The DMZ is the right idea. But it’s the old way. You definitely want whatever is serving your website to be separated out from your house. You’re hosting should be on an isolated VLAN. The internet should only be able to talk to the server it needs to talk to, no other ports. That box should only be allowed to talk to what it absolutely must talk to and only on the ports that are required. You should run an independent firewall on each one of the boxes that are involved in the hosting with only the proper ports open.

Giving up your private IP Will definitely give away your general location to everyone and your precise location to the authorities.

I would highly recommend using cloudflare or one of the other funnel options. A lot of people don’t like cloud flare because they can capitalize on your traffic, The cloudflare also just won’t shut you down and sell you out like your ISP will at the first request, They don’t do shit about anything until there’s a warrant or a court filing. On the upside you don’t give out your private IP to anyone. You have DDOS protection, and a reasonable layer of anominity.

You need to check daily to make sure all of your software is updated. We’re talking OS, middleware, plugins, application. Preferably via automation. All of the software and plugins you use for this type of hosting end up getting vulnerabilities.

Security is especially difficult on forums. There’s lots of opportunities there for skilled people who are pissed off at what you or someone else is saying to get butthurt. People know exactly what you’re running, then they do some magic behind the scenes next thing you know there’s a bunch of admins you didn’t create.

You don’t need to be hosting your own email but you are going to need an SMTP provider, most free services won’t let you masquerade the from address.

Remote access is definitely a pain, and just surfacing the ports is a bad idea.

Finamp is close. No visualization, No normalization, and there’s gapless playback but no crossfading.

I use tailscale to watch videos and play music remotely.

The eye-opener now has been that

We’ll probably flux forever in between centralized corpo trash and open decentralized projects, until of course to governments collectively outlook decentralized projects because they can’t control/police them.

To gently disagree with you here: UI/UX work is absolutely not art,

UI without art is just a bunch of shitty buttons no one wants to press. Come to think of it, that’s one of the problems with Gimp. There is a UI, it’s just not a good one.

UX is arguably design. But most design departments would place UX as a mixed discipline.

scientific evidence as to how people see, perceive, and interact with things around them.

You’re describing Usability. This is, in fact, its own discipline that should direct both UX and UI.

The problem of poor UX in FLOSS can’t be attributed to a lack of talent; the fact is that FLOSS projects are not hospitable environments for designers, both technically and culturally.

That’s just saying it’s a lack of talent because FOSS teams are inhospitable. Blanket statements like that ring as a stereotype.

their expertise is often treated as a difference of creative opinion by developers who know nothing about basic design principles

The consumers of the product know nothing about basic design principles either. Does their opinion not matter either?

If FLOSS devs want usable interfaces (and I’m not convinced many of them do) this is the problem that needs to be solved.

So, forgive me if I’m reading too much between the lines, but what you’re saying here is if FLOSS wants better UI, they need to engage someone who says they’re an accomplished UI artist and blindly execute their vision even against their own impressions of the requested work?

Maybe there are reasons the FLOSS devs don’t want to sign up for that?

They don’t even have the excuse

just for ref, I’m not downvoting you. They do offer some things that cost them dev/money/time. And some of those things are pain points on Jellyfin.

They give you SSL and dynamic DNS style stuff behind the scenes. They give you a remote service that tells you if you’re remotely visible. They cache the tvdb and manage some subscriptions for EPG and do a pretty good job partnering with (and presumably caching) open subtitles.

None of that makes up for their rug-pulling bullshit.

You used to be able to download shit to your phone then become a local server so other people on your local network could watch off your device.

You used to be able to run 3rd party plugins improving libraries and storing off youtube meta

They’re scrapping watch together

They’re scrapping free remote

They’re spiraling the drain… But I won’t miss them, I’ll miss what they once were.

What do you mean by this?

Not OP

Hardware-accelerated streaming is a premium feature and requires an active Plex Pass subscription.

If you want to use your video card to transcode, you have to be paid.

Well that’s the beginning of the end for them.

I’m about half-way off the platform already (and I’m a lifetime subscriber)

The only thing I go back for is Roku use (better app), PlexAmp (better app) and offline viewing. I don’t have to go off JF for those, but it’s a lot better on Plex.

But it’s not so much better than I can’t protest.

does jellyfin have a roku app?

Yes, it streams pretty well, it has some UX issues, but it will let you get off plex as it stands right now with most of your needs covered.

I JUST managed to get my closest ring outside my family to join Signal.

We have a total of 7 people now.

I’d light up a server and host matrix/frendica/lemmy/mastodon/headscale in an instant if I thought I could get those 7 to join.

Off-Canvas Editing Paint tools can now automatically expand the width and height of a layer as you draw! You can select “Expand Layers” in the tool options to enable drawing past the current boundaries of layers.

More features such as guides and auto-expanding layers can be used to work in the off-canvas space!

SQUEEEEEEEEEEEEEEEEEEEEEEEEEEEEE

Nothing is intuitive in that software.

UI/UX is a very very difficult job. I’ve only ever known a few UI/UX artists that were any good, and OMFG, are they expensive.

You can’t just drop everything and focus on something where you don’t have domain experts. Not to presume too much about you, but that would be like saying you need to drop everything you’re doing and focus on brain surgery next year. UI/UX is art. It’s a very specific type of art that, unfortunately, doesn’t come easy for people. There are companies for hire that work professionally on UX/UI, but they’re not cheap either. Anyone can spot bad UX, but knowing how to fix it in a way that works for everyone, that’s nearly a unicorn.

I’ve been using gimp since it was released for daily driver projects.

I’ve been using Photoshop for about a decade when required for gigs.

I can get around either app pretty decently at this point.

If you drop any new user into either, they’ll be absolutely lost.

If you drop a seasoned Photoshop user into GIMP, they’ll not only be lost but be unable to use their vast array of plugins and macros and aren’t quite (but non-technically are) impossible for the average user to work on.

We can’t make Gimp Photoshop-like. We can make strides to improve Gimp, but it’s beyond reach for the current team. Maybe we can start a crowdfund to get a UX company to take a stab at it, but even at that we’d need buy in from the developers and it would likely be an incredibly large rework, not unlike the current one that took quite a long time.

No Linux/Mac client

Source available not open source

$5-8 a month to support cloud saves for your self-hosted product. The only even remotely interesting features are behind the paywall.

Might as well just throw the binaries up on a tiddlywiki and call it a day

Hell no, My downloads folder in my media folder are completely different. I copy everything from downloads to media It gets renamed, possibly resampled. The torrents are left in the original folder to seed unmolested.

Every once in a while I go through my torrent list and just tell the client to destroy the torrent and files for anything that I don’t care to seed anymore. Zero chance of it breaking my actual store.

What should I do next?

1. Set up peertube in a proxmox, difficulty: My hosting provider doesn’t allow 443 or 80, I have cloudflare working for other things but I think this invades their TOS

2. Set up immich in a proxmox. Difficulty: I need regular backups off site and it’s going to be pretty large.My wife is a professional photographer.

3. Set up my Coral TPU with frigate replacing my aging win10 blue iris.

Non SSL behind your ingress proxy is acceptable professionally in most circumstances, assuming your network is properly segmented it’s not really a big deal.

Self-signing and adding the CA is a bit of a pain in the ass and adds another unnecessary layer for failure in a home network.

If it really grinds your gears you could issue yourself a real wild card cert from lets encrypt then at DNS names with that wild card on your local DNS server with internal IPs, but to auto renew it you’re going to have to do some pretty decent DNS work.

To be honest I’ve scrapped most of my reverse proxies for a nice tailscale network. Less moving parts, encrypted end-to-end.

It gets better.

Especially on Lemmy, the only thing it’s really doing is bringing some discoverability but the discoverability isn’t all that bad on Lemmy you have to look around for like 2 minutes to find the communities, okay, well you have to understand that there are like communities on multiple instances, figure out how to switch from local to all, then look around for 2 minutes

After hanging out on Blue sky for a bit I’m pretty sure Mastodon could use a little algorithmic help. The communities on Mastodon are so loosely formed they can be a little hard to find, you end up looking for people with the same taste and follow their followers. It works but nothing ever gets surface to you that you didn’t actually actively look for and it seems to be kind of a mess in a Twitter scenario.

Yup, my foggy brain…

Maybe it’s like playing mosquito tones through speakers at malls. You have to be old enough to live through text-forward websites to put up with a text-forward websites.

Except I know there are some younger people here, I don’t know what it is exactly, It just seems to me that there’s better discussion and more acceptance on sites that have less frills.

I love that neither of us made it a point of which side is right :P