> According to [2], the cost to reclaim CO2 from natural gas sources is approximately $90 per ton on the high end
I may be reading that wrong, but I'm pretty sure that refers to the CCS cost when you capture at use (e.g. in a power plant). You can't really use CCS when you're heating a house, so the right price to compare to would be direct air capture which is an order of magnitude more expensive IIUC.
It's buried in the article, but the 77% number seems to be based on resistance heating instead of heat pumps:
> the annual energy bill to operate a standard gas furnace/AC combination is about $633 a year. With a heat pump, she said, it would likely be $609 to $718 annually, depending on the heat pump technology chosen and its configuration.
But, to be fair, the first sentence of the article is "The average American household that uses electricity to heat a home this winter will pay hundreds of dollars more than those who use natural gas." How many households have heat pumps, vs how many have old electric baseboards? I think it's entirely appropriate for a government report to be looking at the actual costs to households today. If most American's can't handle a $500 surprise expense, how many can afford to upgrade to a heat pump? And 35% of Americans rent -- how many old neglected apartments have electric heat which the landlord has no incentive to upgrade?
It really sucks because even with the government rebates, it’s still a big capital expense that takes years to be paid back. The good news is that since we have started investing in and incentivizing heat pump technology now, it will be the cheap option as heating systems fail over the next few decades. I think the government report should include this reality but also highlight heat pump adoption as it is currently incentivized and adoption is growing. It’s weird to me that they didn’t highlight the heat pump aspect as much
Heat pumps will never be a viable replacement because they only work efficiently at low heating temperatures. The heat pump itself may cost you 5 to 10k but you may have to spend another 50-100k on insulation of walls, windows, roof, basement as well as floor heating (and thus completely new flooring) in every room to make it work. This is doubly true in the US where many buildings still have single-pane windows (though you have the advantage of not paying 40c/kWh like we peons in Germany).
And btw: heat pumps are loud, so good luck with that high density housing every climate advocate wants so much.
I just heard on NPR yesterday that 13% of all house sales last year were new construction. As much as I am loath to have stringent regulations dictating building technology, just imagine the pace of adoption if every piece of new residential construction used electric air-source heat pumps.
> The good news is that since we have started investing in and incentivizing heat pump technology
Yes, good tax news for those who own their house and can afford discretionary purchases. Also good news for those who peddle increased govt debt.
Described differently, heat pump and ElectrifyTodayCorp lobbyists had Congress write tax incentives for their businesses which are funded by taxes on working class that are renters or can't afford to replace their existing functional furnace.
Are these tax credits meant to encourage people to replace functional equipment with different types, or are they meant to encourage people to replace broken equipment with a different type? (Or to encourage new construction to use a different type than typical)
Often, for light users, the payback time for switching to a more efficient heat system is longer than the expected lifetime of a new system, so it only makes sense to consider it when the current heating system is broken or when the current cooling system is broken, since a new heat pump could replace heating and cooling.
It's potentially different if you're a heavy user of heating.
Ingresses on EKS will set up an ALB that sends traffic directly to pods instead of nodes (basically skips the whole K8s Service/NodePort networking setup). You have to use ` alb.ingress.kubernetes.io/target-type: ip` as an annotation I think (see https://docs.aws.amazon.com/eks/latest/userguide/alb-ingress...).
The ingress controller is so I can have multiple public apps and configure them with Ingresses (definitely possible to do the overall setup with just cloudflared but I wanted to use built in ingress objects instead of a complicated cloudflared config).
(Author here) I mostly worry about security for this. If you have nothing private on your network it's probably fine, but if you have, say, a NAS that isn't using proper authentication (pretty common), an os/nginx vulnerability could end up exposing stuff.
Of course there are much simpler ways to lock things down also :)
Obviously your server would be on a DMZ vlan, probably on its own. Set it to automatically take security updates every night and aside from some zero days I'm not sure what security issues you'd have.
Then why are you intentionally adding another dozen attack surfaces and bleeding edge stuff constantly full of exploits? nginx remote exploits that matter are a once in a decade thing. Your setup is incomparably more insecure than nginx and a port forward.
I've been running a static webserver from my home for more than 20 years now. By avoiding dynamic languages, databases, and buzzwords, I've never been hacked. Never had any issue.
Thank you for a great article! I recently took the plunge of building-and-hosting a blog too - but, due to security concerns, I took the entirely opposite approach of making it fully cloud-based (Git repos for infra and for content -> AWS CodePipeline, Hugo during CodeBuild -> S3 and CloudFront). This was sadly ironic since I'd mostly wanted to blog about my experiences with homelabbing, but I didn't trust myself to open a port to the outside world. Thanks to your blog I might finally learn Kubernetes and use a Cloudflare tunnel to implement a similar truly-selfhosted blog!
I've done something similar to the author but with only ufw and port forwarding.
My closet server is set up with a cron job that runs daily and updates my domain's dns on Cloudflare to my currently allocated dynamic ip.
U
Port forwarding sends the 80/443 requests to my closet server.
Closet server only accepts 80/443 requests from Cloudflare's published ip addresses via ufw rules so that all traffic must pass through Cloudflare to be accepted.
Nginx on closet server routes it to the appropriate internal port for that service.
Maybe someone has broken into my home network, but I hope this solution works relatively well!
I would say you don't really need Kubernetes for this sort of setup (I already was running all the K8s stuff which is why I went with it, but docker compose or even just running things in systemd without containers would work too).
I think the main thing is to have some sort of network isolation (like a separate VLAN or a server that blocks outbound traffic) between stuff that's exposed to the internet and stuff that's private on the network.
I have one small VPS with access to wireguard network, wireguard rule to forward certain traffic to a virtual machine running on my desktop, fairly easy to setup tbh (and I add/remove devices constantly). I am not a networking person, my understanding of iptables is shaky but I also ran a similar setup with Nginx. Could also use TailScale, but I found the wireguard CLI very easy. Straightforward to add more networks and isolate stuff from each other (tbh, I only run one network that doesn't isolate my web-facing stuff from other stuff I run privately...as I said, I am not a networking guy so have no idea how bad of an idea this is given that the only way in is traffic on certain ports being forwarded).
Huh - I'm using Wireguard as my VPN into my home network (the only port that I have opened to the outside world), but I didn't know that you could also use it to route incoming requests to a certain VM. There's always something else to learn! Thank you :)
Ah, I see - I misread and got the impression that `cloudflared` could only connect to Kubernetes pods, but I see from reading the docs[1] that it can connect to traditional apps-on-ports as well. I'll have a poke around - thanks again!
(Author here) I’m kind of cruel to my hardware lol (they’re all frankenservers hacked together with random parts from eBay). I’m not doing anything fancy to protect from dust and whatnot, but it’s pretty much always chilly in the garage (and I’m using low power parts) so heating hasn’t been an issue.
Thanks, glad you liked it! Minor clarification, I didn’t write the ingress comparison, that’s from https://learnk8s.io (who I’ve been working with recently). They have a bunch of awesome resources on their site.
I've been working as a Cloud Architecture consultant for the past couple years (previously worked in startups). I'm looking to move to full time for the right opportunity.
I may be reading that wrong, but I'm pretty sure that refers to the CCS cost when you capture at use (e.g. in a power plant). You can't really use CCS when you're heating a house, so the right price to compare to would be direct air capture which is an order of magnitude more expensive IIUC.