I'm not sure you understand what "objectively" actually means... Care to provide your data in support of your objective conclusion?

Ah it's fine, we know they'll be totally fine on their own. I mean, they have their own totally reliable, independent electric grid, right?

It's just an NTP pool. The device is trying to update it's time. Likely it made many other requests to other servers when this one didn't work.

Maintaining up to date lists of anything is a game of whack a mole, so you're always going to get weird results.

If you're actually unsure, pcap the traffic on your pfsense box and see for yourself. NTP is an unencrypted protocol, so tshark or Wireshark will have no problem telling you all about it.

That said, I'd still agree with the other poster about local integration with home assistant and just block that sucker from the Internet.

Ran into a similar conundrum. We use mealie for recipe management and occasionally meal planning, but the shopping list is clunky. We resorted to just making a list on a card in Planks. Not purpose-built, but it has worked rather well for us.

I don't know how you got a picture of me, but I demand it is removed!

Potentially, but precision is important, especially if you're going to make sweeping claims about a topic, acting as an authority.

This is absolutely not what DNSSEC is. DNSSEC provides authenticity of the response, not privacy. You're describing a means of encrypted name resolution, like dns-over-tls, dns-over-https, etc.

I haven't done a code review so I can't answer that question with facts. I do think however, that anything that bootstraps a FLOSS framework like openwrt could easily be a risk to privacy.

You use privacy and security interchangeably here. They are not the same.

If you have any question on truth worthiness, you can flash stock openwrt on them. You just lose out on their proprietary webUI and pre installed plugins. I believe their firmware is public on GitHub though.

Yeah, put that trash in prison!

Wiki.js with a postgres backend is my vote, easily.

That all sounds correct to me. The random port you're seeing in the logs is a high port, often referred to as an ephemeral port, and it is common for source ports. All good there.

I had no idea Jeremy Clarkson lost so much weight.

This is pedantic, but there are indeed capacitors there. They're all surface mount components, so they don't look like the caps that people typically talk about replacing, and they likely aren't what caused it to fail. Anything labeled on the board with a C## is likely a SMD capacitor.

Frigate or zoneminder. I've run both and would highly recommend both. Frigate is easier to get setup initially. Test them both out!

His teeth caught my eye first. Smile and count how many teeth you can see. Now double that and this guy's still got you beat.

Sure, but no one asked about studies from a specific country, we just got an unsolicited "tut tut" for no reason. I can live in Germany and read Canadian articles all I want. This particular poster just doesn't have an open mind about the world.

Lolwut.

Does your holier-than-thou country not believe in peer reviewed science?

That sort of configuration after the fact would be a fantastic addition, if not already in place.

You don't need haproxy on the vps at all, unless I'm misunderstanding you. Just route the traffic using iptables hooks in your wireguard config. This is exactly how I manage my email server and it's entirely transparent.