Just as a side node, make sure to backup your immich / nextcloud services too.

I might be wrong, but it sounds like hosted nextcloud, not a completely new platform.

Thats from the current nextcloud docs:

We strive to bring Artificial Intelligence features to Nextcloud. This section highlights these features, how they work and where to find them. All of these features are completely optional. If you want to have them on your server, you need install them via separate Nextcloud Apps.

You’re right, that’s an option. I could set this up at my router, this way it would be almost indistinguishable from IPv6 via my ISP.

Its really not that hard. Sadly, my ISP doesn’t offer IPv6 yet, but for my vServer, enabling IPv6 was just a checkbox during creation. Then, you need to make sure that the service (e.g. webserver) also listens on the IPv6 address and maybe tweak the configuration of the webserver to actually serve websites via IPv6. Also, check your firewall settings. Lastly, you need to set the DNS AAAA records and you’re done.

Its quite unintuitive how hard it is to melt snow.

I mostly try to read the docs, but sadly good documentation is pretty rare.

I’m currently following this guide to setup caddy reverse proxy with coraza web app firewall.

But be warned, this whole rabbit hole of WAF isn’t trivial, some protections don’t work well with some apps (e.g. portainer triggers some rules about system command execution) and it needs some tuning. I personally set it up to learn more about WAFs because I believe it will help me in my career, but I would not blindly recommend it to everyone.

Approaches like crowdsec and fail2ban seem much more suitable for selfhosters – and keep your server software updated.

Great idea. Would be even better if we turned lemmy into an AI only social network. Thousands of bots will create content, vote and comment. And all this could be done without user interaction.

Finally, even the super niche communities will have hundreds of bot comment per day, and all human lemmy users will leave voluntarily (thus reducing the need for moderation).

I doubt using secret managers is popular among self hosters. These products are targeted at larger deployments, not homelabs.

I’ve installed coraza web app firewall with OWASP ruleset this weekend. I must admit that it wasn’t as easy as I expected it, but it now (mostly) works. I had to give up with nextcloud though.

RClone to a cloud storage (hetzner in my case). Rclone is easy to configure and offers full encryption, even for the file names.

As the data is only uploaded once, a daily backup uploads only the added or changed files.

Just as a side note: make sure you can retrieve your data even in case your main system fails. Make sure you have all the passwords/crypto keys available.

It also doesn’t even make sense to buy up all the possible domains. It would just be a waste of money, and surely someone could come up with a domain name that you didn’t think of (fediverse-network.com).

Thank you. It appears that even the USB-2.0 models support video output.

Wired screen mirroring would be a nice use case. E.g. just plug the iphone in a USB dock and watch a movie or join a meeting.

I think meaningful commenting only works in trees, for example the old mailing lists.

With classic linear forums, I quickly loose track of different discussions. Good luck finding replys to a comment on page #3 when the post has 300 comments.

I’ve got it running for a few weeks now. Seems very nice

Nice list of suggestions, but implementing all of them feels a little over-the-top.

I don’t really get the love for fail2ban. Sure, it helps keep your logs clean, but with a solid SSH setup (root disabled, SSH keys enforced), I’m not bothered by the login attempts.