Which Pi did you try? Since the Pi4/CM4 (can even work with SAS drives) and especially with the Pi5 you can build some nicely performing NASes.

There are some passively cooled (i.e. no spinning fan) SFF Desktops (HP, DELL, etc.) or you could get a Raspberry Pi 5 and stick it into a Geekworm case. Power consumption with these devices should hover around 5W, maybe slightly higher under load. The Desktops most probably support WoL. The Raspberry Pi doesn’t.

The version I had played around with about 10 years ago could.

There’s also The Dude - although it’s a Windows-only application. But the visualisation is great.

I’m running SpotWeb to browse spots. It’s kind of a curated list of NZBs. So, most things you can find a spot for, are still actually available to download.

It was heavily used by the Dutch to distribute movies with baked-in (“ingebakken”) Dutch subtitles for older media players.

If you like to checkin manually to places, there’s PrivateSquare which will query places around you from Foursquare (so, 4sq will still see whereabout you are), but store the actual checkin in a local database.

If you want some automated tracking, I’m mostly happy with OwnTracks which logs to my DaWarIch instance. (I’ve previously used Traccar and php-owntracks-recorder.)

While I don’t see any battery usage from OwnTracks, my only gripe is that it can’t increase the amount of points logged when it detects movement because of Apple iOS limitations.

(For iOS, there’s also Geory which will log into a local database and CAN increase the logging by spawning a Live Activity. It gives me the most accurate logs so far. But they have to be exported manually to be stored elsewhere and the author wants to keep the app simple and doesn’t want to implement logging to external systems.)

I let CrowdSec determine that. I’m seeing /13, /12 and even /10 in my decisions list. All seem to be Amazon AWS ranges.

In the Traefik static configuration (usually traefik.yml), add this to load the CrowdSec plugin:

experimental:
  plugins:
    crowdsec-bouncer-traefik-plugin:
      moduleName: "github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin"
      version: "v1.4.2"

(The name for the plugin is defined here as crowdsec-bouncer-traefik-plugin.)

Then, in your dynamic configuration, add this (I’ve used a separate file dynamic_conf/050-plugin-crowdsec-bouncer.yml):

http:
  middlewares:
    crowdsec-bouncer:
      plugin:
        crowdsec-bouncer-traefik-plugin:
          CrowdsecLapiKey: "...YOUR CROWDSEC LAPI KEY HERE..."
          Enabled: true

(The name for this new middleware defined here is crowdsec-bouncer. It uses the crowdsec-bouncer-traefik-plugin defined in the previous step. Make sure these names match.)

You can get the LAPI key by registering a new bouncer in CrowdSec.

And, finally, make sure all incoming traffic routes through the bouncer plugin. You can do this individually, or in general via the static config:

entryPoints:

  websecure:
    address: :443
    http:
      middlewares:
        - crowdsec-bouncer@file
        - secure-headers@file

The middlewares are processed top to bottom.

Any change to the static configuration requires a restart of Traefik to become active.

I’ve recently enabled banning whole subnets if more than 3 malicious actors from that subnet are on the blocklist. This is great for all those DigitalOcean droplets and other cheap hosters used by those people…

I had fail2ban running for several years before switching to CrowdSec late last year. They both work in a similar fashion and watch your logfiles for break in attempts. With the small difference that CrowdSec also lets you use blocklists from the “crowd” to block malicious actors before they even get to try their luck on your machine(s).

I’m using CrowdSec with Traefik and nftables. But there are some bouncer plugins for nginx and OpnSense, too.

I just followed their example configurations for Docker, Docker Compose and then started tinkering with the config until everything worked as desired.

I’m using Strongbox on iOS and macOS with iCloud Sync and never had any merge issue. Well, maybe once when I deliberately edited the same entry on two different devices. But during normal use, the sync and merge works great.

The Bitwarden clients cache your data locally. So even if your Vaultwarden goes down, you’ll still be able to access your passwords. Just not sync new ones or make changes.

I’d throw in option 3: use a KeePass2 database, sync it using whatever sync tool you like (SyncThing, iCloud, NextCloud, WebDAV, …) and use compatible apps (KeepassXC, Strongbox, etc.)

I was going by this thread and this comment. Those other websites are mostly selling SIMs for industrial IoT or CCTV stuff and are either acting as a MVNO (where I don’t know how much influence they have on the network configuration) or probably selling foreign cards with free roaming or something like that.

Fixed IP might be a problem as basically all carriers use CGNAT. From what I could gathergoogle, Three seems to be the only one where you can manually change the APN to 3internet to get assigned a proper IP address.

https://terminaltrove.com/new.xml

This gives basically no headaches at all. I am running this schema on all my Linux devices. And swap is done using a swapfile instead of a partition. This way, you can easily increase it later on.

If you spin up a Lemmy instance and subscribe to a community, all new posts and comments inside that community will be mirrored to your instance. As I’m subscribed to around 100 different communities, that was a LOT of traffic without me doing anything. That’s why I’ve given up on self-hosting Lemmy just for myself and went back to using lemmy.ml.

However, I do self-host a GoToSocial server just for myself. It’s probably not necessary as mastodon.social isn’t going anywhere anytime soon, but if you’re on a smaller instance, it might be worth it. Also, you get to show off your own domain name. And, while other instances may block yours, your content stays online as long as YOU want it to. There’s no way for an external moderator to delete posts on your own server.

People can find you via Boosts from others or by searching for your @username@domain.com.

Maintaining my GoToSocial so far consisted of simply getting WatchTower to update the Docker container. Migration of data to a new version happens automatically. (Well, there was one accident where some pre-release version got released under the latest tag and I had to use the development branch for a few days … but that was an accident from the GtS-team and shouldn’t happen again.)

http://www.bofharchive.com/

https://bofh.bjash.com/

😉

Once my DS415+ (with the C2000 fix) finally dies, I’ll most probably go with a Terramaster F4-423. They have an internal USB-port with their OS which you can replace and install a custom OS to it. And it’s basically just an Intel NUC with a storage controller in a nice package. So, pretty much compatible with the usual OSes and NAS softwares.