Proxmox on the metal, then every service as a docker container inside an LXC or VM. Proxmox does nice snapshots (to my NAS) making it a breeze to move them from machine to machine or blow away the Proxmox install and reimport them. All the docker compose files are in git, and the things I apply to every LXC/VM (my monitoring endpoint, apt cache setup etc) are all applied with ansible playbooks also in git. All the LXC’s are cloned from a golden image that has my keys, tailscale setup etc.

100% this. And Lenovos and HPs designed for the business market generally are a pleasure to work on (in the hardware sense) if you need, with good manuals and secondhand spare parts.

I’m local first - stuff I’m testing, playing with, or “production” stuff like Jellyfin, Forgeo, AudioBookshelf, Kavita etc etc. Local is faster, more secure, and storage is cheap. But then some of my other stuff that needs 24/7 access from the internet - websites and web apps - they go on the VPS.

I just do one Docker container per LXC. All the convenience of compose, plus those sweet Proxmox snapshots.

Is there a reason not to use Tailscale for this?

Great job on the banner - I could hear the theme in my head.

Forgejo - actively developed open source. It’s what powers Codeberg. Easy to set up and manage with Docker. I moved to it from Gogs and skipped Gitea after reading about the forks.

It is only resolving for devices in the Tailnet. Kuma is checking they are all up, and this Ansible playbook is checking they have all their updates. I wouldn’t have thought that was an unusual arrangement - and it’s worked perfectly for about a year till about three weeks ago.

Yes, this.

Thanks yes - that’s exactly what I needed.

Thanks - this is exactly what I needed.

Yes - we’re “I’ll let you use my electricity for your computer thing” friends, not “I’m okay with seeing your printer on my home network” friends.

Kavita is for ebooks - it’s not perfect, has some weirdness with series sometimes because of it’s manga heritage.

For me, AudioBookShelf is the clear standout for audio books, and I ended up going with Kavita for ebooks.

I have it in a git repo, broken down by the nodes and vps names. In each of these folders is a mixture of Ansible playbooks, docker compose or just markdown files with the descriptions. Some is random stuff - my VPS allows the export of the cloud firewalls as JSON for instance. All the secrets needed by Ansible are in an Ansible vault, the rest in KeePass.

Taxidermists hate this one trick.

I started doing this, maybe 15 years ago, but if I look through my spam folder now, most of it is to the email address I used before I began using unique addresses (the rest is to random addresses in my domains that I’ve never used).

My hypotheses from that are that

• there is probably less ‘selling of email lists’ going on than we think
• I’m less interested in dubious internet sites than I used to be
• or (most likely) these days, your internet thing has to be offering me some real value if I’m going to consciously give you any of my data.

Release bot says:

We are pleased to announce the latest stable release of Jellyfin, version 10.10.5! This minor release brings several bugfixes to improve your Jellyfin experience. As always, please ensure you stop your Jellyfin server and take a full backup before upgrading! You can find the full changelogs on the GitHub releases for the server repository and the web repository. Release prepared with <3 by @joshuaboniface, the rest of the Jellyfin team, and contributors like you. Happy watching!

I like data, I like tech, I like investing large amounts of time and energy to self-host things that muggles would not bother with.

I mean, yes, I could. But I’m committed to the #selfhosted life where I spend hours building unnecessarily complicated systems to make my life easier in small ways.