You might be interested in my creating a completely Tor-ified home network article if you want to add mixnets into the picture. :)
Awesome - thank you. Yeah TOR has definitely been on my list.
Sorry for piggybacking on @luke post but I’m still somewhat a newbie when it comes to Tor. Can you direct me to some resources regarding (or elaborate on if you’re knowledgable enough) law & responsibility and how safe it is to run Tor public relay node? I mean scenarios like this: how liable I am if some pedo looks through child pr0n through Tor and I end up being an exit node? I guess it varies from country to country but still. Thanks.
and I end up being an exit node
and I end up being an exit node
You’d have to volunteer to be an exit node. It takes explicit configuration to do so.
This is a really great setup! Is there anything you are looking to add soon?
Plex is pretty bad for user privacy and surveillance so I’d like to give Jellyfin another shot. It fork-bombed my server when I just did a basic install the first time around.
I’m a mostly-happy user of Jellyfin - there are a few quirks involving music tagging I’ve run into, but otherwise it works pretty well at letting me stream my own music and videos from my media server to any computer with a web browser or a smartphone.
This is neat! Do you have any logging / monitoring systems in place?
Thanks! -Yes, everything has Prometheus metrics and Grafana for monitoring. For logs specifically I just log into the box and look at journald.
Using the edge router sounds neat, but one of the Amazon commenters said the default firewall rules are pretty basic. Did you add a lot of rules or do the default set seem to suite your needs?
Yeah it’s definitely not meant to have a ton of preprogrammed rules. It comes with a basic drop all incoming but that’s kind of the reading I got it.
@luke you mention a mesh wifi. Is that provided by any of the components you list there, or is it something you built separately before this setup?
It’s the Plume mesh wifi. I didn’t mention it directly because I didn’t want to promote it. I had that first then built the rest of the network around it to isolate it out and prevent/limit it’s data exfiltration. But you could use any wifi AC you want. If I hadn’t had that first, I would probably use a Ubiquiti AC. The costs seem to be about the same but it seems so much more robust.
I was wondering specifically about the data exfiltration from the wifi hardware itself. I’ve got Orbi right now, which works great except that it phones home to Netgear all the time.
Oh yeah, and the admin interface now shows me ads for other Netgear products, with no apparent way to turn them off.
I hadn’t heard of Plume before, but a quick look at their website says they market to ISPs with remote control as a major selling point. So I can totally get why you didn’t mention them before!
Yeah the Plume is the same. It auto-balances the mesh network so if I cut it off from calling home, it has no way for me to manually lay out the network.
Plume actually has a “privacy” mode which I use and they seem to honor. But I’d prefer to know for sure. I don’t know of many consumer mesh wifi systems that don’t phone home.