in the news breaches caused by VPNs. And what do VPNs have to do with technical debt. Quite a bit because most of the VPNs that you see in the news causing the breaches and the latest has been Avanti and the Avanti pulse secure is kind of a disaster. And I have a LinkedIn post that I did where I just kind of ranted about this and me ranting was not just to rant it was actually because these are some of the problems is the technical debt that these companies carry. Now they do things to make the product look more appealing like giving it a facelift. So we've got this cool interface on it and we're told this is the new Avanti pulse secure VPN. But the reality of it was it's actually the same old VPN system that was sold to a private equity company like 12 years ago. And this was essentially the nuts and bolts of where this comes from. As here is the kernel running in that. And this is from some security researchers all the sites. I'll leave that LinkedIn post. I'll add it to the description for people interested in it. But the current version that Avanti uses of kernel. This is the Linux kernel is from December 2009 2.6 2.32 and December 2009 the version of curls are using is from 2009 as well. Open SSL six years ago. Pearl version 5.6.1 that's 23 years old. And see we have PSQL 9.6 14 so that's five years old. Cab extract 22 years old SSH version 5.3 that's 14 years ago and unzip version six 15 years ago. So the reason this came up as a discussion is people were really worried that maybe even exposing VPNs like open VPN. Or WireGuard would also carry some of these problems. Well that's where you're in luck open source products would be torched if you will in the comments. If someone from one of these large open source companies or one of these open source projects were to package it so to speak on 15 year old 25 I think the oldest one in there was a 22 year old technologies. You would go well I'm not going to use such a project. Now you look at open VPN specifically it's actually gone through in more recent years not one but two full code audits and being that the code is all public it's very on public display they found nuances in there for ways people could have security problems. But a lot of due diligence was done with these open source projects and that is why I don't worry about exposing open VPN WireGuard is much newer. Has also gone through a lot of scrutiny and same thing because it's not built on these really old systems. Now this brings us over to something like WireGuard WireGuard really I'm sorry Fortinet and some of their security problems because WireGuard I don't I don't know if WireGuard is even supported in Fortinet. But people started asking about what about Fortinet what about the problems there and the challenge comes back to they're built on a giant pile of technical debt. So we don't exactly know what's in it. It was only through some reverse engineering we learned what was in the Avanti system but Fortinet suffers from the same thing. These companies get so big they don't want to face that technical debt so they want to keep selling the product. And this is where the ecosystem is so much different than maybe what you're running in your home lab because I'm not saying there's no one running Fortinet products in our home lab there's definitely some people. But when you compare it to some of the modern systems such as the OpenVPN system built into major appliances and even systems like NetGate OpenSense. Untingles probably falling by the wayside a little bit. We'll get too off topic on that. But the technical debt problem really isn't there with these open source projects where there's a lot of visibility and they take the time to refactor the code. It's really scary to people to see all the problems but not realizing they're not facing them the same way that the corporate environments are. Because these corporate environments with their closed source products try to make you believe that they're you know modern but they're not because a business decision was made in most of those cases. Do we spend a lot of time do we head on this technical debt or do we keep selling the product because it makes money. And because as long as it presents to the customer as a working product we can keep selling this working product. Matter of fact when you look at the Avanti problem a private equity firm decided that selling the product for years and years without actually refactoring the code was probably even if you replayed it with all the bad publicity they have today. A winning bet for long term money making so they're optimized not for security but they were optimized how much money can they make for this. Back to why this matters to the home lab let's bring it home for that now you have an opportunity in your home lab and this is something I was thinking about as I just rebuilt something. You're not operating at the same scale usually so you have this opportunity to solve some of those technical debts or test that technical debt and figure out what is a better way to do this. You can really start thinking about it that way which is huge to really land on it and go. All right do I keep carrying along with this old software because it works and I don't want to disrupt people who are also sharing this household with me that rely on my home lab to watch their movies or use their Internet. But that's a minor amount of disruption when you think about it and this is where you have an opportunity to not be that next generation who moves into a lot of younger people in the home lab or just people in general who are wanting to move into a tech career. Home lab is that starting point where you get your you know what's about you if you will how you kind of figure things out how you start breaking things and then go. This is how I want to structure things and you have an opportunity now to really think through that. I've always been someone who doesn't like technical debt I have frequently even though it's in production so to speak in my business environment I've always gone head on and say what can I try that's different there's a lot of risk that comes with that. But I got that confidence that I'm willing to just yank the plug delete the thing copy the data somewhere else build a new system and put it in production use because I have done this so many times in my home lab. Before I even make a video I have torn down and reloaded shrewnass so many times or done some process and shrewnass such as my recent videos about setting up NFS shares so repeatedly that I'm not even having to read any context menus it's almost like an autopilot thing. You get good at it so this allows you to build that muscle memory as you do it and then not have to think about it because the worst thing you can do is build your lab once and not understand or not take good notes and how you build it me and j. We've talked quite a bit about this where you should always understand how you built it and be able to repeat that process your data should be sacred. We'll definitely agree with that but the structures that it's built on should be repeatable should be easily rebuilt. And if you go all the way into the advanced world of automation especially when you get something like either Ansible Kubernetes etc. Some of those fun scripting auto deploy infrastructure terraform now you're building it as code which makes it that much easier to rebuild things and that much easier to rip out that technical debt. This is huge these are one of the reasons I love some of the automation but don't over complicate things the complexity is often what leads you into technical debt because you're standing up something that if you're not really familiar with it and I'll for example throw myself here. I have not taken the time to get good or learn Kubernetes it's just not something I use during the day I see a lot of people want to use it in their home labs but unfortunately and this is where the consultant hat gets put on. I see people who create these sometimes overly complicated things and when they fall over they're in full on emergency mode and they start reaching out to people going. I don't really know how all this works so you should always build on that this is what will keep you out of that technical debt and allow you to update because one of the worst things I see and this goes in place especially with things that are popular in the home lab which is going to be anything that you publicly expose such as your firewall or. The VPN on it or more specifically there's a ton of discussion on my YouTube comments all the time and same with Jay we get a lot of people ask us about next cloud and unfortunately there has been some flaws in next cloud. The others unfortunate part is next cloud is not always completely simple to set up it's gotten substantially better and more recent years but people who set it up three or four years ago probably haven't updated it because of the problems they have doing it. You really need to think about that and face it head on and say I need if I'm going to have this publicly exposed I need to really go forward and get this you know get ahead of this technical debt of not understanding how it works. Tear it down build it up as many times as it takes for you to have muscle memory so that doesn't become one of your factors of why something hasn't been updated and why you're carrying this technical debt. This technical debt home lab is absolutely the place you should be doing this. I was even kind of thinking about this and one of the things that I realized is one of my my own technical debt that I planted really deal with this just a backup server but it's been hanging out for about six years and just about I think it's got like five or five and a half years of runtime. Maybe it's five and a half years I looked at it last night either way I've had it I swapped drives in a couple times but the drives that have been there have five plus years of runtime. I'm going to say I got my use out of them and I'm like it's by one churnass core. It's my one old system and I now have to face how do I move I got to move all the data it only has one gig cards in it so all the data on there which is about seven or eight terabytes of data is not going to come off that thing very fast. So there's got to be a little planning put in place I might just pull the drives out and put them in something else and import the drive somewhere else because that's actually going to be faster than you put all the data in at a one gig connection. But over five years a lot of data has accumulated on over five years on there and it's just one of those things you want to I want to address it because looking at old hardware. I've seen someone had mentioned this as well when you start looking at the old hardware you're like yep there's there's a failure point there is the I'm super happy I got five years of use with no errors on a system. Now I'm going OK those are five years on those spinning drives of collecting data is a substantially higher likelihood it's on the other side of the bell curve for happiness and I'm going to end up unhappy. So I'm willing to readdress that I also did this recently as I rebuilt my Bitwarden I realized Bitwarden was built on an older version of Debian and I could have just done the upgrade but it also had some problems with the older version. And if you're you are self hosting Bitwarden you probably run into this problem and you'll go wait a minute. I suddenly have a bunch of errors I can't update because it's looking for a feature of Docker that doesn't exist in the slightly older versions of Debian and you're like yep it does not. So I just tear it down and rebuild it again. This is one of the reasons that I'm always moving if you ask me like what my base OS is for something I'm using it's usually going to be Debian 12 previously it was some a bunch of versions as those have gotten away. But because I've documented matter of fact I have videos on how to set up Bitwarden I thought I'm making a video how to migrate Bitwarden but it's actually as simple as setting it up you just reset it up on a new system and you copy the BW data. Place over just take that data directory copied over to the new system have a great day all the settings all the configurations in there so yeah no problem. You don't have to worry about like what it took me how long was I down for I don't know probably about five minutes. So I was suffered five minutes of downtime because I think it took five minutes or less to copy the data over and then for Docker pull to grab the latest version again and import everything so it's really not that bad. But the reason it's not bad I tested this over and over again I've done videos on how to install Bitwarden and this is one of the great things about virtual machines. Leave your existing ones intact and running don't take them down and to start building things in parallel. I've talked a lot about building like you know XO from sources I swapped the base OS for that all the time because it's become so arbitrarily easy. My config files greatly important to me I don't feel like putting all those settings back in so there's one little config file that's all I need. And then send it over actually to I need the config file for how I built it and some of the parameters in there which are not that many and then the actual config that's got my user and a remote some of the other things in there. So two little config files which the second one you can just restore after you rebuilt XO from sources but it makes your life so much easier to do this. Now the next technical debt that I am facing that is a little bit harder but Jay has solved this way better than me. I wish you could have been here to talk about it because he's done it with an ansible pole script is rebuilding my computer itself. This is your own technical debt because there's a reason I want to reload my computer. There's a bug I found in Flatpak that goofed up file handling. I don't know how to fix it. I don't feel like spending time fixing it. It's kind of a waste of time because I know reloading my system would fix that and reloading my system is actually arbitrarily easy with one exception. I have not taken the time to properly figure out how to back up all of my DaVinci editing software which I think I have figured out. So that is the next one that I have to face. So I will absolutely admit my own guilt here of creating some of my own technical debt but I'm willing to face it. I set time aside as I really encourage all of you to do so in your home lab and figure these things out. Figure out what happens when you reload it, what happens when you rebuild it. Make sure you're at the ready because sometimes these systems will just fail on you and you won't be ready for them to fail. You won't know how to solve that technical debt. You'll be in fold to rest mode which is of course substantially harder to do. So those are kind of my thoughts on it. I see some comments in here. I'll read a few of them in here. I use open VPN in my home firewall and the same at work. No need for all these VPN vendors. Yeah, this is kind of a point of contention. I have a lot. There's times when because of the basic business politics, if you will, where they're like, oh, I have to use this VPN because it has some feature that makes an auditor happy even though this VPN is a lesser product in terms of security. Now there's also the trade off many of these have of security and convenience when you talk about products. Specifically what I mean by that is open VPN definitely going to be on a little bit more of the complex side compared to a VPN where I can just go to a website. I can just, you know, HTTP VPN dot my company name dot com. I can put my username and password in there. It'll magically connect me and I'm into all my resources. Those come at the cost of convenience and security being opposed to each other. What happens is that great level of convenience we wanted there now causes the problem of, hey, they've got an entire database behind this VPN. I wonder if there's a sequel injection vulnerability. Matter of fact, just for some reference here for anyone who sees in this is recently with the 49 again is when you see a sequel injection vulnerability. This vulnerability is not something we don't know how to solve. Matter of fact, we solved sequel injection problems forever ago. It feels like this has been on the OAS list. This is well known and well documented. How to not have a sequel vulnerability. So when a company has it and they fix it and by fix it, I should say mitigate it. The best way we can describe this in cybersecurity is where there's smoke, there's fire, which means if there's one sequel injection and they patch it. There's probably a dozen more that we're going to have that are adjacent to it. It's one of those things like you find a little crack in a product and you know if they've got things exposed in a way that made the sequel injection vulnerability possible in the first place. The only thing they did was stop how we got to that one. Now we just have to as a security researcher find how we get to the next one. And once again, the better factor to do is refactor the code and not have any way for the Web interface to land and somehow figure out a way to inject sequel into the code. Whatever path allowed for that to happen has absolutely been the problem. And this is where once again, technical that kind of leases there. Let's see with a bunch of desktop. I use Deja Dupe to dump backup, wipe and restore with Deja Dupe system works as if I didn't do anything. One thing I do like is the fact that in Linux pretty much all your modern systems save everything to your home. And for example, I use Papa West and Papa West has a way to reinstall but leave your home intact. This is great because this will help that. This is why I said the only problem I really have is like my DaVinci Resolve. Because DaVinci Resolve uses a database and a few other things that I need to make sure I do backups of it, but I need that confidence of restoring it. This is the me psyching myself up and letting people call me out that I still have some technical debt that I need to address. That is definitely something that needs to be done. I will mention this. I took a look at NixOS not really testing on myself but just talking to people about it and reading through some documentation. I think this is a really cool way to do very defined installs. I don't know if it's exactly the right solution for everything because it's got some rigidity to it. But I think for server deployments it may be a pretty ideal solution where you have a very predictable environment where you want that. So NixOS allows you to have a config file that just defines the environment specifically as it should be and then has a lot of parameters around that that let you even roll back. I love it in concept, but this is also one of those things that this is a bigger concept like application locking. The application locking is the or as they may call it allow listing of applications and windows where you say I want to lock down this particular window system to exactly and only the applications are allowed to run. Which sounds wonderful until you try to administer it and you realize there's a lot of challenges and those challenges don't scale well. Matter of fact, those challenges kind of rise up as you lock down applications you realize things just don't work. I know there's at least from comments I've read certain applications and in certain name of like DaVinci Resolve like I run that may make that less ideal for me to operate. But I've also thought about having another computer that just is dedicated to media processing and that kind of solves my problem because my day to day use for things that aren't related to content creation is probably like any of your day to day use where I just use different readers and things like that. So, yeah, that's, you know, it's it would be a lot easier to reload my system in that case I can actually log into most any system. Most of the things I have our web interface that I use to work on things so the what's on the computer matters a whole lot less. Someone says it might be off topic but I'll actually mention this as a topic. Do you know when XOA 6 will be released this is related to the folks over at Zen Orchestra and XC PNG and the team at VATES. So something interesting and this is a complaint and I get completely why you're asking this. They are extremely careful about what they create now because of the technical debt they have from what they created before. If you look at the Zen API if you look at some of the stuff and the code they're working on they're pulling forward and learning from all the technical debt there. That means and this is one of those sacrifices you make when you want to build something with less technical debt you take all the knowledge you have and all the pitfalls that were run into from the previous technical debt which was in XOA version 5 and go how do we build it any better system so that XOA 6 doesn't have it. This of course comes at the delay of getting these new versions out. They've been talking about the new version of the XO store for a long time but they're building it in a way that it will have a long future because they realize in their target audience especially is in the slower moving business market. As much as I may love using XOA in the home lab it's actually really popular in the business market and they're catering and making it more popular in the home lab than it was previously. It already has a pretty big foothold in the business market due to the fact that it was a replacement for Citrix. That being said the business market moves slow. They don't like breakage and business markets don't like change. There's a reason COBOL is still being used. If you want to talk about technical debt well check out our episode with Veronica explains where we kind of joke about it but her background is COBOL programming. If you want to talk about technical debt talk about a company still running COBOL in 2024 and yes there's a lot of them. More than you would expect is what I should say. So that's definitely why they're being so much more careful. It's interesting when you look at projects because this applies greatly to even people who came first versus who came now when it comes to building cybersecurity products. Many modern cybersecurity products have a big advantage of being built on more modern tooling or matter of fact even the tooling that we use in the business management of systems. So the tooling that we use like the what we call an RMM remote management monitoring tool that we use to manage the business and all the thousands of computers that we manage. And it's one of those things like the we have switched what software used because some of these companies that are worth over five billion dollars don't want to get off of the same software they wrote almost 20 years ago. They keep bandating it up. It drags along its legacy of problems. Matter of fact if you've seen the recent vulnerability that was found in Screen Connect that's a product has been around for 10 or 12 years. The vulnerability starts at version zero and it's not something that was found until 2024. It was quite the big deal but it's because that technical debt they carried that one little problem that was created at version zero and really caused a massive cybersecurity incident that made the CESA list here in 2024. There's definitely the business world moves slow. So kind of long story coming back to XOA they're very careful because they know their audience. This is where I do know there's a lot of popularity with Proxmox. Proxmox has been around a while but it's just based on Debian and it's very move fast Linux like I know people have complained in the forums. I don't use Proxmox enough to have firsthand experience. I just know people have asked a lot about this. There have been breaking changes between different versions of Proxmox when they've gone through major release versions. These are just kind of knowns but hey you know that's one of those things that if you want to break away from some of the technical debt that's what it's going to happen if you're not careful. So it kind of comes down to balancing those and figuring it out. Let's see have any more. I think that's about all I have for the questions. You know the NixOS when I'll circle back to I think me and Jay have talked a little bit about this. I can't remember if he's actually used it or maybe we'll bring someone on that's among our friends that has because I think that would make a good topic. I've seen where people talking about NixOS and it kind of goes through waves of popularity. It's been around for a minute but I think it's kind of fallen into hey let's look at you know clearly defining these. So that might be a topic in the future. Security of ancient systems like having a business not having a lock on your door and being yeah it's there is always fun when you have that. Good news is my homelab friends here we have the opportunity to be better we can choose better products we hopefully aren't dragging around as much legacy with us in the homelab. And the the technical debt problem hopefully is less of an issue for all of us. I'll answer a few more questions here. Is there any good options besides uptime kuma for self hosted website monitoring. I haven't found a problem with uptime kuma actually I like it a lot so one of those ain't broke don't fix it. That's why I like it. So I don't know what would be better than uptime kuma but I haven't looked sometimes I admit myself to getting into. Not necessarily a rut but I go this has the features I want so I don't look beyond it because it's not a high priority for me because I don't have a lot of downtime that I'm trying to track. I use uptime kuma to monitor not only my website and a few other things but more specifically all my internal infrastructure and it does a good job. It'll send Slack notifications which I just we use Slack at the business so I haven't sent it there but it'll send email notifications as well. I believe there might be I think there's a webhook option as well so there's different ways to get notices out there but uptime kuma definitely one of those great tools. Something I'll mention I probably should mention some of the updates I'll leave with this the people over at security union Doug Burke who runs that project has done an amazing job of adding a lot of new features to it. I do want to readdress that that was an early episode we did on security union so if you search my YouTube channel you'll find it but I do want to do a new one. Because they've added more integration for ingesting firewall logs which makes it that much more interesting or product. I think security union is like one of those tools I highly recommend in the home lab not for the security features as much as the learning you will have running your own sim tool. It is how I understand I've run security union on and off at times and it will teach you greatly about how security works. I don't know how to set it up but looking through the threats panicking when you see all the threats then being a little bit less panic when you understand that 90% of are probably false positives because you've turned on too many things. You're looking at too many things but hey it's also really cool to dive into it but nonetheless I think that's a I think someone mentioned and I haven't checked this out techno Tim was on our last episode someone says techno Tim has a video on something called. Gattus G A T U S so definitely sounds interesting I've not personally watched that video but go ahead and follow techno Tim matter of fact if you go to Lawrence systems dot com you'll find a list of other creators that I like and I've been adding to that list over time so if you're. Curious about what our creators to discover and follow and some of them don't have a lot of followers yet and you may not have heard of them because the YouTube algorithm doesn't always bubble up to the top. New creators but trust me these are people that I've really I'm engaged with they have really good content you might be interested in so I just put them on there as a list because these are people I like engaging with I like them as people but I also like them as content creators. Because some of them are also people I've just reached out to and talked to on discord and things like that but as I said earlier feedback at the homelab dot show we love hearing from you we love doing these Q&A episodes and the best way to kick off Q&A episodes is sending a bunch of feedback. You can also post in my forums I will try if you send me a message on Twitter to get through on Twitter has become quite the spam place so I don't talk about it as much anymore I'm still there. I'm just not there is often because of the messages and whatnot but hey it is what it is thank you all for joining please go solve your technical debt if that's one thing I can really impress upon everyone don't be part of the problem be part of the solution. Be part of that next generation of people who are moving into the tech world and not letting technical debt linger on and cause all these security problems we don't need more VPNs in the news alright and thanks.