Thanks for the correction. A full month is much more problematic.

How does the xz incident impacts the average user ?

It doesn’t.

Average person:

• not running Debian sid, Fedora nightly, Arch, OpenSUSE Tumbleweed, or tbh any flavour of Linux. (Arch reportedly unafffected)
• ssh service not exposed publicly

The malicious code was discovered within a day or two a month of upload iirc and presumably very few people were affected by this. There’s more to it but it’s technical and not directly relevant to your question.

For the average person it has no practical impact. For those involved with or interested in software supply chain security, it’s a big deal.

Edit:
Corrections:

• OpenSUSE Tumbleweed was affected; Arch received malicious package but due to how it is implemented did not result in compromised SSH service.
• Affected package was out in the wild for about a month, suggesting many more affected systems before malicious package was discovered and rolled back.

If you’re ok with just file storage sftpgo has been solid for me for years now. Does sftp ftp and WebDAV (like nextcloud). Webui isn’t as pretty but it’s fast. Mobile apps will be various sync apps with sftp or WebDAV support. On Android folder sync pro is pretty good for keeping documents and pictures backed up

They did. Its called airmessage. Has been around for almost 3 years now

My long and mostly complete list:

• Audiobookshelf (GH)
  • Using for audiobooks. Ebooks, comics, and podcast support in early stages.
• Authelia (GH)
  • Using for two-factor authentication in front of all of my services. Critical infrastructure.
• Bazarr (GH)
  • Using for automated subtitle management. Have not needed to rely on it much.
• Code-Server (GH)
  • Using for a plethora of things. I could write an entire post on this alone.
• Courier
  • Using (occasionally) for package-tracking from various carriers.
• EmulatorJS
  • Using for retro-emulation.
• Gitea (GH) x2
  • Using as a git repo server, package repository, and for CI/CD automation. Is critical infrastructure in my lab. Could also write an entire post on this one.
• Headscale with Headscale-UI. Tailscale clients on various VMs LXCs, etc.
  • Using to securely network with my remote servers.
• Homepage
  • Using as a “single-pane-of-glass” to get an overview of service health with links to the various services.
• Invidious
  • Using in-place of YouTube.
• IT-Tools (GH)
  • Using for the myriad of various useful tools it offers.
• Jellyfin (GH)
  • My media player of choice. Using for movies and television, but supports music, ebooks, and photos in addition.
• Kopia Server (GH)
  • Using for data backups to my Minio instance on local NAS and Wasabi. Simple, fast, and reliable.
• Librespeed (GH)
  • Using for the occasional speedtest to my remote servers.
• Matrix stack using Conduit back end and Element-Web front end
  • Federated Discord essentially. Using as a private instance for friends and family.
• Minio
  • Using primarily as a gateway to storing backups, also serves git-lfs for Gitea.
• N8N (GH)
  • Using for home-automation, backing up my Reddit saved posts to a database, deal-alerts, and part of a CI/CD pipeline.
• NTFY (GH)
  • Using for infrastructure notifications mostly. Very simple and versatile alerting solution.
• NZBGet
  • Using for getting “usenet articles”.
• Paperless-NGX
  • Using for document archival. Important receipts, documentation, letters, etc. live here.
• Portainer (GH) with multiple agents on VM’s LXCs and VPSs
  • High level management of my various docker containers.
• Prowlarr
  • Using to provide torznab API to websites that dont natively have it. Integrates with Radarr and Sonarr
• Radarr (GH)
  • Using for movie management.
• Radicale
  • Using for contacts and calendar server.
• Raneto (GH)
  • Using as a knowledge base. Lab documentation, lists, recipes, lots of things live here. Using with with code-server and Gitea.
• Readarr (GH)
  • Using for book management
• Recyclarr (GH)
  • Using for Radar and Sonarr to sync search terms for their automations. Very useful, hard to summarize.
• Requestrr
  • Using (very rarely) as a requests bot for Radarr and Sonarr.
• SFTP-Go
  • Using mostly in-place of Nextcloud. Used to back up phones mostly.
• Shaarli (GH)
  • Using as a read-it-later service. Went through lots of these, and Shaarli has been good enough.
• Singlefile-Archive
  • A hacky way of presenting pages saved with the singlefile browser extension. Not exactly happy with the solution, but for my ocasional use it does work.
• Sonarr (GH)
  • Using as TV series manager
• Speedtest-Tracker (GH)
  • Using to get periodic speedtests. Plan to automate results to blast my ISP if my service speed gets too low.
• Traefik (GH) on each seperate host
  • Using as a web proxy in front of my various services. Critical infrastructure.
• Transmission (GH)
  • Using to get “Linux ISOs”
• Uptime Kuma (GH)
  • Using to monitor site and services status along with a few others. Integrated with NTFY for alerts.
• Vaultwarden
  • Using as my password manager. Have been using for years, cannot recommend enough.
• A handful of static websites served with NGINX
  • The old standby, its been reliable as a webserver.

These services are the result of years of development and administrating my lab and while there is still some cruft, it’s mostly services that I think have real utility.

As far as hardware:

• Running pfsense on a toughbook laptop as a router-firewall.

• A SuperMicro 24 bay disk-shelf with Proxmox and ZFS for NAS duties and a couple services.

• Lenovo Tiny boxes with a Proxmox cluster for the majority of my local services.

• Dell managed switch

• A few Raspberry-pi’s with Raspbian for various things.

• Linksys AP for wifi

Edit: Spelling is hard.