That is a completely sepereate issue from the above commenter.

You absolutely cannot get 2FA authenticator codes from 90% of services

A shockingly large amount of companies demand phone numbers and send verification texts before allowing you to do business with them, to create an account, to recover an account, to delete an account, to place an order, etc.

They really shouldn’t, it’s a bad security practice but companies love it because with a phone number they can lower support costs by just allowing people to do a self-service where they get an automated text and can unlock their locked account.

Also an issue, but indeed a separate issue from using unsecure SMS as TOTP.

90% of American commercial services that is.

Online services or many/most European services have more proper 2FA (TOTP, app-based, card reader OTP, etc…)

You can sync with immich also.

It literally is as simple as choosing which folders to include with the backups. You can set backing up just like google photos.

Otherwise you have to deal with their external library mechanics which has ballooned my 5k photos to a 1.3million in the database which broke immich.

OK that is fair, though that is not self hosted…

VPS machines are a completely different beast than self hosting. But I guess I only said home use, not specifically self-hosting though we are in a self-hosted community. There are 1000 guides for setting up a VPN on your home network.

To be fair, if something is open by default or very easy to enable without informing about the risks, tons of people will have it exposed without thinking.

It isn’t that “tons of people do it so it is normal and perfectly fine” but more “people don’t realize.” It also uses some nontrivial amount of resources to process and block those attempts, even if they never have a chance of getting in.

There is yet a reason I can find to have it forwarded for home use. Need to ssh into a machine to fix it? VPN.

There are plenty of secure web-based tools to manage your server without a VPN also.

People have hit on most of them here, but here is another big one:

Fitness apps. Mainly calorie tracking, workout tracking and heart rate tracking

Health app

Sleep as Android

(No, gadget bridge is not a replacement for 99% of cases and doesn’t even support the gold standard for heart rate tracking, polar H10)

For calorie tracking, the massive food databases required, barcode scanning, and crowd sourcing are generally not compatible with the open source community’s privacy ideals. OpenNutriTracker has promise though!

For workout tracking, none of them have any device support and most of them are dead and abandoned. Not to mention heart rate zones, stats and training trends, etc… FitoTrack and Opentracks are good starts though.

And then a google fit alternative. Something that can integrate sleeping, workouts, heart rates, sensors, etc… Data all in one aggregates place. It is a huge task and it makes sense that there is no open source alternative for it. Especially when the components aren’t individually there to aggregate.

Does inkscape have diagram connecting? One of the best draw.io features is the wide array of premade shapes, styles, and auto connecting for flow visualization

I will go out on a limb and say FreeCAD and KiCAD specifically in examples. Right now you have to search forum posts and videos to find out how to make something work and it is always an older version completely irrelevant to the current version.

For other things that need note basic general and setup documentation:

Traefik: It is only decodable to experienced people right now. I tried about 15 tutorials a few years ago and SmartHomeBeginner was the only one that actually was able to connect to the internet and didn’t “rest of the fucking owl” it

Authelia could also use some documentation updates specifically around the area of integrations.

Libopencm3 also could use some more complete documentation instead of basic API descriptions, but the project is not very active anymore

Opensuse Aeon and Kalpa could also use some documentation love, especially Kalpa.

The DoD actually did a study I thought “recently” on password security and found that changing passwords every X days lead to more insecure passwords since people would create shorter, easily changeable passwords that follow a very easy to crack pattern.

Don’t think they changed their policy though.

I am fighting this with people at work.

No, it is not “one more password to remember”

You have 2 passwords: your laptop and your Bitwarden. Forget everything else. Don’t care. Use a passphrase if you have troubles with passwords.

I even generated a sample password from bitwarden and drew them a picture of how to remember it lol

Still about 10% of people forgot their password in the first 2 months.

Honestly, go for a Ryzen 5 and use the extra money you save to buy a new gen AMD GPU. You won’t notice a difference between the 7700 and the 7600X. Gaming never utilizes the 6 cores even when having videos and stuff up in the background.

Always overspend on the GPU instead of the CPU for gaming.

You want a prebuilt NUC. That is pretty much it. A Pi generally doesn’t cut it, plus by the time you get all the accessories to make it usable as a server, you are at the price of a much more powerful small PC.

I run a ryzen 3600 with 32GB RAM in a Node 304 and it is very quiet with 12TB red pro helium drives. 4 HDD capable with a GPU and 6 without. However, it still draws 20-30W idle or 50W with an Arc A380 installed.

There is one neat trick: don’t expose SSH.

There is still not a reason anyone has been able to give for 99% of self-hosters to expose SSH.

If you need to access your machine via ssh while on the go. Wireguard to your local network, use SSH. Done. Unless you are running an always-up public facing site, the amount of times you have to access your machine that can’t wait until after work is very low anyway.

Bots will scan all ports. That is just how it works. Less than 22, but you will still get spammed. Why force your computer to go through the fail2ban loop and take up resources when it is simply not needed at all and you can block it on another machine?

If you want to build it yourself, you have to decide on size.

Are you trying to keep it as small as possible?

Do you want a dedicated GPU for multiple jellyfin streams? (Definitely get the Intel A380, cheap and an encoding beast)

If you don’t want to start a rack and don’t want to go with a prebuilt NUC, there are 2 PC cases I would recommend.

Node 304 and Node 804.

Node 304 is mini-ITX (1 PCIe slot, 1 M.2 slot for boot OS, 4 HDDs, SFX-L PSU, and great cooling)

Node 804 is micro-ATX (2 PCIe slots, 2 M.2 slots, 8-10 HDDs, ATX PSU, and 2 chambers for the HDDs to stay cool)

Why do you want a N100? Is electricity very expensive where you are that idle power is a big factor? Because desktop CPUs are more powerful and the CPUs can idle down to 10W or so without a GPU and they can have way more RAM.

Tldr; go with prebuilt NUC or go with a desktop CPU for a custom build.

I think you SEVERELY misunderstand the content on YouTube and the content that pays and people watch. The average YouTube watcher is quite brain-dead.

The most profitable YouTube channels are:

• shitty Mr beast style clickbait videos
• kid cartoons
• music
• corporations

https://en.m.wikipedia.org/wiki/List_of_most-subscribed_YouTube_channels

https://en.m.wikipedia.org/wiki/List_of_most-viewed_YouTube_channels

https://www.tubefilter.com/2024/02/02/top-100-most-viewed-youtube-channels-us-january-2024/

The likes of popular youtubers with good content like Tom Scott and GamersNexus do not even make the list at all.

Good channels like Stories to Old that aren’t big, but well produced probably won’t be able to make it at all with this setup unless they form a coalition with other small creators to pay for hosting costs and have someone with the expertise to manage it. That cost would severely cut into what they would be able to live off of.

The most likely scenario is the platform becomes a wasteland of clickbait and child-friendly clickbait because that is what gets the most watch time.

I have no extra drive of the capacity of my system. Maybe I should just go with hetzner or backblaze

At that point, you might as well get Mealie.

• Recipe manager (with online recipe parsing so you don’t have to read everyone’s life story)
• Equipment and ingredient lists per recipe
• Meal planner so you can plan out a week of meals
• Shopping lists by adding item by item or actually linking recipes and automatically importing all of the items
• Different users and access control, OIDC, backups, and most modern features.

shopping list demo

Let’s be honest, it doesn’t work for 30% of listed businesses either… Typing in more than 1 word automatically returns utter crap.

If I type is SPAR, I get all supermarkets near me.

If I type in SPAR supermarket because that is what it is listed under, I get this BS, random supermarkets 60+ km away. Even if it could only parse out supermarket because of how badly it parses, then it still could take supermarkets near me.

When I type in just supermarket, I get the supermarkets near me. Any time I type more than one word, the search completely breaks…

Then use Wireguard to get into your local network. Simple as. All security risks that don’t need to be accessed by the public (document servers, ssh, internal tools, etc…) can be accessed via VPN while the port forwarded servers are behind a reverse proxy, TLS, and an authentication layer like Authelia/authentik for things that only a small group needs to access.

Sorry, but there is 1 case in 10000 where a home user would have to have publicly exposed SSH and 9999 cases of 10000 where it is not needed at all and would only be done out of laziness or lack of knowledge of options.

Woah, let’s not be hasty. A few big tech companies are really good at their jobs…

Let’s not forget the dozens of big tech companies run by absolute morons that bring products that nobody wants or needs and only stay afloat due to legacy, stealing data & selling it, and/or venture capital.