“Shared network folder” in Jellyfin doesn’t do what you think it does. 😛 I agree it’s rather confusing. It’s just a convenient link to a Windows share which you can open from the Jellyfin app if you want to browse the files and they happen to also be shared as a Windows share. It’s NOT where Jellyfin takes the files from.

Jellyfin can only index files accessible to it locally. Share the files from TrueNAS to the machine or container running Jellyfin, then point Jellyfin to the directory where you mounted the share. I recommend NFS rather than Samba for this purpose.

https://arstechnica.com/security/2023/11/hackers-can-steal-ssh-cryptographic-keys-in-new-cutting-edge-attack/

NPM can also do URL proxying: you can reach sub.maindomain.com at maindomain.com/whatever/. Edit the proxy host definition for the main domain and look in the “custom locations” tab.

Alternatively, if you can control your browser’s settings, you can try using DNS over HTTPS which can let you bypass your company’s DNS. Try using https://dns.quad9.net/dns-query for example as the DNS over HTTPS address (or whatever your browser can offer).

InfCloud. There’s a link to the demo lower on the page. It can do events, tasks and contacts.

Don’t self-host email SMTP or public DNS. They’re hard to set up properly, hard to maintain, easy to compromise and end up used in internet attacks.

Don’t expose anything directly to the internet if you’re not willing to constantly monitor the vulnerability announcements, update to new releases as soon as they come out, monitor the container for intrusions and shenanigans, take the risk that the constant updates will break something etc. If you must expose a service use a VPN (Tailscale is very easy to set up and use.)

Don’t self-host anything with important data that takes uber-geek skills to maintain and access. Ask yourself, if you were to die suddenly, how screwed would your non-tech-savvy family be, who can’t tell a Linux server from a hot plate? Would they be able to keep functioning (calendar, photos, documents etc.) without constant maintenance? Can they still retrieve their files (docs, pics) with only basic computing skills? Can they migrate somewhere else when the server runs down?

I think it really depends on what you intend to do with it… Many answers here will mention what they use but not why.

In my case I want to have various services installed in docker containers, and I have the skills to manage Linux in console. A very simple solution for me was to use a rock-solid, established Linux distro on the host (Debian stable) with Docker sourced from its official apt repo. It’s clean, it’s simple, it’s reliable, it’s easy to reinstall if it explodes.

Why containers (as opposed to directly on the host)? I’ve done both over several years and I’ve come to consider the container approach cleaner. (I mention this because I’ve seen people wondering why even bother with containers.) It’s a nice sweet spot in-between dumping everything on the host and a fully reproducible environment like nixOS or Ansible. I get the ability to reproduce a service perfectly thanks to docker compose; I get to separate persistent data very cleanly thanks to container:host mapping of dirs and files; I get to do flexible networking solutions because containers can be seen as individual “machines” and I can juggle their interfaces and ports around freely; I get some extra security from the container isolation; it’s less complicated than using VMs etc.

• Get a cheap VPS.
• Get a domain name and point its A record to the IP of the VPS.
• Set up a VPN tunnel between the VPS and your home server. You can use Tailscale or wg-easy. You don’t need to worry about CGNAT because you’re establishing the VPN by going out of your server (either through Tailscale or to the VPS IP with wireguard).
• Port-forward 443 on the VPS public IP through the tunnel to a reverse proxy running on the home server (NPM, Caddy, Traefik etc.)
• Get a Let’s Encrypt wildcard TLS certificate for *.yourdomain.tld.
• Set up the reverse proxy to use the TLS certificate for immich.yourdomain.tld and point it at your immich container.

I use Cloudflare tunnels because they are a good way of exposing sites to the internet without exposing my IP

What difference does that make? I only ever heard one realistic reason for hiding your IP, which was a guy living in a suburban neighborhood with static IPs where the IP indicated his house almost exactly.

If you have a dynamic IP it will get recycled. If you get a static IP it will eventually get mapped to your precise location, Google & other big data spend a lot of time doing exactly that.

or opening ports […] or other attacks

If your services are accessible from the internet they are accessible… doesn’t matter that you don’t open ports in your local LAN, there’s still an ingress pathway, and encrypting the tunnel doesn’t mean your apps can’t get hacked.

I don’t have to worry as much about DDoS

How many DDoS’s have you been through? Lol. CF will drop your tunnel like a hot potato if you were ever targeted by a DDoS. If you think your $0/month plan is getting the same DDoS protection as the paid accounts you’re being super naive. Let me translate this page for you: your DDoS mitigation for $0/mo amounts to “basically nothing”. Any real mitigation starts with the $200/mo plan.

I’m partial to the DIY PC option because it allows far more flexibility. If you can swing the space for the larger box IMO it’s the best way to go.

Some things to keep in mind when speccing the box:

• Some PCIe slots can come in extremely handy down the line. There’s an amazing variety of expansion cards that can save your butt when you decide to do something you haven’t foreseen.
• Consider how many HDDs you’d like to have. This will determine the case size as well as how many SATA connectors you need to get.
• Get an Intel CPU at least gen6 because they have GPU with hardware transcoding built-in.
• Get at least one M.2 slot, to be able to install the OS on a NVMe SSD and not take up a SATA connector. Read the motherboard specs though, some of them disable a SATA connector anyway if you use the M.2 slots in a certain way.
• You can run a server on RAM as low as 4 GB. You actually don’t need very high RAM if you don’t intend to run VMs or ZFS.

Are you familiar with any Linux distro in particular? I would strongly recommend using Docker rather than native regardless of distro.

Here’s an idea, check out ytdl-sub: https://github.com/jmbannon/ytdl-sub

You can set it to track a YouTube channel and it will download videos and set up nice collections for you in Jellyfin, which you’ll never lose again and can watch without ads.

Please take such advice with a large grain of salt. OP’s experience is very much not the norm. Especially for more complex apps like Jellyfin or Nextcloud, it’s almost guaranteed you’ll break them if you just update blindly.

https://github.com/ory/kratos

You do not need RAID. But if I were you I’d get a second HDD and back up files to it once a month. You don’t need to keep this 2nd HDD running, just bring it out for backups. There are lots of nice backup solutions on Linux you can use, I can recommend BorgBackup – it takes snapshots and it does compression, deduplication and optionally encryption.

pgAdmin only works with Postgres, that’s why it refuses to connect to MariaDB. The equivalent for Maria and MySQL is phpMyAdmin. But I also suggest using a tool that can handle multiple types of databases, like DBeaver, dbForge, dbSchema, Navicat, HeidiSQL etc.

How is a completely non-technical person going to solve this on their own? Start studying to be a Microsoft sysadmin? Hire a Microsoft sysadmin? I think $12/mailbox for a one time migration is not a bad deal. And btw if you go ask on /r/sysadmin about it this is the same answer you’ll get: use BitTitan and call it a day.

To give you some context, GoDaddy email is actually Outlook 365 (now Microsoft 365), which is normally $99/year but GoDaddy slap a higher price on it.

If you were knowledgeable about Outlook admin/Azure you could simply disconnect your Microsoft Outlook tenant from GoDaddy and stop your subscription.

Since you’re not, you can use BitTitan.com to help you migrate, it’s $12/user and you can ask their sales support to help with all the gory details. Basically you make a new account on whatever service you want and they get all your mail over. Make sure that the new service you get can hold all your mail (has enough space) and also has 4 mailboxes – BitTitan moves your email but getting the right service is on you.

If you’re ok using Outlook and Exchange you can ask BitTitan to move you to another Microsoft 365 account, which as I said is $99/year for a family account of up to 6 users.

If you want you can also shop around for regular IMAP (non-Exchange) providers, which will let you use a wider range of mail apps, and ask BitTitan to move you to one of them. But keep in mind that most providers charge $3-5/user/month, which for 4 users adds up to something similar to what you’re paying now, or more. One notable alternative is Migadu.com’s Mini plan, $90/year with no user limits, but you all have to share 30 GB of storage space. MXroute.com is another option, they offer more space for cheaper, same deal (no user limits, y’all share the same storage space). Personally I prefer Migadu for my family because their control panel has more features, they’re hosted in the EU which for me makes more sense, and they’re a company rather than a one guy operation; but if you need more space MXroute is perfectly fine too.

Don’t over complicate this. Use a single container that runs the bot and can write to a host directory. Have the bot run yt-dlp whenever it finds a youtube link and download to the host directory. For moving the videos based on size you can write code in the bot to do it after download, or you can run a cron job to do it (either in the container or on the host), or maybe yt-dlp has an option for that.