486

Another option is subpaths: xyz.ddns.net/portainer

While you can do that, you should be aware of the security implications (every application can see and modify every other application’s cookies). If at all possible, I would try to avoid this setup.

I am not sure where this idea comes from, but putting a service behind a reverse-proxy does not increase its security in any way, unless you’d do authentication right at the reverse-proxy.

Sure, cloud services can get quite expensive and I agree that using used hardware for self-hosting - if it is at least somewhat modern - is a viable option.

I just wanted to make sure, the actual cost is understood. I find it rather helpful to calculate this for my systems in use. Sometimes it can actually make sense to replace some old hardware with newer stuff, simply because of the electricity cost savings of using newer hardware.

Well, what they are stating is obviously wrong then. No need to use some website for that anyway, since it is so easy to calculate yourself.

Before anyone loses their minds, imagine you get the i3-8300T model that will peak at 25W, that’s about 0.375$ a month to run the thing assuming a constant 100% load that you’ll never have.

Not sure how you came to that conclusion, but even in places with very cheap electricity, it does not even come close to your claimed $0.375 per month. At 25 W you would obviously consume about 18 kWh per month. Assuming $0.10/kWh you’d pay $1.80/month. In Europe you can easily pay $0.30/kWh, so you would already pay more than $5 per month or $60 per year.

Lots of answers about use-cases of additional wifi networks, so I won’t go into that. I haven’t seen the downsides mentioned here, though. While technically you can run lots of wifi networks of off the same wifi router/ap, each SSID takes a bit of air time to broadcast. While this might sound rather insignificant since this is only a rather tiny bit of information transmitted, it is actually more significant than one might expect. For one the SSIDs are broadcast quite often, but also they are always transmitted at the lowest possible speed (meaning they require a lot more airtime than normal WiFi traffic would require for the same amount of data) for compatibility reasons. This is also the reason why it is a good idea to disable older wifi standards if not needed by legacy clients (such as 54 Mbit/s 802.11G wifi).

Having two networks is usually fine and doesn’t cause noticable performance degradation, having 4 or more networks is usually noticable, particularily in an already crowded area with lots of wifi networks.

Yes, the Odroid H series SBC probably come closest to OP’s requirements. Schematics are available on their website. They are also really low power with even the older H2 idling below 4 W.

Highly susceptible to replay and man in the middle attacks.

fwknop isn’t susceptible to either.

I was thinking about doing something similar and was considering running Android on a Raspberry Pi. There are unofficial LineageOS builds for the Raspberry Pi. I haven’t tried that yet, but I guess it should be possible to use the Jellyfin Android app on such a setup.

There is quite a significant difference. An ssh server - even when running on a non-default port - is easily detectable by scanning for it. With a properly configured Wireguard setup this is not the case. As someone scanning from the outside, it is impossible to tell if there is Wireguard listening or not, since it simply won’t send any reply to you if you don’t have the correct key. Since it uses UDP it isn’t even possible to tell if there is any service running on a given UDP port.

Getting certs from Let’s Encrypt should work fine with any provider, even if you can’t open any ports, since they do support DNS challenge.

Ansible also comes with its own secrets manager ansible-vault, which you can also use to store your secrets in an encrypted file.

Mine runs a little under 18 W with one 8 port managed switch, a DSL modem, CM4-based router, a tiny Wifi AP, and an Intel Celeron J4105 based mini PC server.

BirdNet-Pi is awesome. Highly recommended for anyone who likes birds. The BirdNet app for phones is also nice.
Btw, BirdNet-Pi also works fine on the non-plus Raspberry Pi 3.