If you’re happy with how Apple Password works for you, I can recommend StrongBox. It keeps all data in a KeePass2 database and integrates into Apple’s AutoFill API. That means it feels almost native when using it. No browser plugin needed. (At least not for Safari.) And you can decide how you sync the database file.

Doesn’t get any more secure than a battle-tested web server hosting simple MP3 files and a text file.

Convenience might be a thing, though. I’m in the Apple ecosystem so their Podcasts app shows that feed on all devices and tracks listening progress, etc.

If I didn’t have that, I’m still a lifetime customer with PocketCasts and PocketCasts Web. So, that’s that. But if you don’t have anything similar in place, a self-hosted streaming server might be the best way to go, yes.

Do you need a web player? I’ve got several years of a radio show on my web server and wrote a script that created an RSS feed for them. This way I can open that in any podcast player (even web based ones) to listen to it.

Probably BigBlueButton, or maybe Jitsi. Or, they’re still using Teams but didn’t want it mentioned in the article.

If you’re on macOS, there’s blocs. It seems to pop up on BundleHunt for a fraction of their normal price every once in a while.

Then, there’s RapidWeaver Elements - which just went into Early Access.

However, you might want to evaluate whether a static site generator or some small CMS like GRAV can work for you.

Same here. It’s probably easier to print out the QR code(s) for your home wifi network(s) on a piece of paper and hand that to guests when they come over…

Which Pi did you try? Since the Pi4/CM4 (can even work with SAS drives) and especially with the Pi5 you can build some nicely performing NASes.

There are some passively cooled (i.e. no spinning fan) SFF Desktops (HP, DELL, etc.) or you could get a Raspberry Pi 5 and stick it into a Geekworm case. Power consumption with these devices should hover around 5W, maybe slightly higher under load. The Desktops most probably support WoL. The Raspberry Pi doesn’t.

The version I had played around with about 10 years ago could.

There’s also The Dude - although it’s a Windows-only application. But the visualisation is great.

I’m running SpotWeb to browse spots. It’s kind of a curated list of NZBs. So, most things you can find a spot for, are still actually available to download.

It was heavily used by the Dutch to distribute movies with baked-in (“ingebakken”) Dutch subtitles for older media players.

If you like to checkin manually to places, there’s PrivateSquare which will query places around you from Foursquare (so, 4sq will still see whereabout you are), but store the actual checkin in a local database.

If you want some automated tracking, I’m mostly happy with OwnTracks which logs to my DaWarIch instance. (I’ve previously used Traccar and php-owntracks-recorder.)

While I don’t see any battery usage from OwnTracks, my only gripe is that it can’t increase the amount of points logged when it detects movement because of Apple iOS limitations.

(For iOS, there’s also Geory which will log into a local database and CAN increase the logging by spawning a Live Activity. It gives me the most accurate logs so far. But they have to be exported manually to be stored elsewhere and the author wants to keep the app simple and doesn’t want to implement logging to external systems.)

I let CrowdSec determine that. I’m seeing /13, /12 and even /10 in my decisions list. All seem to be Amazon AWS ranges.

In the Traefik static configuration (usually traefik.yml), add this to load the CrowdSec plugin:

experimental:
  plugins:
    crowdsec-bouncer-traefik-plugin:
      moduleName: "github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin"
      version: "v1.4.2"

(The name for the plugin is defined here as crowdsec-bouncer-traefik-plugin.)

Then, in your dynamic configuration, add this (I’ve used a separate file dynamic_conf/050-plugin-crowdsec-bouncer.yml):

http:
  middlewares:
    crowdsec-bouncer:
      plugin:
        crowdsec-bouncer-traefik-plugin:
          CrowdsecLapiKey: "...YOUR CROWDSEC LAPI KEY HERE..."
          Enabled: true

(The name for this new middleware defined here is crowdsec-bouncer. It uses the crowdsec-bouncer-traefik-plugin defined in the previous step. Make sure these names match.)

You can get the LAPI key by registering a new bouncer in CrowdSec.

And, finally, make sure all incoming traffic routes through the bouncer plugin. You can do this individually, or in general via the static config:

entryPoints:

  websecure:
    address: :443
    http:
      middlewares:
        - crowdsec-bouncer@file
        - secure-headers@file

The middlewares are processed top to bottom.

Any change to the static configuration requires a restart of Traefik to become active.

I’ve recently enabled banning whole subnets if more than 3 malicious actors from that subnet are on the blocklist. This is great for all those DigitalOcean droplets and other cheap hosters used by those people…

I had fail2ban running for several years before switching to CrowdSec late last year. They both work in a similar fashion and watch your logfiles for break in attempts. With the small difference that CrowdSec also lets you use blocklists from the “crowd” to block malicious actors before they even get to try their luck on your machine(s).

I’m using CrowdSec with Traefik and nftables. But there are some bouncer plugins for nginx and OpnSense, too.

I just followed their example configurations for Docker, Docker Compose and then started tinkering with the config until everything worked as desired.

I’m using Strongbox on iOS and macOS with iCloud Sync and never had any merge issue. Well, maybe once when I deliberately edited the same entry on two different devices. But during normal use, the sync and merge works great.

The Bitwarden clients cache your data locally. So even if your Vaultwarden goes down, you’ll still be able to access your passwords. Just not sync new ones or make changes.

I’d throw in option 3: use a KeePass2 database, sync it using whatever sync tool you like (SyncThing, iCloud, NextCloud, WebDAV, …) and use compatible apps (KeepassXC, Strongbox, etc.)

I was going by this thread and this comment. Those other websites are mostly selling SIMs for industrial IoT or CCTV stuff and are either acting as a MVNO (where I don’t know how much influence they have on the network configuration) or probably selling foreign cards with free roaming or something like that.