|
KillHour posted:I generally haven't had many USB passthrough issues with ESX 6. I have had literally zero USB pass through issues with zwave on Proxmox. (This isn’t intended as a proxmox vs esx comparison so much as “usb pass through seems to work well on a wide variety of systems.”)
|
# ? Aug 11, 2019 20:17 |
|
|
# ? May 10, 2024 01:00 |
|
I have the database stuff offloaded to a VM running on my desktop. That's not my issue with it. I'm more annoyed at how gung-ho HASS.io is about shielding me from the host OS. I was considering getting some NUC, but I'm not impressed at prices, even when used.
|
# ? Aug 11, 2019 20:21 |
|
Combat Pretzel posted:I have the database stuff offloaded to a VM running on my desktop. That's not my issue with it. I'm more annoyed at how gung-ho HASS.io is about shielding me from the host OS. I was considering getting some NUC, but I'm not impressed at prices, even when used. Yeah, I’m in the same spot. A goon reported getting a haswell i5 with 1GB for like $200 on refurb, but I haven’t seen that miracle repeated.
|
# ? Aug 11, 2019 20:57 |
|
If you want something nuc sized but cheaper (and don't need the latest gen processors), look on eBay for an HP Elitedesk 800 Mini.
|
# ? Aug 11, 2019 21:15 |
|
Yeah, that’s been my target. Not a lot in Canada, or without $70 shipping+import. I’ll keep at it!
|
# ? Aug 11, 2019 21:18 |
|
Subjunctive posted:I just ordered a 4GB Pi4 to run HA and friends. Will I regret that? The basic RPi uses an SD card which has a limited number of writes. That tends to blow up after a while. Change config to vastly reduce the amount of database updates through config changes to 'recorder', and/or move the database to another machine. I do both and no issues in a year, the first time it blew up with default settings it was under 3 months. I've read there are also options to use a USB thumb-drive for storage instead.
|
# ? Aug 11, 2019 21:23 |
|
Moey posted:If you want something nuc sized but cheaper (and don't need the latest gen processors), look on eBay for an HP Elitedesk 800 Mini. Decairn posted:The basic RPi uses an SD card which has a limited number of writes. That tends to blow up after a while. Decairn posted:I've read there are also options to use a USB thumb-drive for storage instead.
|
# ? Aug 12, 2019 00:22 |
|
Combat Pretzel posted:For some reason I'm intent on finding a quad core, and ideally not that weak sauce Pentium J1900 or whatever it was. Also it needs to look somewhat fancy, since it's likely going to me mounted to a wall. Yeah, the Elitedesk Mini 800s come with haswell quad i5s. I’m looking at a Lenovo variant now that I’ll get if the guy confirms the wifi is 802.11ac.
|
# ? Aug 12, 2019 02:26 |
|
We buy a lot of those elitedesk minis at work for lab PCs and they are excellent. Get a VESA mount and slap em on the underside of a table, a wall, back of a monitor, whatever.
|
# ? Aug 12, 2019 02:39 |
|
Combat Pretzel posted:For some reason I'm intent on finding a quad core, and ideally not that weak sauce Pentium J1900 or whatever it was. Also it needs to look somewhat fancy, since it's likely going to me mounted to a wall. https://www.ebay.com/itm/HP-EliteDe...6UAAOSwfSldMoO5
|
# ? Aug 12, 2019 16:51 |
|
Subjunctive posted:I just ordered a 4GB Pi4 to run HA and friends. Will I regret that? I haven't had any problems with running Hass.io on my Pi3+, but I'm not doing anything too terribly fancy with it. azurite posted:The main issue I had with Hassio on the Pi 3+ was database bloat. Once I set the recorder to limit the scope of what is recorded and to purge every three days, it is fine. Oh man, did you help me fix this or did we both run into it independently? Because I was in the same boat and couldn't figure out wtf was going on until I realized I had like a 3GB database file sitting around. I shouldn't need to do a manual Purge via an automation script to make the drat thing usable, but it works so here I am. Decairn posted:The basic RPi uses an SD card which has a limited number of writes. That tends to blow up after a while. Change config to vastly reduce the amount of database updates through config changes to 'recorder', and/or move the database to another machine. I do both and no issues in a year, the first time it blew up with default settings it was under 3 months. I've read there are also options to use a USB thumb-drive for storage instead. So from what I've read the quality of the SD card can also affect this dramatically. Sample size of 1 and all, but I got a decent SanDisc card and I haven't had any issues that appear to be due to SD card instability for almost 2 years.
|
# ? Aug 14, 2019 05:02 |
|
Hubis posted:I shouldn't need to do a manual Purge via an automation script to make the drat thing usable, but it works so here I am. It supports automatic purging. No extra automations necessary. Did that not work for you?
|
# ? Aug 14, 2019 19:03 |
|
Yes, but the only fixed that quite recently. The default settings were broken, so it never purged anything before that update unless you manually set it up.
|
# ? Aug 14, 2019 21:35 |
|
azurite posted:It supports automatic purging. No extra automations necessary. Did that not work for you? Tamba posted:Yes, but the only fixed that quite recently. The default settings were broken, so it never purged anything before that update unless you manually set it up. Yeah, exactly. I forget the exact chain of events but as I recall some kind of corruption / error could creep in which would cause the automatic purge to crash for whatever reason, so it would silently abort which ended up both never actually purging and never clearing the database. It was some kind of weird "if you have a log from this specific version with this specific setup you might have issues" kind of bug. I probably don't need it anymore because as you say I think it was fixed, but since I already bothered to write an automation... vOv
|
# ? Aug 15, 2019 02:10 |
|
They must've just fixed that this year. I only started doing it a few months ago.
|
# ? Aug 15, 2019 04:28 |
|
It was fixed in this release: https://www.home-assistant.io/blog/2019/06/26/release-95/
|
# ? Aug 15, 2019 08:43 |
|
Crossposting from the NAS thread: Can someone recommend some good home surveillance cameras that can write to my synology nas via Surveillance Station? I'd like: 1. Night vision (it will be pointed out of our living room window that looks onto the entrance to our house). 2. PoE ethernet is preferable, but wifi and mains powered is fine too. 3. Not-chinese, I.e. not full of vulnerabilities and spyware, I.e. not Hikvision. 4. Works with Synology NASes. (I am aware of the compatibility web page that Synology hosts, there's far too many cameras listed to google each and every one of them to see if they tick all my other boxes). 5. Available in the UK.
|
# ? Aug 17, 2019 19:11 |
|
Putting it behind a window limits your choices a lot, I'd say. Most night cameras use IR LEDs for illumination which won't work. I wonder if those Dahua Starlights would work anyway? They may be full of Chinese Spyware though.
|
# ? Aug 17, 2019 20:13 |
|
Alright, I'm ok with forgetting the IR, it's a reasonably well lit street at night.
|
# ? Aug 17, 2019 21:13 |
|
Steakandchips posted:Crossposting from the NAS thread: 1. Either put in an external IR illuminator and a non-illuminated camera outside, or run a Starlight camera. If it's really dark, even a Starlight won't be great. Being behind a window basically blocks the IR, so no normal "night vision" camera will work. The Starlight sensors are great, and can give a good picture even with very little light. Don't bother with the high-res (4K) versions, the 2MP ones are fine, especially for close range stuff. 2. Everything worth owning is PoE. WiFi cameras can easily be jammed or de-authed. PoE all the way. 3. Good loving luck. They're basically all Chinese chipsets with God-knows-what firmware. Stick the cameras on their own VLAN (or actual LAN if you're not a networking person), and never let them see the internet. Again, Don't put your cameras online. At best, they get compromised and someone gets to watch your door. At worst, they become part of a botnet and launch a DDoS attack or similar, plus attack your home network. Got any other IoT stuff? Do some research about how to secure that too. Relevant: https://xkcd.com/1966/ 4. By "Works" do you mean works with the Synology Surveillance station, or just can record to the NAS? Most Dahua cameras can record to a NAS. Synology's licensing strategy is kind of bullshit, you have to pay per camera. If you only need one camera, then it's OK, I guess. I'm a Blue Iris user, and it's really very good software. I run it on a server, but for a single camera, it would run on a SFF or Micro sized $200 desktop. I've then got lots of secure ways of connecting to the server from elsewhere. Remember that your Synology is a serious security risk as well, so think twice about just putting it on the internet behind a password. Use key-based auth (SSH or VPN) or expect it to be compromised. Ditto with a BlueIris server (or anything IMHO). 5. Most of these cameras are rebadged, and the parent camera is usually available on Ali Express/Amazon if you know where to look. I'd suggest heading over to IPCamTalk and checking some reviews on cameras. Mostly everything can be configured to use ONVIF, which Synology supports. I'm a real fan of Dahua, specifically through Andy (AliExpress, Amazon, or directly). I've purchased over a dozen cameras from him, and haven't had a problem yet. If you buy from anyone else, you'll probably get hacked Chinese firmware which can't be upgraded. If you have specific model or feature questions, post here or over there, and you'll probably get a cogent reply. sharkytm fucked around with this message at 21:36 on Aug 17, 2019 |
# ? Aug 17, 2019 21:30 |
|
Everything sharks just said, x2. My dahua 2mp starlights are a great midrange cam, I haven’t had a single issue in years. Bought mine through Andy as well, no regrets.
|
# ? Aug 18, 2019 03:21 |
|
In Home Assistant, how do I relay a web site on the local intranet through its UI? Similar to Node RED, which runs a web instance on another port and HA does proxy it when accessing it through the HA UI?
|
# ? Aug 18, 2019 19:49 |
|
Combat Pretzel posted:In Home Assistant, how do I relay a web site on the local intranet through its UI? Similar to Node RED, which runs a web instance on another port and HA does proxy it when accessing it through the HA UI? Probably you want to use a Panel iFrame. https://www.home-assistant.io/components/panel_iframe/ This is just an iFrame - it doesn’t proxy the site, it just lets the UI give you a frame which the site loads inside of.
|
# ? Aug 18, 2019 20:21 |
|
How many people afraid of Dahua/Hikvision/et all dialing home to China give their cameras valid gateway / DNS values? Honest question: Are they concerned these cameras defy TCP/IP and have hidden Internet access buried in there silicon? Even in the face of wiresharked data showing otherwise?
|
# ? Aug 19, 2019 00:15 |
|
Tapedump posted:How many people afraid of Dahua/Hikvision/et all dialing home to China give their cameras valid gateway / DNS values? Giving them valid DNS is not enough. Confirmed by my traffic logs. I just thrown them on a VLAN that isn't accessible to the internet and it works just fine. The only other thing on that VLAN is one of the NICs for my DVR. Not surprisingly, when I was doing this kind of thing professionally for municipalities and police departments even with super expensive Axis gear many certification standards would not allow the cameras to be on an internet accessible (from either direction) VLAN. And in fact manufacturers like that actually encourage/demand you set it up that way and specifically support it in their DVRs (like not requiring internet access for camera updates and having a piece of software/component of the DVR that acts as a proxy to upgrade firmware). To the extent that some versions of Axis Camera Station would throw up warnings if any of the cameras could reach some arbitrary and not-necessary internet address/IP. Motronic fucked around with this message at 00:27 on Aug 19, 2019 |
# ? Aug 19, 2019 00:24 |
|
I’m in an all-Apple household, looking for a smart thermostat for my new house. What is currently the best? I’m not hung up on HomeKit support as long as it still works seamlessly with iOS.
|
# ? Aug 19, 2019 00:42 |
|
For an all-Apple household, you’ll want HomeKit integration. Google and Alexa work but you’ll never get OS or native Siri integration. I could be wrong about that though. Shortcuts does allow for quite a bit of customization. Anyway, HomeKit thermostats begin with the ecobee. Go for the 3 if you still can as it’s got everything you need and the 4 only adds an Alexa speaker/mic and some misc upgrades.
|
# ? Aug 19, 2019 01:03 |
|
Tapedump posted:How many people afraid of Dahua/Hikvision/et all dialing home to China give their cameras valid gateway / DNS values? You show me 60+days of clean Wireshark logs, and I'll show you a camera that'll ping China in 61 days. They ALL have backdoor logins and firmware bugs. Go ahead and put them online, see how that works. This has been verified dozens of times. Maybe Wyze cams with aftermarket firmware, so long as it's maintained. Motronic knows what he's talking about.
|
# ? Aug 19, 2019 01:11 |
|
Motronic posted:Not surprisingly, when I was doing this kind of thing professionally for municipalities and police departments even with super expensive Axis gear many certification standards would not allow the cameras to be on an internet accessible (from either direction) VLAN. And in fact manufacturers like that actually encourage/demand you set it up that way and specifically support it in their DVRs (like not requiring internet access for camera updates and having a piece of software/component of the DVR that acts as a proxy to upgrade firmware). To the extent that some versions of Axis Camera Station would throw up warnings if any of the cameras could reach some arbitrary and not-necessary internet address/IP. When I first got in to cameras I was very confused by the fact that so many IP DVR devices had built in PoE switches. It seemed so counterintuitive to integrate those things considering how cheap a good switch is these days. Eventually it became clear though, not only does it make the installation feel more familiar to those who have done analog video systems but it loosely enforces having the cameras on a private network segment by making it likely something will break if you were to connect those ports to another network. Someone who has no idea what they're doing is a lot more likely to end up with something reasonable when using those devices.
|
# ? Aug 19, 2019 14:16 |
|
Combat Pretzel posted:In Home Assistant, how do I relay a web site on the local intranet through its UI? Similar to Node RED, which runs a web instance on another port and HA does proxy it when accessing it through the HA UI? Kalman posted:Probably you want to use a Panel iFrame. Yeah, an ipanel just opens a session with the specified URL and displays it inside the UI. It will work internally, but won't work externally (via DuckDNS+LetsEncrypt / NabuCasa, for example) unless the ports you want visible are also being forwarded. If you only care about access from your local network, it should work fine.
|
# ? Aug 19, 2019 16:10 |
|
I should have clarified better. My question should have been, "Absent a separate VLAN but given that cameras are setup without any gateway nor DNS servers defined, how certain are one's observations that these (two brands of) cameras are reaching out to anything at all?"
|
# ? Aug 20, 2019 14:42 |
|
Tapedump posted:I should have clarified better. Is there DHCP? Because I wouldn't be the slightest bit surprised to see them drab DHCP info if they can't get to the internet with their manual config. Or one of a host of other ways of figuring out the gateway. Bottom line - what's the huge blocker from simply doing it right? They are a known high risk, so put them in non-internet jail like they're supposed to be.
|
# ? Aug 20, 2019 15:15 |
|
If I was trying to slurp up info with my firmware, the first thing I'd do is check a bunch of common gateway addresses and DNS servers.
|
# ? Aug 20, 2019 15:16 |
|
Thermopyle posted:If I was trying to slurp up info with my firmware, the first thing I'd do is check a bunch of common gateway addresses and DNS servers. Yeah. <first three of my static assigned IP address> .1 and then .254. Sweet, gateway. 8.8.8.8
|
# ? Aug 20, 2019 16:47 |
|
Motronic posted:Is there DHCP? Because I wouldn't be the slightest bit surprised to see them drab DHCP info if they can't get to the internet with their manual config. Or one of a host of other ways of figuring out the gateway. This is one of the reasons at work all of our IP cameras are on completely separate physical network infrastructure from the rest of our network with their own cabling and switches. The only time the networks "meet" so to speak is at the NVR server on its own NIC. The camera LAN has no path to the internet or indeed anywhere off that network.
|
# ? Aug 20, 2019 21:21 |
|
stevewm posted:This is one of the reasons at work all of our IP cameras are on completely separate physical network infrastructure from the rest of our network with their own cabling and switches. The only time the networks "meet" so to speak is at the NVR server on its own NIC. The camera LAN has no path to the internet or indeed anywhere off that network. When you've got enough cameras to do this I don't see why you wouldn't. Most places I've done this just aren't big enough (local PDs, etc) so they get their own kitty jail VLAN just for cost savings. You know if someone screwed up because the camera server's "dirty nic" won't be able to find the vlan on the port of the cameras where it got fat fingered and it doesn't look for cameras on the other NIC. This is been good enough for the state and FBI's compliance requirements.
|
# ? Aug 20, 2019 21:38 |
|
Hey man, it's your network, you do you. If you think leaving the DNS and gateway fields unpopulated or populated with addresses that don't resolve is safe enough, then go for it. The Dahua cameras have a search utility that can cross subnets even if the mask isn't opened up, so I'm going to stick with VLAN/separate network. Might as well leave the default user/pass too, since there's a hardcoded backdoor. https://ipvm.com/reports/dahua-backdoor https://ipvm.com/reports/axis-critical https://www.exploit-db.com/exploits/44328 (Hikvision) https://www.exploit-db.com/exploits/47188 (Amcrest) network-chat: At my shop, I've got a 5-port PoE switch (4 PoE and one unpowered port). That's 4 cameras, and a patch cable that goes from the unpowered port to my main switch (on it's own VLAN). The only other thing on that VLAN is the port that goes to one port of my server's 4-port NIC. TBH, I could have just patched the unpowered port to the server directly, but I'm planning more expansion... got a 48-port PoE Switch coming on Thursday. I'm really excited to try out the 10G-over-HDMI stacking port. Dell 55xx series, BTW.
|
# ? Aug 21, 2019 00:40 |
|
sharkytm posted:network-chat: I've got a couple of PoE Mikrotiks (https://www.amazon.com/gp/product/B079YSKPSJ/ref=ppx_yo_dt_b_search_asin_title?ie=UTF8&psc=1). One in the barn, one upstairs (rack is in the basement). The barn currently doesn't have any ethernet out to it, so it's powering 3 cameras plus a Ubiquiti UAC-AC-PRO set to downlink from one of the same in the house. Been working pretty well. The other little Mikrotik is upstairs to run the cameras I have in the soffits/dormers of the house and is cabled down to the switch in the rack.
|
# ? Aug 21, 2019 15:14 |
|
Motronic posted:I've got a couple of PoE Mikrotiks (https://www.amazon.com/gp/product/B079YSKPSJ/ref=ppx_yo_dt_b_search_asin_title?ie=UTF8&psc=1). One in the barn, one upstairs (rack is in the basement). The barn currently doesn't have any ethernet out to it, so it's powering 3 cameras plus a Ubiquiti UAC-AC-PRO set to downlink from one of the same in the house. Been working pretty well. The other little Mikrotik is upstairs to run the cameras I have in the soffits/dormers of the house and is cabled down to the switch in the rack. Sweet setup. Luckily, all my stuff is at my shop, which is in a commercial steel building and has all the ribs/framing exposed internally. Running cable is stupid easy, just a 100' fishtape and a box of Cat5e.
|
# ? Aug 21, 2019 16:08 |
|
|
# ? May 10, 2024 01:00 |
|
Since my girlfriend is moving out I need to change the locks. On my main entry door if like to get a smart lock since I have to get new stuff anyways. Two questions. Is it a bad idea to get smart locks? And is this one the Wirecutter recommended a good choice?
|
# ? Aug 24, 2019 23:23 |