Yes, the restriction to a single VPN client is annoying.
Blocking ad/telemetry domains can be done by adding Adguards DNS servers in the OS settings. Sadly blocking apps Internet permissions completely is not possible (except on OS like LineageOS, CalyxOS or GrapheneOS).
Symphonium is a great Android music player which connects to a Subsonic or Jellyfin server (or any other protocol like SMB).
Navidrome is a music server which implements the Subsonic protocol. This means apps like Symphonium can connect to it.
Any old PC is enough, even a Raspberry Pi is fast enough for a music server.
Anything more like SSL (https) and a domain is optional for getting it working, and only a benefit if used outside of your home network. Using Tailscale makes a domain/SSL unnecessary and also no longer needs messing around with networking (e.g. no opening ports on the router).
The Samsung Galaxy S5 mini has a IP67 rating and a removable battery.
It’s possible to produce water resistant phones with removable Batterien, but manufacturers would rather sell new phones instead of batteries.
Yes. 1TB SSDs can be bought new for 50€, 500GB for even less. For some people this is expensive depending in the region (e.g. I also know someone who uses an HDD). But given the price of other pc parts it isn’t something to cheap out on (a 1TB/2TB HDD is also 50€).
The survey was originally sent out on reddit /r/selfhosted, so I expect most respondents are from there.
Global hotkeys have been addressed on KDE, but no applications actually support it — one of the reasons being that no other desktops support it. Typical chicken-egg problem.
No, I haven’t connected a Pi to a 4k TV.
Like others’ve said, Bitwarden is awesome if you want a (selfhosted or hosted) server (e.g. as a much better replacement for LastPass).
If you want an offline password manager, KeePass is the way to go (i.e. KeePassDX/KeePassXC for mobile/pc).
Analogue likely doesn’t emulate the hardware at the transistor level, as it’s far more difficult than doing what most software emulators do.
From an interesting (altough non-conclusive) HN-thread [1].
Without seeing the code, it’s impossible to know where Analog’s implementation falls on the spectrum of software emulation vs hardware simulation. There is nothing magical about FPGAs that automatically makes anything developed with them a 1:1 representation of real hardware. In fact, there are plenty of instances where the FPGA version of a particular console is literally just a representation of a popular emulator only in verilog/vhdl. In many instances, even the best FPGA implementations of some systems are still only simulating system level behavior. Off the top of my head, one famously difficult case is audio, where many chips have analog circuitry that cannot be fully simulated.
FreeTube does not have controller support, and for AndroidTV I’d recommend SmartTube.
Kodi/LibreELEC is able to do all of it, but IMO it’s not a good experience for browsing YouTube and I don’t know how well the third party Steam Link integrations work.
This is why I’d also recommend LineageOS Android TV, which supports Pi’s thanks to konstakang. But I’m not sure why it’d work better than a FireTV stick, since both run AndroidTV.
Edit: I’ve had an issue where the Pi 5 wouldn’t boot AndroidTV, until I tried to turn it on again after a few weeks. So I’d recommend sticking with the FireTV + SmartTube + Jellyfin + Steam Link (unless you’ve got a Pi 5 lying around anyway).
Edit 2: The Pi 5 + Android TV had issues with HDMI-CEC of the TV, so I had to buy a remote with a USB adapter. This sends the wrong signals (e.g. keyboard enter, not what Android TV expects), which is fixable with some app remapper. Maybe it’ll work better for you, but the FireTV is likely the easier solution.
Yes.
If VPN’s actually won’t be able to protect its users from copyright claims anymore, there’ll still be anonymisation networks like I2P (at least so long as encryption isn’t banned).
Yes, it’s slow atm, but if it was included in more torrent clients and enabled by default, speeds would likely get better.
Because they use the official apps/web-vault, they don’t need to implement most of the vault/encryption features, so at least the actual data should be fine.
Security audits are expensive, so I don’t expect it to happen, unless some sponsor pays for it.
They have processes for CVEs and it seems like there wasn’t any major security issues (altough I wouldn’t host a public instance for unknown users).
“On skippable ads, the button appears after 5 seconds into playback, as always.”
They aren’t hiding the skip-button, they are hiding the not-being-able-to skip-button.
I guess the advantage for Google is that users can’t know whether they’ll be able to skip, so they might watch more of the ad with expectations that they might be able to skip it.
Vaultwarden is one of the few services I’d actually trust to be secure, so I wouldn’t worry if you update timely to new versions.
Yes, Bitwarden browser plugins require TLS, so I use DNS challenge to get a cert without an open port 80/443.
The domain points to a local IP, so I can’t access it without the VPN.
Having everything behind a reverse proxy makes it much easier to know which services are open, and I only need to open port 80/443 on my servers firewall.
Fully agreed.
Accessing Vaultwarden through a VPN gives me peace of mind that it can’t be attacked.
Another great thing about Bitwarden is that it’s possible to export locally cached passwords to (encrypted) json/csv. This makes recovery possible even if all backups were gone.
My banking apps lock screens consistently aren’t recognized by Bitwarden Android.
Some websites/apps only show the email field at first, then add the password field afterwards. This also sometimes makes it not being detected as a login form.
Sometimes a password field is detected only on the first filling in (which is annoying when choosing the wrong entry).
On desktop it’s great, but I really don’t know why some apps have to do custom login screens.
Great to hear you found my comment helpful.
Just make sure you make backups regularly. Especially with used drives, I wouldn’t count on them surviving the stress of a rebuild. If a second drive fails in a RAID10, all data might be gone.
Edit: I’d be thankful if you could report back how the test goes. I need a drive for a backup ;) and I’m considering buying from eBay too.
I will test them upon receiving and see how it goes from there:)
I remember taking my first selfhosting/Linux steps a year or so after the launch of Let’s Encrypt with a Pi 3. At the time, most tutorials didn’t set up https at all, and if they did, they were self signed certificates (resulting in browser warnings).
Self-signed certificates are annoying and creating them was a series of copy pasting long, weird commands, usually using long exspiration dates (manual renewing sucks).
Not long after, guides started recommending certbot. Nowadays reverse proxys like caddy set up TLS automatically.
At least that’s how I remember it, given my complete lack of knowledge about Linux at the time.