Email is like, the worst possible option. Check out Apprise. Super easy to setup Telegram or Discord notifications via webhooks. Takes like a minute.

Now to guess which ones will still be maintained in 5 years 😆

If you figure it out, lemme know. lol

Here ya go: https://selfh.st/apps/

Will cover about 90% of your bases there. You can even look up proprietary software and it will show you self-hostable alternatives.

My goto would be wireguard, is that still a good option?

Yes.

Private cloud/File server

https://selfh.st/apps/?tag=File+Sharing

Is a local video streaming app actually useful for a rare watcher of movies etc, or can they be streamed directly from the file server?

You can do it any number of ways. I have it setup a pretty cool way, I think. I leave my PC on all the time. I also have a home NAS with all my media files on it. I host Jellyfin server on my PC and in the Jellyfin settings link to the network location of the files (\\nas\media\tv, etc). Works great, especially for transcoding because I run the server on my Windows PC, it gets access to my GPU for transcoding. Really great setup I like to think. Only drawback being you have to leave your PC on all the time, which doesn’t bother me.

Is Docker the way to go for everything? or just install on the machine directly?

There are alternatives to docker, like LXC but they’re not as widely used as Docker. So unfortunately…

Another option for you could be Hyper-V if you don’t mind using your PC to run containers. I like it better than running docker containers.

Matching 500 episodes (e.g. Looney Tunes and Disney shorts) manually isnt fun.

With tools like TinyMediaManager, why in the absolute fuck would you do it manually?

At this point, it sounds like you’re just bad at media management more than anything. 1080p h265 video is at most between 1.5-2GB per video. That means with even a modest network connection speed (500Mbps lets say) you can realistically download 5TB of data over 24 hours… You can redownload your entire media library in less than 4-5 days if you wanted to.

So why spend ~$700 on 2 20TB drives, one to be used only as redundancy, when you can simply redownload everything you previously had (if you wanted to) for free? It’ll just take a little bit of time.

Complete waste of money.

It becomes a whole different thing when you yourself are a creator of any kind.

Clearly this isn’t the type of media I was referencing…

PITA = pain in the ass.

I never said it was hard. Just a real pain in the ass. Like iptables vs UFW. They’re the same thing, but one is easy and a pain in the ass and the other is just easy… So I opt to make my life easier. lol

Data hoarding random bullshit will never make sense to me. You’re literally paying to keep media you didn’t pay for because you need the 4k version of Guardians of the Galaxy 3 even though it was a shit movie…

Grab the YIFY, if it’s good, then get the 2160p version… No reason to datahoard like that. It’s frankly just stupid considering you’re paying to store this media.

It’s not important data. Why would I spend another $200+ for another 20TB drive to have redundancy for 1 and 0 I don’t care about…

I continuous backup important files/configurations to my NAS. That’s about it.

IMO people who redundant/backup their media are insane… It’s such an incredible waste of space. Having a robust media library is nice, but there’s no reason you can’t just start over if you have data corruption or something. I have TB and TB of media that I can redownload in a weekend if something happens (if I even want). No reason to waste backup space, IMO.

Traefik is a PITA.

Caddy all the way. If you build it with Docker support (or grab the prebuilt), you can use docker container names to reverse proxy using names instead of any IP addresses or ports. It’s nice because if the IP updates, so does caddy. All automatically.

Here’s what my caddyfile looks like;

{
        acme_dns cloudflare {key}
}

domain.dev {
        encode zstd gzip
        root * /var/www/html/domain.dev/
        php_fastcgi unix//run/php/php8.1-fpm.sock
        tls {
                dns cloudflare {key}
        }
}
*.domain.dev {
        encode zstd gzip
        tls {
                dns cloudflare {key}
        }
        @docker host docker.domain.dev
        handle @docker {
                encode zstd gzip
                reverse_proxy {portainer}
        }
        @test host test.domain.dev
        handle @test {
                encode zstd gzip
                reverse_proxy 127.0.0.1:10000
        }
        @images host i.domain.dev
        handle @images {
                encode zstd gzip
                reverse_proxy 127.0.0.1:9002
        }
        @proxy host proxy.domain.dev
        handle @proxy {
                encode zstd gzip
                reverse_proxy proxy
        }
        @portal host portal.domain.dev
        handle @portal {
                encode zstd gzip
                reverse_proxy portal
        }
        @ping host ping.domain.dev
        handle @ping {
                encode zstd gzip
                respond "pong!"
        }
}

DNS hosted by cloudflare but because caddy handles ACME certs, all the subdomains automatically get SSL.

I rawdog storage. I RAID0 and forget. huehue.

Because there’s no advantage to having this much RAM in an economy build. If you’re looking to max out your mainboard RAM then you’re looking for a thread ripper anyways, not some economy i9…

lmao bro I can’t upvote this shit enough.

Heimdall seems to be the popular choice: https://github.com/linuxserver/Heimdall

Extremely.

Can’t beat Mox: https://www.xmox.nl/

listen to my podcast, guys. /s

The entire point of selfhost is to host private services not available to the public. By literal definition, that’s allowing only local traffic to connect to your services. It’s infinitely more secure. A VPN allows you to extend those services over the clearnet to authorized devices via virtualized networks. You don’t have to worry about messing with inbound/outbound ports, or worrying about software failure or misconfigurations accidentally exposing you to the clearnet. You don’t have to worry about DDoS, or abuse. Being attacked? Bring down your VPN and that completely shuts down your issue. Your network is completely unreachable by anyone but a local host.

There’s simply no room for an argument. VPN is objectively better in all possible situations.

I don’t know what kind of firewall you use, but if my firewall is down there is NO traffic at all passing through!

Only a hardware firewall would do this. If it’s software, like implied in your post, no traffic is filtered and all connections are accepted.

VPN is the least amount of work for the most secure setup. There’s nothing to even argue, its superior in every way.

There is. It’s called VPN Split Tunneling.

If you want to proxify your connection between you and a service, you enable the split. If you don’t care, or want to not use the VPN, then disable it for that application. So it’s effectively “proxify all connections to this app,” which is the same as your use case.