The unrealistic part is management admitting to a mistake

I think my instance has been growing at about 30 GB a year. I think if you set it up to not rehost the pictures, you can keep the whole thing in the handful of GB range.

So when I ask Let’s Encrypt for a cert, I ask for *.int.teuto.icu instead of specifically jellyfin.int.teuto.icu, that way I can use the same cert for any internally running service. Mostly I use SSL on everything to make browsers complain less. There isn’t much security benefit on a local network. I suppose it makes harder to spoof on an external network, but I don’t think that’s a serious threat for a home net. I used to use home.lan for all of my services, but that has the drawback of redirecting to a search by default on most browsers. I have my tailscale exit node running on my router and it just works with SSL like anything else.

I use a central nginx container to redirect to all my other services using a wildcard let’s encrypt cert for my internal domain from acme.sh and I access it all externally using a tailscale exit node. The only publicly accessible service that I run is my Lemmy instance. That uses a cloudflare tunnel and is isolated in it’s own vlan.

TBH I’m still not really happy having any externally accessible service at all. I know enough about security to know that I don’t know enough to secure against much anything. I’ve been thinking about moving the Lemmy instance to a vps so it can be someone else’s problem if something bad leaks out.

What you are looking for is a RAG and is one of the few legitimately useful implementations of LLMs outside the wall of hype.

My one and only reason is that I’m a turbo-nerd. No professional or even educational tech background at all.

I had a squatter get mylastname.com after my dad died. After a while I guess they noticed that I registered mylastname.net and orffered to sell me mylastname.com I didn’t respond and they let it expire. I should probably register it.

I have a used 2016 super micro server. It was $600, has 2 18 core/36 thread cpus and 256 GB of DDR4 and 12 HDD hot swap trays. It also idles at 180 watts. Way over kill but I have cheap electricity and it’s nice being able to spin up a vm with just about any specs I could want. If I got some more normal cpus it would probably burn a good bit less power.

Cloudflare if you want one of the handful of TLDs they support, namecheap otherwise. For namecheap I still point the nameservers at Cloudflare so they can manage the site. For DDNS I use DDclient, it works, that’s about all I can or should say about a DDNS client.

I appreciate all of the weird instance names in here

I prefer to use a local DNS for internal services just so there is less publically available information about my internal network. No need to let everyone know what address space I use or which vlan certain services are on. Also means you don’t have to wait for public DNS servers to update.