Cool idea. Just be aware, that there are a lot of shady people out there. I'm not sure I would publicly host services, which rely on tight security (like Vaultwarden). They will come and they will probe your system and it's security!

You might also want to remove Dockge from Uptime Kuma, no need to broadcast that publicly.

I agree, but most games also have a higher ratio of value to cost. If I buy a game for 50 bucks, I'll play it for many hours, let's say 50. So that will be 1 per hour, pretty good. If I buy a new movie, that isn't available for subscription streaming, that ratio is easily double. If I have a subscription and need another now, that also lowers it's value. It also comes with lower comfort and ease of consumption, as you mentioned.

Another great example is YouTube premium. I'll gladly pay 5 or 7 bucks for adfree content, not 14 though. I don't need YouTube music. So I block ads where I can and donate to creators, if I can afford it. They could have had my money, but they are, simply, greedy.

I also hate it, when deals are altered without my consent. It makes me feel like a sucker, and therefore makes it less likely for me to keep investing.

In Soviet Russia, OP spanks you!

Let me know if you need any help with that. I'm still a beginner, but have used the last few months to learn about cyber security. It can be a daunting subject, but if you get the basics right, you're probably good. I also hosted without a care for years and was never hacked, but it can/will happen. Here are some pointers!

Get or use a firewall. Iptables, UFW and such are probably good enough. I myself use OPNsense. It can be integrated with Crowdsec, a popular intrusion prevention system. This can be quite a rabbit whole. In the end, you should be able to control who goes where in your network.

Restrict ssh access or don't allow it at all via internet. Close port 22 and use a VPN, if needed. Don't allow root access via Ssh, use sudo. Use keys and passphrase login for best security.

Update your stuff regularly. Weekly or bi-weekly, if you can.

Use two factor authentication, where possible. It can be a bit annoying, but improves things dramatically. Long passwords help to, I use random-word-other-word combinations.

If you haven't, think of a backup strategy. 3 redundant copys on 2 media, one off site.

I am truly sorry that you are stuck in this awful situation. The system (or large parts of it) are designed like this. Keeps people in check. As an European, I find it baffling. Not everything is prefect here, far from it. I'm dealing with chronic health issues myself and I probably wouldn't survive the US.

There is nothing I can do to help you, but I emphasize with your situation and hope, that you can rest soon!

This would be very much appreciated, if possible. I don't know most of them and it would make reading these past easier for me.

You most likely won't utilize these speeds in a home lab, but I understand why you want them. I do too. I settled for 2.5GBit because that was a sweet spot in terms of speed, cost and power draw. In total, I idle at about 60W for following systems:

• Lenovo M90q (i7 10700, 32GB, 3 x 1 TB SSD) running Proxmox, 15W idle
• Custom NAS (Ryzen 2400G, 16GB, 4x12TB HDD)v running Truenas (30W idle)
• Firewall (N5105, 8GB) running OPNsense (8W idle)
• FritzBox 6660 Cable, which functions as a glorified access point, 10W idle

I'd even do it for a normal lizard salary, if needed.

I don't think what you're saying is possible. Voxels used in fMRI measure in millimeters (down to one of I recall) and don't allow for such granular analysis. It is possible to 'see' what a person sees but the image doesn't resemble the original too closely.

At least that's what I have learned a few years ago. I'm happy to look at new sources, if you have some though.

Reminds me of that Southpark episode, where all the adults are gone.

"Provider, provider..."

From what I found, Lemmy is much better in this regard. I've gotten lots of helpful answers here, so give it a go! There is also a ton of tutorials on YouTube, I recommend something like this for beginners.

Tubearchivist works well for me and integrates with jellyfin.

Two power naps for the price of one? Don't mind if I do. But seriously, I couldn't go through prep twice. If the surgeon lost his watch in there and needs to do it again then by all means.

Remember when Homer designed a car?

Tubearchivist works great for me. Downloader, database and player, all in one. Even integration with jellyfin is possible, not sure about plex though.

There is quite a price difference, at least here in Germany. It easily be double, if not more... I'd love to use SSDs, but can't afford them right now

There also great Apps for knost, that I have on my phone and use offline. Useful Knots is what I use.

Ah, I did not know that. So I guess I will create several VLANs with different subnets. This works as I intended it, trafic coming from one VM has to go through OPNsense.

Now I just have to figure out, if I'm being to paranoid. Should I simply group several devices together (eg, 10=Servers, 20=PC, 30=IoT; this is what I see mostly being used) or should I sacrifice usability for a more fine grained segeration (each server gets its own VLAN). Seems overkill, now that I think about it.

I tried this. Put a DNS override for Google.com for one but not the other Adguard instance. Then did a DNS lookup and the answer (ip) changed randomly form the correct one to the one I used for the override. I'm assuming the same goes for the scenario with the l public DNS as well. In any case, the response delay should be similar, since the local pi hole instance has to contact the upstream DNS server anyway.

500 is the sweet spot, at least for downloads. I have it and it's fast enough for all my needs. Upload can be less, although I'd love to have more than the current 50. Good luck with your move!

I'm currently using this guide to setup a OPNsense VM on proxmox. Home Network Guy also has an OPNsense guide, but for a full router.

I did that when I started working with Linux. I thought / meant the current directory, boy was I wrong!

I really wanted to use this and set it up a while ago. Works great but in the end I had to deactivate it, because my nextcloud instance would cause too many false positives (404s and such) and I would ban my own up way too often.

I'm not paying everyone. Pretty much impossible. Here is my logic for what I'm doing on detail.

Netflix is 8 Euro a month here in Germany as a basic plan. I can share that with my girlfriend. They produce movies and then stream those to me. I use it quite often. I'm totally okay with what I'm getting for my money and pay happily.

Youtube is 12 Euro per month. I can't share that plan with my girlfriend, as it would fuck up the algorithm. Youtube hosts videos but doesn't produce content. I'm not happy with the value in getting.

Now I try to pay creators directly. Can I pay all of them? No. Can I be just? No. Is youtube just? Also no. Small creators get nothing. So I take my 5 euros and divide among creators. Next month a few others and so on. I can choose which ones, depending on how I feel about their content. I find a brilliant channel who helped me out with a project and who's got patreon? Sure, why not? Last one here was DbTech, which I'm not subscribed to.

So the difference between income for content creators is Youtube Premium: 55 percent of 12 euros is 5,4 euros, My system: about 5 euros. The only difference being how the money is divided. I try to favor smaller channels.

In the end, I believe my system is superior, as gives me more control on where I spend my money. I only try to screw over Google, because they are greedy as fuck!

I don't think it's the CPU as I am able to reach max speed, just not using ZFS...

I looked at your sources or at least one of them. The problem is, that, as you said, I am a layman at least when it comes To AI. I do know how fMRI works though.

And I stand corrected. Some of those pictures do closely resemble the original. Impressive, although not all subjects seem to produce the same level of detail and accuracy. Unfortunately, I have no way to verify the AI side of the paper. It is mind boggling that such images can be constructed from voxels of such size. 1.8mm contain close to 100k neurons and even more synapses. And the fMRI signal itself is only ablood oxygen level overshoot in these areas and no direct measurement of neural activity. It makes me wonder what constraints and tricks had to be used to generate these images. I guess combining the semantic meaning of the image in combination with the broader image helped. Meaning inferring pixel color (e.g. Mostly blue with some gray on the middle) and then adding the sematic meaning (plane) to then combine these two.

Truly amazing, but I do remain somewhat sceptical.

Thank you so much for your thorough answer, this is very much a topic that needs some reading/watching for me. I've checked and I already use all of those headers. So in the end, from a security standpoint, not even having port 80 open would be best. Then, no one could connect unencrypted. I'll just have to drill into my family to just use HTTPS if they have any problems.

It was interesting to see, how the hole process between browser and server works, thanks for clearing that up for me!

That rabbit hole is interesting, but also deep and scary. I'm trying to challenge myself by setting up Proxmox, as so far I've just used Raspbery Pis as well as OpenMediaVault. So when I saw those stories about drives dying after 6 months, I was a bit concerned;. Especially because I can't yet verify the truth in those storries, since I'd call myself and advanced novice if I', being generous.

I'll track drive usage and wear and see what my system does. Good point, then I can get rid of the guesswork. Thank you a lot!

Thank you so much for this explanation. I am just a beginner, so those horror stories did scare me a bit. I also read, that you can fine tune ZFS to prevent write amplification so I'll read into that subject a bit more.

I thought ZFS without redundancy did give no benefits, but I most have gotten that wrong. Thanks again!

From what I found, Lemmy is much better in this regard. I've gotten lots of helpful answers here, so give it a go! There is also a ton of tutorials on YouTube, I recommend something like this for beginners.

I'm actually planning for a pass-through of the integrated intel graphics for this. Then, in the future and if needed, I'll build a bigger bigger system as my main node. The Lenovo will then become my second node for high availability. But I'll need more funds for that...

Excellent suggestion, I didn't even think about testing the setup using a VM as you suggested.

I also lean to option 1, as it is just the simplest. There is conflicting information out there regarding proxmox and the VMs being on the same disk: some people say it's fine, others hate it (although I couldn't quite figure out why, hence the question).

The biggest downside is storage space, but I don't think I'll need all too much since I'm currently running everything on about about 500GB and of those only using 70GB.

Two or three things come to mind that to me so I'll just put them here:

Did you setup a DNS server? Port already taken? Permission error?

Thanks for your input. Am I understanding right, that all devices in one VLAN can communicate with each other without going through a firewall? Is that best practice? I've read so many different opinions that it's hard to see.

How is the bullshit. I take 5 bucks every month and use those for patreon. I cycle through the channels so everybody gets a bit. I only pay the lowest tier for one month, then cancel again. Next month, a few different creators...

One view with ads is worth in the area of a cent, most likely less. Most channels upload once or twice a months. If the lowest paying tier is a dollar, they just made 50 times what they would get for ad revenue.

It's the other way round. I do pay for a VPN anyway and I donate via patron to support creators. A dollar here, a dollar there. It's still cheaper than a subscription here in Germany and my favorite creators get a bigger payout. I'd be happy to pay for premium if it was something like 5 euros, but 12 a month.

Kagi was somewhat expensive, if I recall. 10 bucks for unlimited searches put me off, as I don't have a lot of money right now...

Good point. I used fio with different block sizes:

fio --ioengine=libaio --direct=1 --sync=1 --rw=read --bs=4K --numjobs=1 --iodepth=1 --runtime=60 --time_based --name seq_read --filename=/dev/sda

4K = IOPS=41.7k, BW=163MiB/s (171MB/s)
8K = IOPS=31.1k, BW=243MiB/s (254MB/s)
IOPS=13.2k, BW=411MiB/s (431MB/s)
512K = IOPS=809, BW=405MiB/s (424MB/s)
1M = IOPS=454, BW=455MiB/s (477MB/s)

I'm gonna be honest though, I have no idea what to make of these values. Seemingly, the drive is capable of maxing out my network. The CPU shouldn't be the problem, it's a i7 10700.

I'm in the process of degoogeling my live. I've never used it much, but my phone and the apps that I've bought over the years are tied to my account. I still use the calendar and have been to lazy to switch. Google maps too is a big plus. I've already gotten rid of cloud storage, as I selfhost nextcloud.

I use airvpn, which is recommended now as mullvad got rid of port forwarding.

Same as you. Old AMD system with a Ryzen 2400, three hard drives and two ssds running open Media vault. The hard drives spin down after 30 minutes, as I only use them once or twice a day.