Even worse, the McD ice cream machine issue was caused my McD themselves, by having requirements around cleaning cycles that were tighter than the machine could do.

The same machines worked fine at other companies.

Oh, neat setup!

So, paid app (if you want wireless sync) - Media Monkey.

The Android app can read network shares and network media servers (I forget exactly what it can read). But it works best if you run the server app - then you can stream the library or sync media, similar to iTunes.

The Android app is free for basic functionality ($5 for wireless sync), the desktop/server app is free ($30 to enable wireless sync and a few other features). It’s been worth it for me. Even the free versions work very well.

Manufacturers want them - they break more easily

I mean, yea, humanity gonna human.

But at least with fed, it’s very easy to setup another instance and federate as you choose.

It will always be a shit show (again, humanity), but won’t have a single (or even limited) central authority to censor as it chooses.

My concern will be it following the path of email - today many email providers simply block a lot, so if you’re a new domain it’s challenging to prevent getting on the block list.

Damn, 5 years from LTS? That’s impressive

Like that’s a bad thing?

Documentation has been mentioned already, what I’d add to that is planning.

Start with a list of high-level objectives, as in “Need a way to save notes, ideas, documents, between multiple systems, including mobile devices”.

Then break that down to high-level requirements such as “Implement Joplin, and a sync solution”.

Those high-level requirements then spawn system requirements, such as Joplin needs X disk space, user accounts, etc.

Each of those branches out to technical requirements, which are single-line, single-task descriptions (you can skip this, it’s a nice-to-have):

“Create folder Joplin on server A”

“Set folder permissions XYZ on Joplin folder”

Think of it all as a tree, starting from your objectives. If you document it like this first, you won’t go doing something as you build that you won’t remember why you’re doing it, or make decisions on the fly that conflict with other objectives.

Yep.

I have friends in the SMB space, one thing they do is a regular backup verification (quarterly). At that frequency, restoring even a few files (especially to a new VM), is very indicative, especially if it’s a large dataset (e.g. Quickbooks).

In Enterprise, we do all sorts of validation, depending on the system. Some is performed as part of Data Center operations, some is by IT (those are separate things), some by Business Unit management and their IT counterparts.

Performance may be an issue. It’s not specifically designed for streaming performance, and being a software VPN, it will depend a great deal on the devices used at each end.

Great summary!

Why Debian or Ubuntu? (I have my own thoughts, but it would be useful to show even high-level reasons why they’re preferred).

Re: Backup - Backblaze has a great writeup on backup approach today. I’m a fan of cloud being part of the mix (I use a combo of local replication and cloud, to mitigate different risks). Getting people to include backup from the start will help them long-term, so great you included it!

My big concern how this will be used to justify even worse agendas.

In a way, the FBI did, but your point about click bait is still valid.

By compromising the Command-and-Control server of the malware, they were able to have it direct clients to uninstall.

This does make me think about meanings of such things in today’s deeply-interconnected world. For example, when a corporate admin tells their software management system to install/uninstall apps from machines, isn’t that the same thing? (A bit rhetorical, more of something to think about, since I don’t have a good answer to this).

Management is part of why I’m doing this.

It’s risky, but instead of public facing, I’ll be using Tailscale directly on the device.

But I also plan to use NUCs, so I can keep a hot spare at home, and swap one out if it gets too hard to fix remotely (for a couple people that will require shipping, but NUCs are small).

Also, checkout jetkvm.com

It’s up to the squatter to actually spend the time and money to sue though.

A C&D is a letter from a lawyer to stop or they’ll sue, it’s not a court order.

Hahahahaha, damn Google.

“Help us prevent government from stopping us from being bad actors”.

Yea, if you use Tailscale with Funnel, you get a secure connection with no config required by the web user.

Not seeing why you need WordPress.

The safest way I can see to make a secure connection across an untrusted network is to use a VPN of some sort, specifically a mesh network like Wireguard or Tailscale.

Tailscale has the advantage of being almost zero config, plus has the Serve and Funnel features which provide a mechanism to allow specific traffic into your Tailscale network.

Edit: Tailscale Serve is probably what I’d use.

Password(s)

If not already using one, get a password manager like Bitwarden or KeePass (not LastPass).

Enable 2FA on all accounts where you can.

I keep a spreadsheet of accounts and their 2FA config (how the 2FA is setup, email, SMS, whatever, and which account it uses).

That’s only your political bias showing, because your political leaning is the wrong one! I 😜