paradox2011

Yeah, I hear you there. I usually get overwhelmed by the time I get to the "B" section.

I think (looking back at your post) the most important thing that helped me was learning how to use docker-compose. All of my services are in docker containers and are much more manageable then trying to do a bare metal install.

With that comes the struggle of security though, as docker containers use their own set of firewall rules distinct from the main firewall rules you might have setup on your server. If you end up using docker, do a few searches on how to secure those firewall rules for the containers themselves.

I have definitely benefited from other peoples current set up lists, I'll leave mine here in case it sparks some interesting directions for you.

• Diun - notification service for when new images are released for any running docker apps I have up.

• Immich - self-hosted photos backup. Incredible app, its extremely refined and feature complete.

• Jellyfin (Linuxserver.io image) - personal media streaming service. The Linuxserver.io version was much easier to set up than the stock jellyfin version.

• Joplin server - self-hosted back end for Joplin notes sync. Much faster and more reliable than the 3rd party sync targets like one drive or Dropbox.

• Mealie - recipe management.

• Nextcloud - so many things. Calendar, files, kanban, contacts, etc... Personally I find Nextcloud's documentation hard to follow, so I've linked the video tutorial I used to set mine up.

• Nginx proxy manager - reverse proxy with basic protections built in. I'm on the fence on suggesting this one and have been considering switching to something else, as it rarely gets updates these days. It is the only one I've been able to wrap my head around though. Zoraxy, Traefic and Swag are all other options. You mentioned having Nginx set up already, so this might not even be an issue for you.

• Paperless-NGX - document server and archive. All you need is the docker-compose.env and docker-compose.postgres.yml from the linked directory. Tweak the compose and env values as you see fit and remove the "postgres" from the file name before firing it up.

• Portainer - basically just a GUI for viewing docker services. You can manage docker images and stacks with portainer, but I would recommend just learning the docker-compose method in general.

If you ever run into instructions for setting something up with a regular docker command but want to convert it to a docker-compose.yml file instead, this site is super useful: composerize.com

Definitely check DB Tech's videos put on YouTube. He covers a ton of self-hosted apps and how to set them up. You'll have to sift through a bit, not all the apps he talks about are really necessary, but I basically learned self-hosting through his channel.

Look for stuff on authelia, crowdsec or fail2ban with regards security for your server and decide what direction you want to go there.

Christian Lempa's channel is also good, though can be more technically oriented.

EDIT: also, this github repo has an amazing (though overwhelming) list if self-hosted services. Awesome Self-hosted.

I appreciate this comment. I agree with both sides of the argument to an extent, but feel that there is some unbalanced thinking with this rejection of Fdroid that's been happening. Its a hugely important service.

The general public's apathy towards privacy is quite frustrating. I think there are laws that are pretty much what you outline here to one degree or another in various countries. Whether people respect them or whether the government respects them is a totally different thing though.

Techlore, The New Oil, and The Linux Experiment. All three have YouTube channels as well.

Getting a functional nextcloud server. I self-hosted mine, but there's lots of VPS options that are pretty easy to set up.

It's basically a drop in replacement for the majority of proprietary productivity suites (i.e. Google drive, onedrive and icloud). One service covers a lot of bases.

Not necessarily bad, the lower the number the harder it is to fingerprint you. In other words, your browser stands out much less and is less noticeable from the masses than the OPs browser.

Generally the more security/privacy tweaks and add-ons you apply to your browser the more secure it gets, but you tend to stand out from the masses more because of the changes, resulting in the 1 in 4,000 type stat. It becomes easier to differentiate your traffic from others.

Whether anonymity or security is more desirable depends on your threat model.

Edit: "Your browser fingerprint appears to be unique among the 186,867 tested in the past 45 days." Evidently I stand out quite a bit 😂

Glad it helps! Yeah DNS level adblocking is hugely helpful both in terms of privacy and security.

I hear you man. That exact thing happened to me back with the Pixel 2.

You know, I've heard of people having success getting the carriers to remove the lock on the bootloader sometimes. It may be worth calling Verizon's support line and asking them to do it.

Here is a good debloater that should allow you to remove some of the cruft from Google. It utilizes Shizuku which is a fantastic tool for accomplishing stuff without rooting your phone. I know I've seen debloating guides on YouTube that walk you through the stuff you can get rid of.

Something else that could really help is using a DNS blocking service to filter out requests to ad/tracking domains. I use NextDNS right now because it has some pretty comprehensive filters that are very easy to setup. Here's a video that goes over setting it up. Pi-Hole or Adguard are self-hosted options, I used Pi-Hole for awhile and liked it, but switched in order to simplify my digital life a bit.

Edit: also, here is a guide from a reputable privacy site that covers a more technical approach to degoogling stock android. You can do a lot more than you might think.

Absolutely, there are some really good ways to mitigate the data flow even if you can't stop it entirely. The OS is a big deal, but I think the most fundamental change to make is the apps and services you use.

You've probably already done that to a degree, but see if there are more changes you can make.

Alternativeto is an excellent way to explore your options, but also the techlore and the new oil youtube channels are fantastic resources for limiting privacy leaks.

I'll post a few debloater apps that I've run across when I get home too, I haven't used them but I know there are options for removing some of the tracking elements of stock android.

Interesting, sounds like it's worth checking out. Plus as a star trek fan, I approve of the name 😄

I haven't tried Borg, but have noticed it mentioned pretty often in data hoarder forums. What do you like about it?