OP, if you ever decide to go the Cloudflare Tunnels/Zero Trust route, I’ve got a set of instructions/notes that have helped a handful of people deploy Cloudflare Tunnels/Zero Trust. I’d be more than happy to share them.

Technically, using Cloudflare tunnels for Jellyfin is a ToS violation. You’re only allowed to do so if you have an enterprise account, which is quite expensive.

I’ve heard people say this, and I’ve heard people say you can’t stream music. Tho I do not run the 'arr stack or Jellyfin, I do run Navidrome almost 24/7/365. But it’s something to keep in mind.

ETA: I am the sole user

Well, you could do network segmentation:

• Put the server in a DMZ or separate VLAN if your router supports it. This isolates it from your main devices (computers, phones, IoT). I’m not sure what router you have buy many consumer routers have a “guest network” that can serve this purpose.

Utilize UFW rules. Mine are:

• sudo ufw default deny incoming

• sudo ufw default allow outgoing

• Anywhere ALLOW IN 192.168.1.0/24

• 22 ALLOW IN 192.168.1.0/24

• 22 on tailscale0 ALLOW IN Anywhere

• 22 (v6) on tailscale0 ALLOW IN Anywhere (v6)

Also:

• sudo ufw allow out to 1.0.0.1 port 53 # DNS only
• sudo ufw allow out to 1.1.1.1 port 53
• sudo ufw deny out to 192.168.1.0/24 # Block LAN access except admin

So now I have SSH capability locally and through Tailscale installed on the server and this prevents the server from initiating connections to other LAN devices. You can do alot with UFW and Fail2Ban in conjunction with Cloudflare Tunnels/Zero Trust.

Have you considered Cloudflare Tunnels/Zero Trust. When you use Cloudflare Tunnels/Zero Trust, you don’t need to fiddle with NAT, open any ports, in fact you don’t need any open ports. You just install Cloudflare Tunnels/Zero Trust on your server, connect to your Cloudflare Tunnels/Zero Trust account, and Cloudflare does the rest. To deploy Cloudflare Tunnels/Zero Trust you will need a domain name. Cloudflare will sell you a domain name but I think most get something cheap from NamesCheap or Pork Bun. When you have secured a domain name, switch the nameservers to the ones that Cloudflare assigns you. Jacks a doughnut, Bob’s your uncle.

ETA: Obviously you’ll need port 22 for administration.

sudo ufw default deny incoming

sudo ufw default allow outgoing

But my qualms and scruples are not your problem

Me being uncomfortable with how you do it is immaterial

I hope as a community we can start to just say “No thank you” when we are offered something that’s done in a way we don’t like

anyone who is not doing that needs to analyse why they feel entitled to shit on someone else’s project.

We goin’ to church today. Preach it my brother! Can I get an amen?

I’m the one who has to die when it’s time for me to die, so let me live my life the way I want to. ~ Jimi Hendrix

Don’t let 'em give you shit about your ponytail bro.

Well, I’ll certainly keep it in the back of my head.

The Homarr (dashboard) team delivered on their promise to decrease the app’s unusually large memory footprint after receiving public complaints a few months ago

Noticed.

Thing is, if I were going to do in house AI, I’d want to do it up right and from what I can gather, a system like that is going to cost me some jack.

I’ve got a drawer full of various models I’ve picked up here and there, mostly used that people were selling. I stumbled across a yard sale once where a guy and his son were selling a lot of computer equipment to raise money for his son to get some newer stuff for college. There was a whole box of them, maybe 10+ and I paid $100 for all of them. I use them from time to time for different projects. Good little learning boards.

But I got bad habits

Yeah, they’re my bad habits

LOL Never heard of FIDLAR.

What if I enjoy my bad habits?

(ie 2500 sq ft; or 232 sq m)

Damn, y’all livin’ lavvy.

A realistic Pi 4B-only estimate is about A$8–A$12 per year in electricity

That’s about what I calculated for my locale. Roughly $0.30–$0.85 per month, around $0.48/month at 4 W. Which is remarkable especially given what you can run on one.

People will buy intelligence from us on a meter’

We have governmental surveillance and we have surveillance capitalism. Surveillance capitalism works so well that governments are now very interested in the data they collect, which is alarming. Unfounded conspiracy theory: It’s probably one of the reasons that governments don’t seem interested in AI’s regulation. If I had the proper equipment to run AI entirely local and efficiently so that the expenditure would justify it, I would.

We have a local ‘battery’ store where you bring in your appliance with dead batteries, say a cordless drill, and they will refurbish it with a replacement battery. Sometimes the refurb process is more expensive than just outright buying a new appliance, so you have to use your judgement.

Things just seemed…simpler back then.

I do run a Searxng private instance and love it.

Usenet…boy that brings back some memories from back in the day. Surprised that it seems to still be going strong.

call Spectrum for a quote so I can then call AT&T and harass them into giving me the correct price for another year.

It’s a shitty business model. Over the years I’ve found that in order to get the most out of Spectrum it is necessary to be a royal asshole and live in their phones. Here in this locale, Spectrum contracted with the local schools to be their ISP, so Spectrum became a utility just like water, power, etc. We even have a complaint form on our official county’s website to facilitate being a royal asshole when necessary.