If you have a need for high levels of privacy it’s the only way to do it, or just leave your phone at home.

It doesn’t really defeat the purpose of having a mobile phone either IMO, most stuff I do on my phone is already offline (maps, notes, taking photos, etc).

Would need to disable the cell radios, wifi and bluetooth too since those are also used to track device location.

In that case another degoogled ROM sounds more like what you’re after?

Graphenes thing is hardware security.

The Pixel phones were the only devices with secure enough hardware to make GrapheneOS viable, that’s why they developed it for them.

It wasn’t because of some deal with google or anything like that.

Not open source is an absolute no for me.

Mostly just quick notes in Obsidian, if I do anything complex or ‘unusual’ to set something up I’ll save the history that I ran.

Proxmox has a UI for ZFS. But you don’t really need it, ZFS is kind of set and forget and setting it up is quite easy via CLI.

Crowdsec does everything fail2ban does so not much point.

You can analyze with either the CLI or log files piped into something like OpenObserve which is what I do. You don’t technically need their dashboard.

Komodo.

An SSL error is expected because you’re using localhost and not the common name that the cert is issued for. But the fact that it’s connecting and showing the error means the server is working.

Start with basic diagnostics, see if apache is running inside the container, if it is can you curl from inside the container, if that works can you curl from the docker host, if that works did docker create the firewall rule to expose the port or is the VPS overriding things in some way?

If that all looks good, is there a VPS provider firewall in place outside the OS?

Gotta start with the basics.

Android has a huge market share compared to iOS, plus it’s a lot harder to develop these types of applications for iPhone because of apples policies.

Windows sandbox is easy.

Probably worth storing the key in another place as well, like keepass on your phone or just print it out on paper and store it.

I wouldn’t be exposing any management consoles to the internet either way, too much risk with something that has docker socket access.

Komodo is the best portainer alt I’ve found, I read through the Arcane info but it doesnt seem as good. Komodos editor also works great.

My favorite is ‘fast and lightweight’ followed by ‘RAM required >500MB’ for a some kind of basic server.

If you want automatic updates over major versions most images will have the :latest tag for that.

It doesnt actually bypass the firewall.

When you tell docker to expose a port on 0.0.0.0 its just doing what you ask of it.