 Welcome to the Home Lab Show, episode 26, Q&A with Jay. So we're right there. Yeah, the Q&A episode, there's enough Q&A, we wanted to talk about a few things. And this is also, this is the loop of stuff. When we do this Q&A, we get ideas from you of the things that will be talked about on some of the next episodes. And there's been some of this fun stuff. And we have some questions for people who submitted already, some Twitter questions that were submitted to us. And then we will address the live show, people who are joining us here in the audience. So yeah, we like your questions and we have answers and suggestions. And it's funny because I realized we're like 30 or 40 seconds late starting the live stream here because we were started hashing out questions that came in just before this started. But we wanna dive into these topics, but before we can, we have to thank a sponsor of the show and that is Linode. And there's gonna be some Linode answers to some of the questions that were asked here about some cloud stuff later in the Q&A episode. But for now, if you've downloaded this podcast, you've downloaded it from Linode because that's where all this infrastructure that runs this show is hosted. And all you need to be, yep, is also on there too. I pretty much, you know, actually every server, the community forums, the main website, a bunch of servers that nobody even knows I have because I have like probably 10 or 15 Linode instances. Some are just not even publicly available. It's just a really fantastic service and I love it. Yeah, the whole thing is kind of fun because it's an addiction. You're like, oh, I can just build another server for that and another server for that, you know. First you start with the Raspberry Pi problem that Jay has and I'm not sure, besides the ones in Iraq, Jay has a collection of Raspberry Pi's. But then you go, you know, I can spin up just as many cloud servers with Linode and Jay has now done that as well. Yeah, I mean, it's really great for me not only because of the infrastructure, but sometimes when I want to do a tutorial, I mean, if I'm already logged into Linode, I'll just create a Debian or Ubuntu instance and I'll just do the tutorial. Or I mean, obviously I could use a server that you gave me but sometimes it's just like, click a button, Ubuntu, Debian, got it, you know, I do the tutorial, then I delete it and then I pay pennies because I, you know, hasn't even been up a full 24 hours. Yeah, and it's actually a really cool thing. They also have the pre-built servers which are really cool in Linode. I definitely like that as an option when you're setting them up because I wanted to test something and I was like, I don't want to, I cool there's instructions how to load this, but I'd like to do this one click and the app store is really cool for that. Yep, that's a fun stuff to try out there, even next cloud. Yeah, even next cloud, you want to spin up an instance? Great, get it working and then poke at it, reverse engineer and then delete it and start over and learn it from scratch. And to do all of that, if you follow our offer code, Linode will give you $100 in credit to get started and playing with next cloud or whatever other many tools that we've talked about on here. And, you know, you didn't choose to an SSH video, build a Linode server and test it with SSH and it's an easy way to do it. So use our offer link down below. If you guys are watching this on YouTube or wherever, just let us know what you're using your Linode servers for. Brownie points for the most clever ideas. I want to definitely see if you guys are up to it. Oh yeah, leave that in the comments. That would be really cool. So thanks Linode for sponsoring the show and let's jump into the Q&A. So what was the first question we have today, Jay? That was the one, if we're going through the Q&A submissions through the website about NuthServer. Yeah, so this is an interesting project and it's not the first one, NuthServer, N-E-T-H, right? NuthServer.com, someone asked us about this. Now, there's been over, yeah, there's been over time lots of these all-in-one Linux servers that are pre-packaged. The one that's more famous to me that is very similar and it is actually backed by Hewlett Packard now, which is interesting. I believe they give you some type of discount if you buy Hewlett Packard servers, but they're all-in-one Linux systems that are supposed to replace and they're really modeled in my opinion after, for those of you that have worked in IT for a while, the Microsoft Small Business Server packages, where Microsoft would do this all-in-one server that has all these features you need in one place for email and firewall and centralized management of all the users. And when you create a user in here, it creates them in all the other parts of this. So it'll create a file share, a home directory, a mailbox for that user. These are kind of neat, but support for these projects. There's been a lot more of them besides ClearOS that's supported by HP. NuthServer is just one I heard about recently because someone suggested to me, but I'm always a little leery of their integration because they're packing a whole lot in there. And depending on how their business model is, will they be able to support this long-term? And is it a viable product that you'll actually get support, proper updates and packages for to keep it all secure? It's kind of nice because it's turnkey and you don't have to learn how to integrate the products together, but that other side of it is that is a very complicated thing to maintain and you're talking about something that also is advertising and it should be on the perimeter of your security. As in it should have your mail and firewall is one of the suggestions in here. That means if there's a flaw in one of these pieces, it can be very problematic for you because it's all in one device. The concept to all the one device is exciting but has to be done with a very high level of support and security to make it viable. So I don't really have time to review those type of servers because I can load them and I'm sure it works as advertised because they said there was a lack of tutorials on there but you won't find enough people running it in production or I wouldn't be willing to put this in production with enough confidence to really do a solid review on it. So you'll probably just have to rely on your documentation for reviews but me and you are skeptical of this. I think she's gonna share thoughts on skepticism on this too. Yeah, I mean, I have a lot of thoughts on this. I mean, on one hand, I can understand a turnkey solution because sometimes, especially if you're working on building a bunch of servers and you have yet another project that's landing, then yeah, if you could just get that project done real quick with a turnkey solution, I could see the appeal there but also I feel like we're creating the same problem that we have with Windows because this reminds me of the server manager in Windows where you have this console that comes up, you just check the boxes, you want active directory, you want DNS, whatever it is. And there's nothing necessarily wrong with that but it's just like, it's an all in one, we don't know how a Windows server works under the hood. To be fair, we could probably dive in and find out how it works under the hood in terms of net server but it's still, they try to abstract that from people and it's also not a audience fit, at least for the majority of our audiences because our audiences generally wanna know how does it work, how do you set it up? And if it's a turnkey solution, that doesn't really translate to a video because it's just, here's the installation process in a review, it does the rest for you under the hood so there's really not much to talk about. It's not really exciting content. But then as you mentioned, it's an all in one solution which is a benefit that that's also a con because if someone gets into it, they have everything. I think it'd be kind of interesting to, obviously check the terms and conditions about whatever platform you're using but just make it like a honeypot, just make it publicly available, completely segregated from everything else, just see what happens, right? Does someone get in, do they completely own the whole thing? It'd be great as a honeypot if nothing else. Well, and this goes back to anytime they build an appliance based solution, you are also really restricted to the designer of the appliance and how they want you to implement things. I bring this up for TrueNAS. I've had people say, well, I don't like the way TrueNAS doesn't let me do these really advanced specific ZFS things that I need to do. And I'm like, then why would you use TrueNAS if you need to do something that goes outside of that? Same thing goes with PF Sense. You absolutely can build your own firewall on BST and not use PF Sense. And I've had people tell me they wanna just control all of the command line and not use the whole UI that's provided by PF Sense. And if you try to modify things from the command line and bypass the way the package was designed, both on the TrueNAS versions or the firewall by PF Sense, both of those you run to the same problem that because these are packaged OSes, you are restricted to use it the way they intended. That gets amplified dramatically when you build something like one of these all-in-one servers because there's a lot of pieces. So if you were to touch and modify something in Samba, the automatic user creation process may not work properly or the way you want. So if it fits the need for you top to bottom as is and you don't plan to go to the command line, that's probably a good thing and you can possibly use it. But these are the considerations you should have going into it. And I've actually serviced a couple of clear OS systems that seem to be popular with a few school districts. We did some contract consulting work. The updates broke a bunch of permissions and because this was actually kind of suggesting about how you don't know how it works, they were saving money on Windows licenses, they thought by using it, they ended up spending a lot of time because no one knew how to go into a command line or SSH into it to actually fix any permissions. They were very lost on it. And when the update broke the permissions, there was no way to do like recursive permissions all the way through. It actually was weird when the update made it create new users. So I had to reassign a bunch of users and home directories to unlock a bunch of files. The update just didn't go well and the support people weren't very support oriented is why they ended up calling us on it. Even though they had a paid license for it, they support people saying we don't know what's wrong. I realized it was just reassigning users in the wrong way. I was able to fix it for the command line, recursively change all the permissions and get it up and running for them in a functional way. But interesting nonetheless, those are our total thoughts on that because it is a question I'm positive will come up many more times. Yeah, another thought I had too is I start to think about the HomeLab audience specifically and there's several different reasons why someone creates a HomeLab. It could be because they don't trust Google or whatever they want to roll their own solutions. It might be because they want to learn how to do this stuff, how to build things manually. And that's a great learning experience. I kind of feel in my opinion, let me know if you agree or disagree that the majority of the HomeLab audience, a large percentage seems to be the people that want to learn and do the stuff on their own and find out how these moving pieces work. And I feel like something like NetServer kind of takes that away from people because then it's abstracting things and they're not really learning as much. So I kind of feel like for that particular audience it's just probably not gonna be something that would be up their alley. Yeah, so those are a good point to if you're into the nuts and bolts of things this probably isn't for you. The next question was about syncing and true NAS scale. Yep. So, let's see. So I had answers on that too, actually, unless you were just about to say something there might be an idea in a way, sorry. So I mean, it seems to me like the question is kind of like where do you install Sync Thing? And I think that this is one of those things that can be, it's something like you're given this tool and it's really awesome. Okay, but where do I put it? Where do I install it? And anytime I go over Sync Thing I talk about the, syncing things in the middle and all the other nodes connect to it but what in the middle do you install it on? Now, personally right now I have it on true NAS as a jail though the built-in plugin system I'm probably going to take it out of that at some point but spoiler alert, Tom and I are gonna be working on a little project here. So honestly that might go a completely different direction but one thing that I often get annoyed by is that when you have these jails or these plugins for any solution it's not just true NAS is it maintained? Is it updated? Maybe? Maybe not. You could have all your nodes on a very new version of Sync Thing but the main server in the middle is on a very old version. So one suggestion is to run it run your master Sync Thing node as a VM. Now hold on a minute that takes away from true NAS and the versioning and all that but actually it doesn't if you really think about it because you could set up a virtual machine that just runs Sync Thing and has almost no storage but if you have an NFS share on your NAS and your NFS has versioning then you could actually have your Sync Thing data on the NAS and use something like auto FS to ensure that that volume is always mounted. Now Sync Thing has built-in protection so there's some file that it creates I forgot the name of it and if it doesn't see that file in the share it assumes that everything went wrong and it won't sync and the reason why that is is because if you have a mounted file system and for whatever reason it doesn't get mounted then you essentially have an empty directory and you certainly don't want an empty directory to sync back to all your other nodes. So Sync Thing is smart enough to say hold on there's a file that's supposed to be here that I created it's not there now so I'm not going to sync you need to fix this so that kind of protects you but auto FS will keep it mounted and then you could still benefit from true NAS ZFS snapshots and things like that that's a great way to do it but depending on how our project goes that we're working on next week I might actually use the true NAS scale version so I think at least on my end I'm going to have more to say about that in the near future. And to add to that one of the videos I've done is instead of using the repository of the jail and relying on the version they install Sync Thing I have a Dunder video where I talk about how to manually build the jail and then load Sync Thing within it one of the cool things about Sync Thing is it has its own update mechanism so if you load it manually and enable the update mechanism which I have a tutorial on that means Sync Thing will always be the latest version and the jail is independent because you're just using the standard base BSD jail and you don't really have to install much in it because Sync Thing is self-contained it doesn't need a proxy in front of it it doesn't need anything else so you can build this very minimal jail with the minimal amount of services in it and then load up that and then you map your storage in these are both with the way Jay said it the way I said it are valid design methodologies depending on how you want to achieve things to me it's a very lightweight way of doing it and then Jay's going to have to show me this is probably the reason see me and Jay are collaborating because Tom has a knowledge gap on how to map storage very well in Kubernetes and Docker so when we move over to TrueNest scale I want to be able to repeat that same engineering of Sync Thing that I know how to do in free BSD to make sure I understand the proper way to do it and map storage so that's why Jay is very familiar with Kubernetes Docker and storage mapping and that's the basis that is based on TrueNest scale so when we do these conversions which is going to be a series upcoming series of videos and me and Jay will physically be hanging out and doing this to get it all right we'll have other opinions coming on that of how to do it in that other environment I think that's actually the heart and soul of what I love about HomeLab I think it's the heart and soul of HomeLab itself where you have a solution that you want to run and there's all these different ways that you can run it and different configurations and layouts and such that you could just use your creativity what's the easiest, the best, the fastest you can experiment, you can just tear it all down build it a different way, see how it reacts there and I think that's kind of what helps us learn these things because with HomeLab we have essentially an almost like enterprise network but we don't have a bunch of users that are using it that are going to get mad at us if we break it, we'll break it on purpose, fix it repair it, move it on a different server maybe create it as a virtual machine compared to a jail this is what makes this stuff fun for me Yeah, absolutely now speaking of fun one of the fun things we have to do is vet projects first you discover them on just a ton of different places either from audience suggestions or people on Twitter suggest a project I find it in literally Reddit or HomeLab or Reddit open source or anywhere you can find open source projects stumble across it from a GitHub but there are so many projects out there how do you decide which project is the one you should go with and I know I'll start with I always look at the security aspects of it but Jay probably has a little bit more in-depth answer on this he thinks a lot about this this was a good discussion we had last night that we want to bring to you Yeah, the selection process is really hard for content to be honest because there's all these different avenues that I have to think about and one of the main things is that I don't want to I don't really want to make content that's being played in an echo chamber I want people, I want it to benefit a lot of people I like it when people tell me this video was really helpful thank you, this was great but if I make a video that only a few people are really interested in I mean it's great that I help those few people but the amount of time I put into a video I just want to know that there's a demand for it and sometimes it's a gamble sometimes I'll just make a video and I don't even know if there's a demand for it but I'm about to find out and some of that pays off and some of it doesn't so trying to predict what's popular and what's not is a rabbit hole in and of itself a lot of times it goes along with difficulty so I have to have a certain variance of difficult videos to record and easy ones if I do only the difficult ones then the content slows down to a crawl because a difficult video could take me three or four days to do as an example the easier videos like yesterday I recorded six videos in one sitting because it was like six things I knew about off the top of my head like oh my gosh I didn't even go over this yet I really need to make content about this and I just sat down recorded six videos were done but then I did a video and I just finished it for Metal as a Service Mass it took me a week so it really depends on the timeline of how difficult it is and I don't want to pick only the easy ones so I do like one hard video a couple easy ones they have a variance there another thing too is if I'm already using the product it's really easy to do a video on it and because I already know I already use it but then again it goes down to the audience what they want, what they're looking for what's of value to them and I try to have a balance of not making it too hard on myself but also making things that people want to see I think that's generally my process so there's not much of a process necessarily but it's just this thought process I go through every time someone suggests a video you should do a video about X I think about okay, what would that be like how many people are gonna like that video potentially and how long is this going to take me does it fit into my schedule and then there's like this planning process that I go through at the beginning of every month where I plan out the videos for that month there's, it's still not the easiest process that's no I guess I could summarize it too long didn't read or whatever it's not much of a process it's just a thought process that kind of goes over and over and over again where I decide things and sometimes my decision to do a video is down to impulse like I just discovered something so awesome I can't stop thinking about this because it's so amazing I need to do a video about this right now the fate of the world depends on this video if I don't do it, it's a bad thing okay, I'm being overly dramatic but basically I get very excited about it and then I feel like, well I gotta do a video on it because I'm not gonna be able to stop thinking about it until I do it sometimes I'll hyper focus on a particular topic Yes, that is definitely the over focus, over obsess that's me and Veeble suffer from that we dive deep and just take some time and dive like days into it that's how like WireGuard and things like that when I chose to do my how to build your own WireGuard server that's a lot of learning I just sat down and crammed for two days and made sure I understood everything WireGuard so I could simplify it into a not two day long video Yeah, it's the eternal struggle, right? We love making content and I feel like you're probably the same way when I say, I wanna do videos on everything I want everything I wanna do like 2000 videos on all the things I care about but honestly there's only 24 hours in a day I'm only awake for a little less than half of that so unfortunately there's some videos that I really, really, really wanna do but when I order them in terms of preference they kind of they're lower on the list and then I think this medal as a service video took me about a year to get to it honestly it's been on my list for a year Yeah, next question is, hey guys of the podcast I am a new to HomeLab and been learning a lot I bought a new house I wanna start building my own home lab I am struggling but if I could build my own servers or I should get a pre-build like Synology Build it or buy it is the eternal question and the answer sometimes is both and what I mean by that is maybe if you don't know where to start at all starting with Synology is nice because you'll get further faster because it's very turnkey offers quite a few services and then from there you'll decide whether or not you outgrow it you want to get more into the nuts and bolts of things and you go, you know the Synology is not as flexible it offers a lot of pre-done applications that I can just turn on and use like Synology Photo and it's awesome it works but I wanna build my own I wanna learn Samba I wanna learn how to build shares in a more manual way you can build virtual machines inside Synology so it offers you that extra flexibility but I would probably start there because there's also nothing more disappointing than buying some used server and not understanding how to even load it not having the time to load it and having a real lack of sense of accomplishment because you're going I don't even know how to get this thing turned on yet so I don't know where you are in your skill set but I don't see a problem with in having both of them and I have both devices here we do a series of Synology videos they're always weird for me to do because they're so much less complicated my Synology videos I almost feel like when I make them even 20 minutes long I'm like I'm not sure how to make them 20 minutes long so much that this is very, very turnkey which is nice versus some of the more complex projects it's trying to figure out how to make them less than an hour long but either way I think both are valid both have a strong use case that comes down to ultimately where your goal is and we don't know what your goal is or you're unsure of yourself technically starting out with a blank server can leave you with a screw this I'm not gonna do this anymore because this was really hard and I don't feel a sense of accomplishment because I couldn't even get it to boot so I don't see any problem at all buying something that's very turnkey Synology especially because maybe you decide you don't care about the hardware and building things like that maybe you wanna be a software developer and then you just load some of those utilities onto the Synology and it's a great place to keep all your software and build things and you never care about functionally building a server from scratch I think that's the main I think that's an important takeaway there because this is a very personal question because each of us we have a home lab for a very different reason if you are the type of person you wanna be a storage admin you wanna learn all about iSCSI all about NAS all about those different things then you absolutely should build your own because you wanna learn how those things work but if you just gauge your interest level for example, if you are all about virtualization but you really don't care about storage just kind of think of it as a means to an end you just need somewhere to store things but you wanna get that VMware certification or you wanna learn Proxmox, XCPNG then you should focus on the virtual machines and then just get a turnkey solution for the storage if that's not something that you care to learn so if you really look at the interest level that you have you'll find that some things you really wanna learn those are the things you should do more manually and the things that you don't care about then you're not going to dive into those things now me for example, I really don't care for databases now database admins they make a lot of money let's just say that and there's a really important skill to have there but for me a database server is a means to an end for me I just wanna know how to secure it the best practices for how to set it up so I don't do something silly and get it owned but I don't really wanna learn all about SQL and the structure of the databases I just want a database give me a database and I'm gonna focus on the other things so when you're building a home lab just think about the things that you find interesting and fun and those are the things to focus on and just get turnkey solutions for the things that you really don't care about I learned some several different database languages years ago a lot of information has fallen out of my head I understand it and I understand even better that I should pay someone else to do it I learned that in college I took a database class actually as part of my degree and that was the main thing I learned in that class I don't wanna work on databases Yeah, I used to do what was it the Windows was it Microsoft? Microsoft SQL but for SQL they have their basic Microsoft DV system Access Access, I learned Microsoft Access then I went into and learned a UNIX one called Progress and I got good at doing progress queries it's a really archaic as from the 80s and was still in use in the manufacturing places that I worked so I did it but yeah that information has kind of fallen out of my head since then I don't I understand functionally how to do it but I can model my way through my SQL but like you said it's I don't have a passion for it so I kinda outsource that Now this is not something we have on the roadmap right now because me and Jay both scratched her head at this question a little bit of what's the great Google Photos alternative? Synology Photos is the easy answer and I've done testing with it and I'm still testing with the new version of it so I'll have an upcoming video on that but all these other companies out there trying to do something that's similar to Google Photos I haven't I've looked at them very briefly not in depth I didn't feel through my brief looking at them that any of them were up to actually being a replacement Google Photos is does set aside any privacy concerns or things you may feel about Google is a really feature complete product and it's a very hard to say what's the Google Photos competitor because boy that's not an easy task especially when you talk about the indexing and object recognition now go back to you wanna self-host something like that well that gets a little bit tricky as well and it's something I will eventually look at after I'm done looking at Synology Photos as I'm doing a longer term review of Synology Photos so I actually switched to it I still actually have simultaneously using Google Photos for some things and Synology Photos for other things they're including phone syncing and everything like that so I am working on a long term review of that specifically but of course then someone's gonna say well that's proprietary and tied to Synology yes you have a maintainership of all of your data with Synology Photos which is nice but yes it is a specific you have to have a Synology to do it on the other people that asked about I'm sure my name is from here one was called Leachie Libri Photos and I don't know how to say it but PIWL or PIWIGO here we go I don't either I don't know if that's teleported I didn't Google that one specifically but I've looked at some of the other ones briefly and said that looks cool I don't know well at some point that may be a future topic me and Jay will dive into but at this point there's nothing on the roadmap because we don't know anything about them enough to say we do it and also like Jay said and this is something that's true for me for most things I can just dump photos that I don't care about indexing like hey here's my vacation photos they're in a folder labeled Vacation 2020 September that we and I'm happy just to have them in a pile I don't worry as much about tagging and indexing them so sometimes it's not really a use case type thing but I may dig into it I know the question's popular and I get the premise of people wanting to index and organize them in a more concise manner So on my end it's pretty much what you said but just to go into more detail I understand that my solution is gonna miss out on a lot of the features that these solutions provide you with but my solution works for me so some people may or may not know this but inside your I believe it's in the dot config folder in your home directory there's a file called user-durs.durs, D-I-R-S and inside there it's where the session it's where you tell your session where your folders are like your desktop folder documents music pictures and whatnot So what I do on my end is I have AutoFS mount my picture share from TrueNAS and it keeps it mounted and the user-durs.durs folder it's actually mapping the session pictures directory to the mounted directory so when I click on the pictures directory in my home directory it's actually going to my TrueNAS even though it looks like it's in my home directory and the reason why I did this is because I take a ginormous number of pictures and it got to the point where anytime I sync pictures from machine to machine so they used to have sync thing do this it would take hours to get all the pictures downloaded so they're already on the NAS and that's where I keep them so anytime I click on my pictures folder I get them and I have the folder arrangement like year and then you know month, day and then the title of whatever it was like vacation photos or something like that so I can get to them very easily now obviously you're going to miss out on like the object recognition and things like that but one benefit, I don't know if it's a benefit it's actually kind of a detriment I don't get out much nowadays as I think most people don't so normally what I could do is just VPN in and then I can get access to my pictures obviously that's not going to help me share it with other people very easily but for me it works just fine but I could totally see that there's a use case for something that's easier especially if you have family members you want to share your folder, your files with but this solution works for me and maybe I might be interested to see what we come up with when we look at this topic because maybe I'll change to that possibly. Yeah, there's a lot of them out there and I want to address this real quick people think I was missaying Postgres No, no, there is a data language called Progress it's old and there's a Wikipedia entry for it that it started in 1981 so yes, not Postgres, that is a different one it is actually called Progress Software and it was part of the basis for some database stuff way off topic, I won't get in there it was all run on an IBM AIX server yes, I used to be an IBM AIX server admin version back probably would have been on version four so that I used to admin so yeah, that's been a while so you know maybe there's some interest in it Tom will make some video I don't like to do videos or just like about me I like to train people on things but a lot of people do ask me if there's enough questions about it I'll do some type of like history of all the weird things Tom did and worked on I don't know if there's any relevance to it but I have no problem answering a question it's something where to put that answer because it usually just gets asked in the comments what is the best way to VPN into a home lab with a dynamic IP address? Oh boy, that's a rabbit hole you know if you look inside of we'll use PF Sense as an example but there's plenty of other firewalls that have this built in but PF Sense offers connections to services like is it no IP and about a hundred others that it has in a long, long list whichever one works for you there's plenty of those dynamic DNS services that will auto-update Azure IP of trains so you can create my custom DNS name.no I think it's like .noip.com I haven't used one of those services in years so I'm not endorsing that particular one I just remember it because I remember using it forever ago it may not even exist now I think it's still on the list but there's plenty of those type of dynamic DNS services out there that will dynamically change your DNS Azure IP changes that's the simple easy workaround someone suggested duck DNS and there's like I said there's definitely plenty of them out there that offer that as a service There is and that's an interesting question too because the next level of that question is well, what if I want access to something from the outside and how do I name it? How do I map that? Now one thing that I think is pretty cool in a recommendation of mine is to use C names so if you own a domain this bi-domain 10 bucks or whatever they go for now and you could actually create a C name for your dynamic DNS name so if your dynamic DNS is like user 127510.3 at or .duck DNS or whatever it is you get this long URL you can just create a C name for it with your domain so you could call it like VPN.mydomain.com and that's just a C name to your dynamic DNS and one benefit of that is if you change dynamic DNS providers you just change the C name you don't have to change your configs but another benefit of that too is that if you want like next cloud to be publicly available I mean you should probably not do that unless you really have to but if you really wanna make something publicly available then it could be nextcloud.mydomain.com which is also a C name to your dynamic DNS and then on the front end of your network you can have a proxy looking for oh the request is coming in for nextcloud.mydomain.com I'm gonna send that individual over to the server so that way you can kind of abstract the dynamic DNS and not have this ridiculously long name that's hard to remember and you could just come up with your own naming scheme by using C names so that's another level you could take it to. Yeah that's absolutely easy way to do it and the one other thing I'll throw out there and I've talked about this is using an overlay network a couple of examples is gonna be tail scale and zero tier when you don't wanna even bother messing with the firewall or if you're in a worse position so to speak where you can't get a public IP address because you're behind carrier grade NAT people who live for example in the northern areas of Michigan that's generally how a lot of the ISPs have all moved to is CG NAT so you don't even get to open up things in a public IP space that's where these other overlay networks are another option to it's not exactly the answer to your question about how to deal with the dynamic DNS but it's how do you deal with that next problem of I don't even get to have a public IP address so that's that's the thing. So I think that's the last we have on these questions you see any more Jay or can we move on to one more? Yeah there's one more just like a clarification about my career move because I mentioned in a previous episode that I've decided to resign for my day job and then my business becoming my only job and of course the reason for that is working two jobs is hard and I'm losing energy as I get older I'm not a 20 year old anymore I can't really keep up with that so there's a couple of points that an individual brought up and one of which was that that I gave up corporate management for YouTube and I wanted to give a clarification there the YouTube side of things is the side of my business that people see in the public but behind the scenes what a lot of people don't know is that there's a managed services thing that I'm working on I do consulting for companies so there's different revenue streams and the YouTube channel is just one of those there's also book revenue for example as well so it's not like I just want to clarify I'm not a full-time YouTuber although I'm going to continue doing YouTube as much as I have been several videos a week that's not the primary thing and also when it comes to giving up corporate IT or working in the corporate technically I have my own company so yeah I own it but I'm still kind of working in corporate IT but it's not a corporate company right now but I might be hiring people but what I thought about doing and what I think I will do I think a lot of people will probably be happy to hear this is I want to do some career development videos just where I talk about certain things I had an individual reach out to me once and he asked me should I apply to this job at this company when I don't have all the qualifications so I had a conversation with him and let him know that yeah you should apply that I've never seen anyone check all the boxes when they're hired so there's all these different topics about job searching getting a job in IT preparing for an interview and things like that I've been through so many of these interviews there's like nothing more for me to learn in corporate management in IT so now it's time for me to give that information to the people that need it and I think that's a better benefit for everyone than me just working for someone else and I announced earlier well not I think maybe a month ago it's been something that happened earlier this year but was announced publicly on the channel not the on-go where I've dedicated more time as well because I used to work in corporate IT we still have my business I'm still physically legally is probably right physically I own this place that's not tangible legally I own this place and then I have Brett running it so I can do the same thing like Jay me and Jay spent outside of this podcast me and Jay obviously talk a lot because we do want to collaborate on a couple of big ideas I'll give you a little hint because I am do a video me and Jay even do a video together on this I don't know we do have an idea to create an open source very secure documentation server so based on existing technologies that's the thought process is still being put together on that so more news coming soon on to the Twitter questions now all right now hybrid cloud someone says what do you think and one of the things is I have a hard time with a fuzzy question so I did reply right away to do you have a more specific question and this more specific question is what features or benefits would get people with homelabs to try it out more what do you think the biggest drawback is of hybrid cloud I'll let you take that one Jay a couple of so there's a couple of things I mean one of the I think the hardest entry point for most people that I can see is like the hardware side of things because they're like you know what do I buy you know what's the power usage what model server do I get how much storage do I need what about the RAM how many servers do I need versus like having one server that's everything or having multiple servers that you know the services are spread out but I feel like when it comes to hybrid cloud you know what do I think about it I mean I think it's a good idea depending on how it's implemented because I'm not of the train of thought that when you have a homelab everything needs to be in your homelab you're making a decision as far as what's going to be internalized and what you want to roll out on you know a cloud platform so for example you could have offsite backup on a linoad for example or a next cloud server on a linoad but you don't want your local network to be infiltrated so you have your more private things behind your NAT now the biggest drawback of this is that is pretty much always security because if you don't allow any of your servers to be publicly accessible then unless there's a vulnerability in your router or something like that you're reasonably protected obviously you should still have a firewall still have backups but if you put something in the cloud then everyone is going to try to get into it it's just the way it is you have bot scanning for things port scanning going on it's alarming at first when people look at the log files for your server and you see all these password failed attempts and things like that oh my god I'm being I'm under attack well no it's just business as usual it's just noise from the internet but when you have have things in the cloud you have to think about it in terms of okay well I'm responsible for the security now so you should set up a firewall maybe something like fail to ban just make sure your backups are good and you don't have SSH open to the world and preferably if you can get away with this you can actually open Elinode to your home network but not open it to the rest of the world so even though it's in the cloud it's still not publicly accessible you can do that so you have to kind of think about the architecture I think when you start to have a hybrid cloud then the the big picture gets even bigger because now you're trying to figure out how does my how do my internal resources connect to my external resource what's the security of that how is that mapped what protocol do I use do I use zero tier or something else then you might you probably might need dynamic DNS so at that point the complexity gets bigger but I think it also becomes a better learning curve too because you get to make that decision what do I want internal what do I want external and I think that's probably the best part of it and sometimes there's a cost savings thing there too because you don't have to pay a separate bill for Elinode for their power there's no power surcharge where it's like they add money on top of the device just to keep the lights on I mean you have a flat rate price for your instance whereas if you are in a very expensive power area then honestly it might actually be cheaper just to run an Elinode it just depends on your situation I think that's the core point here is just to make an intelligent decision as far as where you want things and it really depends on your use case as far as whether or not that's a a good idea or an efficient idea yeah but we overall I mean we have a split workload ourselves here for different things it's not practical for me to run my forums based on the volume of hits they get anywhere else besides in the cloud so my website I don't host it myself here I host it in the cloud because the volume of traffic it receives so sometimes that's a considering factor on there so it just you weigh it all out and yes you should have servers wherever they belong and someone asks this question this is another good point because it's not a video I've done yet but it's a video that I've been wanting to do is I'm trying to make it concise essentially the question comes in of can I spin up my own Elinode server to hide my public IP address not just as a VPN which I've done VPN videos and you can use Weigard but as a termination point so I can run services locally but they're bridged yes there's ways to do that I'm trying to make it a more concise video of how to basically tunnel a service very simply and this can be done with PF Sense by building an IPsec VPN and building routes back it's something that can be done it's something that's asked about but it's not it's not like a one two three steps it's more like one two three hundred maybe not that many but there's a lot more steps involved in setting up but yeah that's another good use case for it where you want to keep your public IP exposure to a minimum so it's hard for people to see where you are or directly get at your services but then you filter them through and you know Wendell actually talked about that when he was on where you could put your web proxy on a Elinode server and then filter back from the Elinode server and make the connection back to you now as far as anyone seeing they only ever get to see the public server but the server is now making a call back after it's filtered through the proxy to whatever service you want to offer that maybe you host at home because while it's inexpensive to have bandwidth in the cloud it is expensive to have storage in the cloud storage racks up really quick when it comes you want to serve a bunch of data to someone and stream it back to them yeah you're going to find that if you wanted to keep two or three hundred terabytes in the cloud that has a pretty heavy recurring expense that you're not going to see when you have it locally so there's a good use case for it especially that where you keep your data local maybe the web application that they interface with to get to the data but then the call procedurally goes backwards so to speak into your data and pulls it but then the person using the service only sees your public IP I mean this is all stuff that you set up it's when you get some write-ups in level one techs if you look for how to prox if you like web proxies on the level one tech forums you'll find some solid write-ups there are Windows does not have a video on how to do this or anything right now so well one another way you could do it too is you could have like an nginx proxy running on elinode and then you have dynamic dns you know in your home network and then you could actually do a proxy from you know with virtual host right to the the C name or the dynamic dns name that you have and then you just get it all set up the way you like it it's working you take an image of it of course make it secure but if anything ever happens delete it just restore the image create a new one find out why it got hacked and then just you know set it back up again but with the proper security you could actually just do a straight nginx proxy to your home network that way as well and you could choose in the config not to actually have the other IPs shown or it's only showing the IP of that linoad that's another way you could do it there's so many different ways you could do it I think that's probably the simplest way and then when you get into like you said you know VPN IP second all that then of course the complexity goes up from there or you could even just see if you can leverage something like zero tier to bridge your home network in your linoad and then just put a proxy in front of that there's all kinds of cool things you could probably do yeah it's definitely a fun one on there and like I said Wendell's write-ups he's got like the tutorial written out inside the forums over there level one Ray or Cine is a friend of mine he runs a rarely large voice company OIT VoIP and he'd like to know opinions on centralized methods for management and authorization this is a tricky one because the simple answer is slap some active directory on top of things and the reason that comes up a lot in the corporate environments is because active directory is built into so many things you even take something like TrueNAS and you can tie to an AD server to authenticate all of your users and because so many users are using Windows that's usually what's tying all those servers but let's get away from that idea for a minute and talk about some other options and Jay had a couple ideas he wanted to talk about on this yeah so at first it's probably not going to sound like the best solution but I I promise you this works like Ansible or you know PuppetChef whatever you're using I really do feel like that's one of the best ways to do it now you can have centralized login with LDAP if you don't want to put that in something like Ansible there's solutions like 389 directory server I think there's I think it's called free IPA if I remember correctly free IPA which is kind of a complete I think you can get it as a turnkey system yeah so I mean if you want I mean for the authentication piece you could have that or you could just have the users being created by your automation solution that's also an option as well but with I with something you know something like Ansible you have templates you can set up and variables per machine you could essentially recreate the same feature set of group policy within Ansible like on my end I have everything set up by Ansible I've seen group policy in enterprise companies where it'll change the wallpapers or the company wallpaper it might change the theme it'll declare which icons are on the desktop which programs are installed Ansible can do all of that on my end it actually sets the wallpaper on my known desktop literally it'll set the theme it'll set my keyboard shortcuts all the apps that I have installed pretty much hands off and it does everything so at that point your automation solution can become your group policy and you could also include the users in there like I mentioned or you could just get that out of version control and out of the automation solution and use something like free IPA or 389 directory server roll your own LDAP server if you want to if you really want to get that segregated because one side effect of having something like Ansible create accounts for you is that every machine is going to have every account if you have like 30 users then your login screened your Linux desktop is going to show like 30 different accounts so if that's that what you want you could take that out of Ansible do LDAP but then all the other things like the jeek I think it's called gconf with decon for gconf with with gnome the gnome desktop and also the mate desktop supports this as well it's pretty much the same as the windows registry where you have a key value pair so you can set the wallpaper the keyboard shortcuts how many pixels tall the panels are we could really go down and customize a lot of stuff so I think in my opinion the best we have is the combination of LDAP and automation and that might kind of sound like a hacky way of doing it but it's really not because it's doing the same things and then you also benefit from having all of your config in a private git repository so you could see the code and it's a lot easier if you have a colleague that wants to help you out with the configuration they could get in there put a pull request in and then it becomes more of a collaborative effort but if you don't want it to be a collaborative effort you just keep the repository to yourself and then no one else ever sees it so that's how I would do it yeah and like I said there's a couple of different methodologies and I'll actually come back to what I said Active Directory in the beginning and one of the reasons is popular even POP OS and Ubuntu have I don't well I don't know if POP OS does but I know Ubuntu does which probably means POP OS does has support for Active Directory you actually have in is it is it version anything after version 21 is it Jay that has like part of the setup process it was the yeah it would have been it would have been actually I think it would be 2010 because it was the one release after the last LTS release and that was the initial support and then they kind of built it in more with each version because I think they're really trying to get this ready for Ubuntu 2204 LTS if I'm not mistaken they want to make this like I think they might considered experimental I don't remember but either way I think they wanted to be completely solid for that and now right in the installer when you install a newer version of Ubuntu you can actually enroll it in Active Directory you know right from the installer so if that's something that you want to do you can absolutely do that because it's right in the installer so that's pretty cool and in Papa West I'm pretty sure they have it it's like I said it's based on Ubuntu so I mean just install the package you know and you're pretty much done so yeah you could absolutely do that and that's a I think Fedora also supports that too so there's there's a number of these that support Active Directory yeah and it's one of the reasons Active Directory remains the primary and most popular system for management side notes Synology is actually working on services they want to create some competing products because there's obviously some cost burden involves if you either have to run you know in some type of license AD server onsite or you have to tie it to some of the Azure AD which has a recurring cost so yeah there's there are definitely a market demand for alternative but it's it's hard to deal with the juggernaut who has integrated into everything so that's a discussion that won't be solved today we threw out a few ideas out there but you'll you really come down to and an easy example for me working in the business world is some of our clients are lying in business applications they just don't have authentication methods besides Active Directory so there's not really an option they that's how they expect they expect to be installed in that type of environment they use Active Directory as their authentication model so you don't really get a choice this is how the product works I would say too though if any any person or a group of people want to tackle the problem of group policy it's not going to be hard to do I mean yeah it's going to be some work but if you think about it we already have GConf and Noam and Mate supports that too so we already have a back-end system that we can actually interact with to set pretty much every setting on the computer and if somebody just simply wrote a front-end to the GConf database of settings the back-end's already done so if somebody wants to tackle this they don't even have to develop the back-end it's already there they just need to develop a front-end that can hook into it maybe create some drop-downs and checkboxes and things like that so you could just control it the same way you can with group policy just drill down through the settings change with the settings or what they are supposed to be and then have a way of just rolling that out which could be as simple as an export import it just imports the settings into the target machine and you're done so if someone wants to tackle that or a group of people want to tackle that the back-end's there and if you build the front-end I mean you're already pretty much 50% there already so if someone wants to tackle that I encourage someone or some people to start a project on GitHub and you know let us know run with it yeah let us know if you do that let's address the chat now as we've ran through all the questions and the thing I see bouncing around in the channel right now is Mikrotik and someone can argue to me that it's not said that way Google it and you'll find someone from Mikrotik saying it that way anyways the Mikrotik I like their switches I like specifically their switch OS I'm not a big fan of their router it is fairly convoluted complicated so I have not taken the time to learn it those of you even the people who are experts at it always tell me yeah you just take the time to learn it Tom it'll save you money because it's a cheap device but oh yeah by the way it's really complicated and convoluted to configure with documentation that has a lot of as someone put it best there's a lot of weird commands you have to copy and paste in but no one tells you why those commands are needed to make something work I don't really care for systems like that it's cool because maybe I can save a few dollars so I can get a very fast router for a low price but if that comes at the expense of not knowing how to configure it this is where there's a real problem and one of the best routers you can always use is the one you know how to set up securely and if you're not kind of get where I'm coming from here look up the Maris botnet it is now one of the largest botnets in history and being used for not good things it is also made up of Meeker tick routers that were at some point in time misconfigured or insecure or due to flaws in them but either way they're still infected and it will one thing this proved to me if you do any reading on the Maris botnet and yes it was even something that was covered on the last episode of security now is Steve Gibson like this is big this is huge by the way it's all Meeker tick routers and at least the vast majority of I think almost all of it is in that particular botnet this is a problem what people saved they've now created the monster that we deal with in commercial IT of how do we deal with DDoS attacks and botnets obviously this is a hot topic in the whole month of September there's been numerous places part of New Zealand itself was knocked offline by a DDoS attack so with that type of behavior going on how do they get access to this what's a bunch of broken devices connected to the internet that are infected and when you talk about something that is very powerful which is the Meeker tick they do come with a lot of processing power and then if it's not configured properly did the cost savings really make it worth having another nefarious tool out there that people are using to DDoS I stay with tools that I know very well I do explore other tools I'm not here to be a monoculture of a single device but we really like the untangled firewalls we really like the PF Sense firewalls we know them well we deploy many of them both of these companies have been good projects with great documentation that's easy to follow for those of you who learn and I have also taken the time to create many tutorial videos on both of these products so you can easily learn it if you don't feel like doing the RTFM which by the way I've had people tell me your video is too long and I just reply I'm like I'm just reading the documentation trying to have video if you think my video is too long read the documentation it is freely available nonetheless that's why we kind of stay in the realm of those particular firewalls I don't have any particular dislike for them and I know in the WIS market I've met people who are very skilled at configuring them and the WISP providing that market is very low margin so you're looking for things you can deploy to save you money I get it I get why they're used there and it's not that I think they shouldn't be but I'm not going to take the time to learn the maker tick router language but I did take the time to look and see the switch OS language which I said was simple enough and still somewhat complex depending on your level of knowledge switch but I found it intuitive enough to use it I tried using RouterOS a couple times I said this isn't intuitive this is confusing why did someone design the menus like this and then someone's like you just have to learn to command line and I'm like why is the command line not work the way I think it should all right never mind I'm done I think the main problem I think this is probably the same for you is that if I was going to review a switch or a router I feel like the only way that I'm going to have a you know a really good opinion is if I replace my current switch and router with the one that I'm reviewing and that's a massive amount of work for a video I mean that would take me probably weeks to figure out how to do the same configuration just for one video so when it comes to people that might complain about the monoculture you only talk about X you only talk about Y this stuff is really really hard I mean I could do a quick review and give my thoughts on it but I feel like I'm being a little disingenuous there because unless I'm giving it a full workout then how do I give you guys my opinion on it and the only way to give it a full workout is to replace my current stuff with the stuff I'm reviewing and that's easy with the Linux distro that's not as easy with switches and routers and all this gear I mean that's a huge amount of work yeah and my position on my reviews of things like both on Tangle and PF Sense are the fact that we have these actively deployed at clients we actively do consulting on these devices as part of integrations into people's networks so it comes from a place of experience not just hey look I tested it and I set it up and I showed you how to do put forward and I don't know that's it you know these are physically deployed actively managed by not just me but my company itself and my team here so someone asked a question that I I'll I think there's always a misconception about this someone says or a way I can just point syncing at a cloud provider and back it up and the answer is technically no because there's not like syncing is designed to be a cloud backup service but there are features of syncing such as if you wanted to keep a copy of your data in the cloud but then encrypt that data it does support encrypted essentially blind servers that can have an encrypted synchronized copy of that data so there's ways you can build your own but there's not any company that offers it as a service that I'm aware of and I don't think there will be I don't know if there's enough market demand to create blind servers under especially because if you once you learn and take the time to learn syncing it's really easy to set up you can set up on the node syncing in a couple minutes throw a firewall only open the ports that you need open for syncing thing which are very minimal or only open them to your IP space so there's a minimal a potential of attack and yeah you can set up your own blind server in the cloud now the downside is storage in the cloud as we mentioned earlier can be a little bit pricey but depending on how much you need to sync and have it off-site it can work it's definitely an option out there I think it's important to understand that syncing is a sync utility not a drive utility right so if you look at Google Drive I mean you could go right into your browser you can interact with your files save your files for that you're kind of looking at more of a next cloud solution because it gives you that it gives you the ability to point and click in a browser to access your files it also gives you the ability to sync sync thing its job is to get there actually to sync data from point A to point B C, D, E or however many points you have so that's what sync thing does now technically you could just you know share out and NFS share that sync thing is maintaining and kind of create that but it's not but sync thing itself isn't meant to be that it's meant to synchronize you're looking at next cloud for something like that if you really want the Google Drive and office or you know online office editing solution that's going to be next cloud for that kind of thing another thing that came up a little bit and I don't know if you've covered this before Jay but they asked not about SSH keys but about using SSH certificates first I always suggest reading Michael Lucas's book on SSH but Jay have you done a video on SSH not key management but certificate management I have not not yet that might happen though because one of the videos that I added to my list was SSH key management something I've been wanting to do for a time and I kind of think if I cover SSH certificates then it would naturally happen after the SSH key management video happens so I'll just look at again the demand if enough people want this after I do the SSH key video which I did just do an SSH key video but the one I'm going to do is about managing multiple keys for multiple servers and kind of helping people understand how to manage that and then maybe certificates will happen after that's a possibility yeah so there's not a video on it right now I believe it is covered in Michael Lucas's book though on SSH it's Michael Lucas SSH mastery it is a good book to give you a good deep dive into all things SSH and some clever things that he's come up with I think there's I can re-go through that book there's something about putting key putting the keys and DNS text records so you can pull them to other servers he's got some tricks in there if I'm not mistaken oh yeah it's so amazing yeah there's just some clever stuff it's a well written book because Michael Lucas is a pretty awesome author when it comes to technical documentation at Lawrence Systems are you still messing with Home Assistant with ZigBee Z-Wave devices and yes I still turn my studio lights on and off and we plan to add more but I got sidetracked but my staff has added more things I haven't they've been playing with it they've got NFC attached to it my staff sometimes like they'll play with things and keep building on it and then I gotta go what'd you guys do with this there's news things on here I'm still using Z-Wave that seem to be anger people based on the comments because it's not as much of an open standard but it is easy to find devices for it but maybe we'll do a ZigBee one as well I don't know either way my goal is going to be to cover Home Assistant Jay has some upcoming things he's going to be doing with Home Assistant and obviously we also did Microsoft recently in a previous episode so oh Jay's holding a box people that are listening via the podcast solutions they can't see this but I'm holding up a box right now and inside this box I have not even opened it I mean I took a peek but I didn't actually open the main component here this is the Home Assistant blue inside the actual hardware device that Home Assistant makes available that I'm going to be reviewing at some point I don't know when it's going to happen it could be anywhere from a week to a month from now because my backlog is huge but I'm going to definitely try to review this and maybe this will be a collaboration effort with Tom and I to kind of check this thing out I can't wait to dive in yeah so I mean and actually my wife's bugging me because we don't have the normal IoT devices at my house my house is devoid of most technical things so people ask what I running at home I'm like nothing like I'm not joking guys but the my wife wants to she would like those things and I won't install ones by the common cloud provider so I would probably end up putting a Home Assistant at home so there'll there'll be at least be some and it'll be I'll have my wife to the review on that one because she's more excited about me I'm like I'm fine with getting up to move light switches but she apparently thinks you know but then again I say that and then I I just like that I got a button that turns on my whole studio around me which is kind of cool so yeah it's there's more videos coming at it we're definitely taking it with us though absolutely and there might even be some mycroft connections on my channel with Home Assistant 2 coming um on one of the so because of another project that had to do with making your own wee things here it's nothing I ever did on a video I there's a lot of goofy things that go on that my staff does here once in a while I'll take a picture of it randomly post on Twitter but they have a little peel and stick NFC tags that they bought a lot of and novel idea one of them had because I I kept forgetting to turn the light off before I turned my computer off I didn't have the Home Assistant app on my phone this might be part of the video where they put NFC stickers on the lamps and what you do is you tap your phone to the lamp and when you have the app on there it tells the app to trigger an action like turn that lamp on or off so instead of actually going to the app and doing it they wave their phone by the lamp now this is coming full circle because you're probably asking well if they're at the lamp can't they just hit the light switch probably but it isn't near as cool yeah it's not start trickle stuff yeah it doesn't have the cool factor of waving your waving your phone over a lamp to turn it on I mean we're back to the light switch all again but I don't know it's kind of cool if you just put an NFC sticker on each thing that you want to turn on and you just touch it with your phone and it turns each thing on and then someone will point out that's the dumbest thing ever you could just hit the switch I know but yeah I mean why not I mean that the coolness factor is definitely a part of some of this I saw a couple of things in there I wanted in the live stream I wanted to address really quick one person asked is there an alternative to VNC for remote desktop and I wanted to mention X2Go yep that's something Tom and I have used you could use it to get a full desktop session or even just share a single app and have it show up on your computer as if it's running locally even though it's actually running on a remote server I did a video on that that's on the channel and then another person asked about Ansible is there a GCOMP model or module there is actually it's called DCOMP DCONF that's what I use and I have a whole Ansible series and I also have an entire video that goes over that how I configure my desktop it's kind of like a high-level look because I mean this is something I've worked on for five years there's no way I can cover it in one video but I'll give you guys like the general gist of how I do it in that video you'll see some example code and I also have a older version of my Ansible config that's sanitized and put up on GitHub so if you go through there the workstation role and check out the I think it's under the gnome folder you should see some configuration there in Ansible for how to do things and it's really amazing to watch when I execute the script you'll literally see your wallpaper fade out and the new wallpaper fade in right before your eyes it's like you actually watch your desktop like change as if you're like clicking and and you know changing things but you're you know hands free you're not even touching the keyboard and you just watch as your desktop becomes what you want it to be how you've defined it so I have sample code out there and that video if someone wants to try to tackle that yeah that's been a mighty do this for a while because I realized I may need to reload my desktop for a couple of reasons that'll if I recover that my my desktop has been in place upgraded for years and I have some config things that are goofed that I should fix Jay fixed one of them but I get an error message I forgot to tell you because I if you remember SSHG into my system to expand my LVM partition because I goofed that out I am not good at LVM turns out Jay's good at LVM so we actually bounce off each other and help each other with ideas but ever since then there's been this weird little quirk that comes up but well that's a whole another show topic but there's definitely some ways to and once I do it maybe I'll touch on the topic as well because being able to deploy things the way Jay does is really slick I'm jealous so I'm not gonna lie watch that video he's done on it to get it get an idea I've watched it in person he's made a video on it so you can watch it too so am I planning a release on the TP more TP-Link OMADA videos not really I didn't see the demand for that the problem I had and a lot of people were very right about this is with TP-Link OMADA TP-Link no one seems to have the confidence as they're committed to their product as well so it becomes confusion and we even I've addressed in that video the marketing confusion of when I was looking at it of what did or didn't work there was a lot of little stuff and I also realized they just copied Unify they didn't try to innovate on the platform in any meaningful way now maybe if they do something that's interesting but there wasn't anything about the company that made me go wow this is so fantastic it seemed like they just cloned Unify there's people who are just angry at Unify and just want an alternative so that's why they want to use TP-Link OMADA they have at it because you're angry at a firmware you're angry at something they did I don't know we are still using Unify here so I don't really spend a lot of time with OMADA my review was you know I set it all up in my home and built it out and used it for a while before I did the review but I don't plan to deploy it at clients I don't have the long-term confidence in that particular product to say oh yeah this is going to be a going forward this is the best product for this so I don't know what more I can do it looks like matter of fact one of my staff members show because he set it up so quick he goes huh you don't really need to do a video Tom just tell him it's like Unify but it says TP-Link and like even the pull downs for VLANs and everything are pretty much the same so you side by I did a side-by-side comparison and it's kind of like crazy when you look at it like wow they just copied the interface like yeah a whole lot even the nomenclature and everything is so similar if you watch any of the Unify videos you're not really lost in TP-Link I mean at least that part was intuitive I would say the learning curve if you're going to go between them is really small but the value proposition of how Unify actually spends a long time supporting their products their products end to life is quite a few years later you know in terms of their networking gear I'm not going to get into the someone pointing out well they didn't do a good job of I mean they made me mad with Unify video I'm like okay so you're going to switch your networking gear out that works well because the same company made poorer choices on how they deployed video gear I fail to see the logic in it even because he's a huge company and TP-Link certainly has a series of products and not every one of them maybe what you like so I don't know it becomes a weird discussion and if I can't see enough value in doing it I end up not doing a lot of deeper videos on it so that's how I feel I did the video on it I showed how to set it up and how to use it run with that I don't see anything wrong Cody from MacTelcom Networks has a couple of videos where he covers VLANs and if you watch that video you'll say oh it's a lot like on Unify but he's covered it in a video so there are tutorials out there for that stuff is there anything else I'm hoping I'm not missing anything really cool I mean there's a lot of great questions there but I haven't seen anything else on my end are we going to talk about disaster recovery I think we have we've talked about cloning things and backing them up so there's plenty there's episodes we've covered that and if you go back to like our Synology episode Synology has an entire automated backup system with a bare metal restore option so you just kind of pick which one you think works for you but we did talk about clonezilla as well if you're looking for something to clone servers in general or workstations in general I think the Holy Grail is when you can actually delete a VM and it gets recreated automatically like everything just comes back and resurrects itself with auto healing I mean that's the Holy Grail let's be honest but it takes a little bit of time to get there though yeah it does I think that's about it someone asked what is because I'm looking it up I'm gonna say I never hit it so stablebit drive pool never heard of it before I just googled it is it open source there's my first question I'll have no yes buy I don't see anything about it being open source so not likely I'll look at this it's some cloud pool disk nope never heard of it don't have a use case for it it's also not open source when we're looking at products as a whole not that every I wish everything was open source but I live in a real world some things are not and I do lean towards before I look at a project looking to see if it's open source if there's no other projects in that category of use case of thing I need then I can look at something like a closed source thing I mentioned snelligy photos snelligy photos is really solid snelligy photos is also closed source but does have nice apps and things like that at the time in that time being right now September of 2021 I haven't found an open source solution that was this turnkey easy to use as snelligy photos doesn't mean one doesn't exist it means I'm not aware of it that's why I use it so that's where I'm at with a lot of it so have I looked at netgate tensor not on my to-do list right now it's a cool product I just don't use it we don't have it to actively deploy we had a couple quotes from people looking at it but never it never got never seen the light so is there any I think a couple more questions how much more time do you have james got more I have a little bit more time so I had one person ask me about the best way to get into the field and I think this is one of those things that's best served in videos that I plan on doing I just don't know when I'm going to start doing them because I already have like probably 10 videos I need to edit or more but I do plan on doing more like blog content every now and then about getting into the it field but specifically this individual is asking about certs and which one is the best that's kind of being on the other end of the hiring process as the person interviewing people and also working with other managers that hire people there is no one answer and the reason why this question keeps coming up is because if there was one answer then there wouldn't be a question right the problem is it really depends on the hiring manager I mean you could have I mean when it comes to a degree or not you could have a hiring manager that thinks you must have a degree and it has to be from a prestigious college and you have another manager that might not care at all they just want to know that you could do the job you have some that like certs they want you to have one and you have other hiring managers that hate certs because they probably had some people apply to the job to just memorize the questions and weren't really good at the job so it really depends on who you know where you're interviewing I would actually phrase it more around when it comes to certs what do you want to learn because you don't know what kind of hiring manager you're going to end up talking to but at the very least if red hat interests you and that makes you happy to learn it then do it for that reason because when you actually study for a cert you're going to learn a lot more when it comes to Linux Plus that's vendor neutral that cert is pretty cool too you know I it expired because I didn't renew it but I did go through the process and got it a long time ago and it was a pretty decent test actually so you'll learn a lot there too but I never went into it thinking like some of these places tell you if you get a cert you're going to have $20,000 more a year in earnings and all that it's not it's not really true it's not going to give you a promotion it's just something to add to your portfolio but it's your portfolio in general that really makes or breaks the career I actually tell people what's more important is having the portfolio and GitHub is a portfolio so if you're learning something and you're taking notes and you're writing scripts put that stuff in your your GitHub page and make sure that the hiring manager knows where that is because the person that's you know potentially going to hire you will look at your scripts and the things that you've done and it's not necessarily like you want to have the best scripts that the person's ever seen more often than not they're going to look at okay what is this individual doing with their skill set oh I see they're writing a bad script here they're doing a Python script here so obviously this person is trying to learn more than one thing they seem to be passionate about it so it teaches you get it also helps you get the word out about what you're able to do even better if you contribute to someone else's projects because you know that shows team that you're a good team member there you you can collaborate really well which you're looking for that I think all of that plus the certs plus everything else you could put in your portfolio the better so it's just more or less just having as much in your portfolio as you can and certs themselves are just basically a learning process and they help you learn I wouldn't go into a cert expecting a particular thing because again it depends on the hiring manager but at the end of the day it's what does the certificate have value when it comes to you if it has value to you go ahead and do it if you think Red Hat's fun absolutely you're gonna love it yeah and it's uh it's a way for a little bit of gatekeeping because they don't want the floodgates open of oh I know computers and hiring managers have to deal with what do you actually know you know computers cool but we need someone who knows this and obviously writing it on a resume and actually knowing it is not something simple for a hiring manager to fill the position so they want you to say all right you've got some type of a credit at cert one you it shows you put the effort to do it so that's one of the reasons they may have it on there matter of fact there's an engineering company and I've talked to one of their hiring managers he had the funniest answer he wanted people a minimum of a two-year degree but he preferred four and I said really I said the job doesn't really seem to need that he goes oh no I need to know that they have taken the time to write an essay about something turn in a paper about something he goes the number of people I currently employ that can't quite form full English sentences but are actually brilliant network engineers he goes it's kind of a problem he goes that he goes their hold back is not their technical acumen but their lack of articulate nature of being able to convey things so sometimes that I kind of was like okay that I kind of get why they're doing that because that is something I've watched hold people back you know having a long career in tech and knowing a lot of people in the industry your ability to communicate with people in general and in a non-technical sense but be able to communicate your problem be able to communicate it to your higher ups to make sure they understand the problem and hand you the resources you need to get something accomplished that can be a challenge and if you don't have some of those soft skills you can present with all the CCNA stuff you want that may get your foot in the door but those are something to keep in mind as well that you communicate well so it's kind of a full package and it's hard because boy I've met a lot of people that didn't make the cut me being a technical person and I do the hiring here I understand what questions to ask but if you're someone less technical it's really easy to get bamboozled and I've I've had a few friends that just put things on resumes when they were younger to try to get the job and they actually were able to float through for a little while before getting discovered that they knew the least there yeah that wasn't planned yeah it'll get you eventually and another thing and it's not a good thing so yeah that's why this is a short answer or a long answer of why certificates might still be necessary to get into the marketplace yeah another thing I want to mention too is just not to get discouraged if you apply to a job and you don't even get a call like you just they just don't even you know call you the situation often is that you have a hiring manager that you know maybe the person that manages the IT team let's just say they want Ansible but they're okay if you don't know it because if you were to interview for the job and say well I'm willing to learn Ansible and if you show the passion they're willing to let you slide on the fact that you don't have that item on your list on the other hand though at the very beginning you have a you know person in HR maybe an admin or something that's getting all these resumes and maybe he or she gets like two or three hundred resumes and then that person might thin down the resumes by oh that person doesn't have Ansible I'm going to delete that one this person doesn't have this I'm going to delete that one just to get it down to a manageable chunk of resumes now the entire time the hiring manager might not care at all if you don't have these things but then the person at the very beginning they have to kind of start screening these things to make it more manageable so whether or not you get a call could just come down to you just got screened it's not that you couldn't have done the job and the hiring manager probably would have hired you but it is what it is you know fate isn't on your side you just didn't get past the screener and unfortunately that's the gamble that everyone plays when they apply for a job yep all right oh we went along on this one but I think it was worth it thank you for everyone bringing the Q and A's to us hit us up on the Twitter hit us up on the feedback form is a great place because we always answer to feedback form place we care about the people that take the time to fill that out and ask those questions we read through them and save them up for these Q and A episodes so absolutely thank you all for joining us it was definitely a fun episode and we'll see you next time next week we've been trying to keep it consistent that we do this 11 o'clock thing and we're pretty good while sticking to it B and J have got this planned out pretty well so thanks again for joining us thanks to Lowe for sponsoring and talk to you next time leave us some feedback so we can do some more Q and A we have fun with this thanks yep thank you guys