- Schneier
- Krebs
- The Hacker News
- EFF
- (ISC)^2
Sendmail + Mimedefang + Spamassassin + Dovecot + Sieve
For calendar and contacts I’m using radicale.
Authentication is via ldap.
This solution admittedly requires a bit of experience and knowledge of how it all works. It blows the doors off most bundled or commercial things you’ll find though.
I host my own.
Borg for local data backups to backup share on nas. Proxmox takes guest snapshots. Rclone all of that to rsync.net. bonus, Borg can use the rcloned remote, if necessary, directly.
I used to buy used CDs and rip them myself. So I have my own collection. But to discover new music and listen to things I may not wish to own, streaming is the best option.
The solution? A plex server with a music library that points to your own collection. Then get a Tidal subscription through Plex. You then add Tidal music to your own library as if you were downloading or ripping it yourself. Listen with plexamp on a phone connected via bluetooth, or just use plex client on your shield, roku, firestick, etc.
Now you can listen to things both locally and streamed seamlessly. You can do artist radio to discover new music and manage smart playlists on the plex server itself.
If you are hosting your own mail server, a procmail recipe shouldn’t be too difficult. I run mimedefang, so could do it there too, but that’s a whole lot of overkill if you don’t already have that.
Plex with a Tidal subscription. Treats tidal as if it is local in your library and seamlessly integrates with your own collection.
Listen with plexamp.
You can’t really do configuration management with a GUI. Or version control. Everything I do I manage with Ansible as much as possible. YAML is self-documenting as well. How much effort is ‘run command with parameter’ documentation vs explaining how to navigate a GUI?
As with all things infosec (and life in general), best practice is to not get yourself into the mess in the first place vs. trying to clean up the mess later. You should have already not had personal data “in the cloud” and should have been using unique identifiers and authentication for every service that you use.
Because marketing dweebs in powerful companies now own the internet.
I don’t like lxc containers, and my build automation works well at the full system level vs containers.
Running your services bare metal these days is insane. If I have a problem, I just restore or rebuild that purpose-built vm from configuration management. This is also a lot more flexible and cost effective vs having separate hardware for each thing.
Redundancy is also easier, should I decide it is worth the hardware investment.
I run proxmox on a System76 Thelio. ZFS mirror, 16 cores, 64GB. Synology NAS for data storage and backup. Dual NICs bonded with ovs for the VMs. The onboard NIC for connecting to proxmox itself. One of the VMs then rclones the backup share to rsync.net
One of the VMs is Plex/Sonarr/Radarr/Transmission. Media is stored via NFS to the NAS.
A 1:1 NAT to the other network usually solves it for me.
routing. On wireless, however, some devices are really stupid and can only talk to things on their own subnet. To address that, I use NAT on the IoT vlan to the real device on the private side.
Sync for lemmy now. Boost for lemmy when it comes out. Jerboa is nice too.
On phone, use LTE. On computer set up a cheap Linux shell on your vsp of choice. Then use an ssh socks proxy for your browser.
That would be caldav, not imap I think.
I divorced from Google and host my own with radicale. On Android I sync with Davx. On desktop thunderbird.
Or don’t. The whole concept of Twitter is just noise generation.
And a lot of the best options per category are at the bottom of the list.
All smart tvs suck. Buy based on picture quality and use a separate box for your streaming.