

The one point that has basically been solved is NAT traversal. Thanks to Wire guard, Tailscale and the like. The relevant parts are open source and can be used basically as a library.


The one point that has basically been solved is NAT traversal. Thanks to Wire guard, Tailscale and the like. The relevant parts are open source and can be used basically as a library.
I wish there was one. Thunderbird has given me nothing but issues. KMail is lacking basic features, as does evolution. I obviously haven’t tried them all, but this already took long enough and I’m tired of it.


First my context: I’m also running multiple Proxmox hosts (personal and professional), and havea paperless-ngx instance (personal/family). I tried Firefly, but the effort required to get it to a point where it would be if use to me was too high, so I dropped it. Haven’t used n8n.
For the setup I’d just use the Proxmox community scripts, if you haven’t heard of them. Makes updates trivial and lowers the bar to just trying something to basically zero.
Paperless-ngx I actually use, cause it means I can find something when i need it. It’s all automatically ocr’d and all you have to do is categorize them. With time, it’ll learn and do this for you. You can (manually) setup your scanner to just directly upload files to the “consume” folder and it just works. PC/server power is near irrelevant, it just means OCR takes slightly longer, otherwise it’s a web server. You can run this just fine on a raspberry pi.
I don’t have any real automation setup, so I can’t really comment on that. My advice is to just install it, see what it does and how it feels. Try to anticipate if and how much automation you need. Many aspects of all this are of the “setup once” variety, where once it’s working, you don’t have to touch it again. Try to gauge if the one time effort is worth it for you, then go from there. As I said, it was fine for paperless for me, but not for Firefly (but I might need to revisit this).


DuckDNS had been unreliable when I used it, but it’s been a while. I swapped over to desec.io but their signups aren’t always open. Can highly recommend them though, and they offer many paths to update the IP, including DynDNS(2) protocol or just ddclient.
Also works with certbot for Let’s encrypt certificates using dns challenge.


Never run something like Vaultwarden with unencrypted traffic. Throwing in a self signed cert is basically free insurance. You never know when even in your “trusted network” something starts listening in. Just why risk it?


Yes, but it isn’t available (yet). The pebble 2 duo does not, but it has already shipped. I don’t know how many are still available and/or will be made.
Currently the app also has zero support for anything health-related, including sleep. If that will be fixed by the time the pt2 is shipping, who knows. This is probably not a huge problem for op, as he’s explicitly searching for a watch without smartphone reliance.
Even in the old app and on the old pebble watches, anything health related was an afterthought at best, and it also isn’t a focus of it officially. The new ones are using the same OS, so are incredibly similar. Which is generally a good thing, but also includes the lack of features related to anything “health”.


The modern Pebble has no heart rate sensor, and generally no useful exercise monitoring.


Ssh over Internet is fine as long as it’s properly setup (no password auth, root not allowed, etc.). Obviously a VPN is even better.


Or if you have separated your devices into subnets/VLANs. Which becomes more important as your get more hardware that you don’t really trust.


Tailscale is WireGuard under the hood, if you didn’t know. It’s an overlay network that uses WireGuard to make the actual connections, and has some very clever “stuff” to get the clients actually to connect, even if behind firewalls without needing port forwarding.
Using WireGuard directly basically just changes the app you use, which may or may not help with your issues. But the connecting technology is the exact same.


I’d suggest looking into TeamSpeak, like others have mentioned. Trivial to self host, too.
Edit: to be clear, this would cover the voice call aspect of discord, not the chat channels and other community tools. While it’s can do text chat, it’s more of a side feature rather than core. I didn’t think it does images or video, but it’s been a hot minute.
Who cares what it looks like as long as it works? They want to get 2fa sms in their desktop, I highly doubt “pretty” is high on the requirements…


but you can do everything without it.
yes but why would you? There’s a reason we use GUIs, especially when new to a field (like virtualization).


Mine are of course also on a VLan but with no Internet access unless they need it for everyday operation (like a radio, or the amplifier that can play Spotify).
We don’t use the manufacturer apps at all. Everything is integrated into (fully local) home assistant. No need to open a specific app to operate a switch, or a light. Everything in one place. Trivial and incredibly clear. Things that can be are of course automated.


Just because it’s a “smart” service doesn’t mean it has to connect to the Internet or a server or the manufacturer. If it does neither, it can’t be turned off by them.
All my devices run local-only protocols. Nothing leaves my house. The devices that would be proprietary were reflashed to tasmota (fully open source, local only). Others are either Zigbee or Shelly. While Shelly has a cloud connection, it’s fully optional and disabled by default (including automatic updates). The hardware is also supported by tasmota, and reflashing is always just 5 minutes of effort away.
There is absolutely nothing that any manufacturer has to do to keep my stuff working. I have to do a little something (keep my tiny server on, basically). But more importantly there is nothing any manufacturer can do to stop my stuff from working.
While it’s fantastic software, it’s probably a relative cannon to shoot at his problem. Maybe there’s a way around this, but I’ve found the necessary management, curation and bookkeeping that was necessary for it too be useful to be just way too much to be worth it. I mean it’s fun for some, including me to a degree, but not too this extent.
UnRaid doesn’t provide anything I am interested in, at all. Currently running TrueNAS for main storage and proxmox for virtualization, both ZFS based. If TrueNAS ever enshittifies, I’d run some bare metal Linux with ZFS. My workstations also run ZFS as the file system, making backups trivial. VM snapshots and backups of any system are trivial and take seconds (including network transfers).
I never understood why I’d even consider UnRaid for anything.


Of course I have. Specifically RadioParadise(.com) is great for this, which I’ve listened to through winamp’s shoutcast as well (multiple decades ago). I’ve even been a supporter for all those decades at this point. But it’s a very far cry away from the personalized (discovery) playlists. The efficiency diffference for discovering music is orders of magnitude: I find maybe 1-3 songs a month compared to 5+ in a week for discovery playlists (somtimes less, usually more). You can even skip songs you don’t like on there, but that still doesn’t make up for it being universal and not personalized.
It’s nice as a palate cleanser, or when I don’t wanna put effort into selecting what to play. But I’d lose my mind listening to it for truly extended periods of time. The music is great, and the (human) selection is superb, but just by the nature of personal taste, I only like around 30% of the music I’d say.


I also get that, that’s why I up-voted every reply from you. I actually love seeing such completely different perceptions of the same situation. And I also just want to explain my reasoning and how I got there. Which is why my replies tend to be so long.
I think it’s about printers being required by law to (covertly) watermark copies as such, and make it somewhat traceable. This is supposedly to prevent duplication of protected works (books?) but also to prevent someone just using it to print money (badly, probably).
To my knowledge all major brands incorporate something like this.
Wikipedia article about the technology