Your assumptions are no longer accurate.

For one thing Lithium-ion batteries are becoming common in consumer UPS models including those from Cyberpower, Eaton, and APC.

There is no memory effect and they don’t need to be discharged and recharged regularly.

Similar to a mechanical device that wears out faster with heavy use, the depth of discharge (DoD) determines the cycle count of the battery. The smaller the discharge (low DoD), the longer the battery will last. If at all possible, avoid full discharges and charge the battery more often between uses. Partial discharge on Li-ion is fine. There is no memory and the battery does not need periodic full discharge cycles to prolong life. - https://www.batteryuniversity.com/article/bu-808-how-to-prolong-lithium-based-batteries/

The risk of fire is extremely low. For a high quality charge limited lithium ion battery in a controlled environment it is about the same as a UPS with lead acid batteries.

Your chance of being struck by lightning in the course of a lifetime is about 1 in 13,000. Lithium-ion batteries have a failure rate that is less than one in a million. The failure rate of a quality Li-ion cell is better than 1 in 10 million. https://www.batteryuniversity.com/article/bu-304a-safety-concerns-with-li-ion/

Battery swelling (not caused by manufacturing defects) is primarily caused by overcharging, deep-discharge, physical damage, and heat, none of which are problems for my server installation.

The risk of fire from parking your car in your garage is hundreds of times higher than using a laptop as a server.

After having my server fail to recover after a power failure while I was out of town for an extended period, I moved all important server apps to an relatively inexpensive (<$200) laptop.

The battery is firmware limited to a 70% charge which means it will last for years with no significant safety concerns. Even at a partial charge, Debian indicates 7 hours of run time when the power fails (I’ve had none longer than 4), and it’s unaffected by power blinks. It saves a bit of electricity too and costs $150 less per year to run than my old UPS alone.

It’s been running for nearly 2 years without a hitch.

Anyone get WiFi calling to work over Verizon’s network?

I have both running right now. Mint on my laptop and media server. Debian only because it was previously required for Home Assistant support, (support which they’ve now dropped.)

Both distros are extraordinarily reliable, but I much prefer Mint. Debian is more focused on security and some of the design choices focus on that over usability. My LAN is completely locked down and only accessible via Wireguard and the physical systems are only accessible to me, so IDK how much better security it provides in my situation. Mint has every package I’ve ever needed prebuilt while I have had to build some packages for Debian.

Bottom line: As much as I like Mint, for me there is not sufficient reason to switch from Debian to Mint or visa-versa, but if I were installing from scratch I’d choose Mint every time.

Nomachine with local & Wireguard access only.

I think Anydesk can be trusted as much as any company. They did notify users when a breach occurred a couple of years ago. By contrast Teamviewer was hacked and blamed their customer’s “password reuse” for years before finally admitting they had a breach. The company cannot be trusted.

I use Anydesk occasionally to help friends but never leave it running if it’s not actively in use.

The battery limiting capability was an absolute requirement and I also ended up with a Dell. Having a display and keyboard always available is also great for some tasks.

I had a similar failure while I was out of the country for a month. My Raspberry Pi didn’t come back after a power blink. Home Assistant, Wireguard tunnels, security cameras, Jellyfin, Syncthing backup and DNS all failed until I returned. After looking at possible solutions I ruled out buying redundant hardware because of the cost, and more importantly the time and complexity of implementing and maintaining everything.

Instead I bought a small, relatively inexpensive laptop and a router with plenty of processing power and memory. I moved my Wireguard endpoints, DHCP and DNS server to the router and everything else to the laptop and disconnected my UPS completely.

If the router is up, WG connectivity, DNS, DHCP and wifi are up. The router does reset on power failure, but my ISP has no local power backup so Internet is out until power is restored anyway.

This laptop loafs along at 10 watts and costs about $2 per month to operate despite our high electric rates. My old UPS drew 75 watts most of the time even when there was nothing plugged in and cost more than $16/month to run. The laptop’s battery is firmware limited to a 70% charge so the battery will last years without degrading and making other battery issues unlikely. It provides 7 hours of operation if power fails compared to an optimistic 20 minutes for the UPS. Power blinks (and there have been plenty) have no effect on the laptop at all.

I’ve been happy with this configuration. It has worked flawlessly for almost 2 years.

I’m no security expert and my biggest concern with self-hosting is making a configuration error in the OS or some app, or missing a critical update that allows someone access to my personal data. In order to reduce the attack surface and management requirements my network can only be accessed through Wireguard. The random open WG ports do not respond to unauthenticated packets, so someone would have to have access to my configurations to be able to get past my firewall, at least in the absence of some yet unknown vulnerability. Of course that won’t prevent mistakes being made on PCs (especially Windows) but it’s one less thing to worry about.

Wireguard clients on our PCs and phones make connecting and accessing media and files a breeze. There are no third parties involved so enshittification by some company’s security breach or sudden monthly fee isn’t going to happen.

I have a Bosgame mini-PC that is completely inaudible unless you get close to it. Power draw is <15 watts under light load meaning that even with the high electricity rates where I live it costs less than $3.50 a month to operate. I’ve avoided hard drives because I don’t want to listen to them whine, so no comment there. Two simultaneous 1080p Jellyfin streams increase CPU utilization by less than a percent and it still is under 5% with a couple of other Docker containers running.

Good luck setting everything up to your liking.

Started with it on a server but moved it to my Openwrt router. If the router’s up the tunnel’s up.

TMO has had IPV6 implemented for mobile devices for years. There’s no way they only implemented IPV4 on a home/business service that uses the same network and the same towers.

Does their current equipment (and yours) support IPV6? If so CGNAT won’t be involved.

Your WG network is a separate subnet. Add it to PAPERLESS_ALLOWED_HOSTS to allow access.

not that any of this is doable in the near future, since i’m behind cgnat and won’t get my colocated bounce server up until spring.

Doesn’t IPV6 allow direct external access even when cgnat is in use for IPV4?

When I was running a mesh topology I often had the same issue. Switching to a star topology fixed pretty much everything.

I’ve been using Syncthing for years and it’s been almost flawless with only rare file sync errors that are clearly shown in the UI. Was going to switch to Nextcloud for everything. Looks like I’ll be sticking with Syncthing for the foreseeable future.

Thanks for posting this.

Google Safe Browsing looks to be have been built without consideration for open-source or self-hosted software.

IMO Google Save Browsing was built with consideration for open-source and self-hosted software, but it has nothing to do with user safety, just like blocking Android apps from 3rd party sites has nothing to do with user safety. The harder they make it to move away from their products by making using alternatives difficult, the more money they make and money is now the only objective. Even if this only adds a fraction of a fraction of a percent to their profit it’s something Google will implement.

The old social contract of businesses being of benefit to the community as a whole in addition to making a profit is long gone.

Yes. I had them blocked via my firewall because of the constant traffic they generated and blocking Internet access causes constant bulb resets. The resets are known to TP-Link and according to a couple of sources they created a private firmware release that fixed it. TP-Link failed to publically release that firmware, and last time I checked deny it ever existed. I replaced the bulbs with 3rd Reality Zigbee bulbs that work perfectly.

I didn’t get that far. When they demanded I log in I just removed it. Jellyfin is working OK without having to figure out how to bypass defaults.

When I was in the market for bulbs Hue was just starting that BS. They lost that sale and I’ve been in the process of removing network access for everything possible and severely restricting it when not. My old Honeywell wifi thermostat is gone, smart appliances are disconnected from wifi, and TVs are blocked by my firewall when they aren’t actually being used. Next up, Graphene OS.

Sometimes I’d like to move to a tropical island with no news or Internet at all.

This is why it’s a great idea to refuse to install everything that’s possible, including smart switches, cameras, lights etc. that rely on the good will of some company to keep running.

Honeywell wifi thermostats worked great until they didn’t. Now their servers are often slow or down. TCP-Link smart bulbs reset regularly if their Internet access is blocked because TCP-Link desperately needs to keep track of when everyone’s lights are on and off. Plex wants us to log into their servers to watch content we’re hosting ourselves. Too bad if their servers are down. Security camera companies have been disabling local storage options without warning for years.

Logitech actually planned to introduce a subscription mouse. Hopefully at some point people will get sick of this shit, refuse to put up with it and their sales will tank.