• 24 Posts
Joined 1 year ago
Cake day: June 13th, 2023


  • I’m trying to use the generic thermostat:

      - platform: generic_thermostat
        name: termostato_raffreddamento
        heater: switch.valvola_climatizzazione
        target_sensor: sensor.aqara_temp_sala_temperature
        min_temp: 24
        max_temp: 28
        ac_mode: true
        target_temp: 26 
        cold_tolerance: 0.1
        hot_tolerance: 0.1
          seconds: 300
          minutes: 3
        initial_hvac_mode: "off"
        away_temp: 28
        precision: 0.1

    But I only have the button to turn it off:

    If I click it nothing happens. What have I done wrong?

  • Thanks for your point of view. All of my services are containers that have config and data folder bind mounted from an encrypted partition. After power on, a script download from a website half of the key needed to decrypt data, the other half is in the boot partition. In this way if my server gets stolen I can delete the half key stored on the website and the data disk can’t be decrypted. About swap, you’re right, but that doesn’t worry me at all since I don’t think that there’s anybody that would goes into that trouble just for my data. If someone is able enough and takes the trouble to read it, I guess that’s going to be the last of my problem: it would mean that I’m already in biiiiig troubles! 😆

  • I do bind mount data folders of the containers, I do backups, I have a notification system that alerts me if a container is not up, but a container can be up but have problems and, most importantly, I (and I guess a lot of other people) don’t always have time to solve problems. When I a few spare minutes a do a snapshot, I update the containers and if something goes wrong if I have time I troubleshoot it, otherwise I just roll back the snapshot and I’ll have a look at the problem when I’ll have time.

  • But the attacker should know the internal and the external DNS. If the internal DNS doesn’t have any SSL certificate on its name, it’s impossible to discover.

    By the way, I always suggest to reach services through VPN and use something like Cloudflare tunnel for services that must be public.

    P.s. Shouldn’t public and private DNS be inverted in your curl example?