I kind of get it from Proton’s POV. If they have a free tier that allows a limited number of devices they’ll want to make sure you don’t tunnel all you devices through that one.

If you don’t trust the devices inside your own house, no amount of VPNs or e2ee are going to help.

If it’s entirely on your lan, your isp isn’t involved and a VPN is just adding unnecessary complications.

When I spin up a new self hosted service it’s easier to add caddy to the stack than to convince Firefox to load http.

Or you just get a smaller version to begin with and save your hard drive space and your compute time.

Your kids will be ok without the 4K60 version of Paw Patrol.

Yeah, I don’t know what that dude’s on about. My kids download stuff from jellyfin to their tablets all the time for road trips.

A week isn’t going to do anything to their bottom line if people just stick up beforehand or wait until it’s over to buy what they would have bought anyway. It’s like the one day gas protests during the Bush Jr years.

Shotgunning box wine?

Yeah, I was looking at the most recent commit being two years ago. Hadn’t checked out the issues.

Possibly dead, but a cool project none the less.

https://github.com/jesseduffield/horcrux

Vaultwarden let’s you designate someone to take over your account if they request it and you don’t respond within a week

It might be cool, but it seems like it would be missing the context and documentation that would be present in it’s project repo.

https://linkwarden.app/

maybe? Not sure if it lets you share without an account.

Not really. If that’s a hard requirement, check out what is supported by openwrt or freshtomato.

There was a similar question a few days ago with some points about wifi adapters vs access points brought up.

https://lemmy.dbzer0.com/post/36614200

You’d probably be a lot better off buying a decent access point (unifi, mikrotik, Aruba instanton).

I just wish I had something useful to add.

Used beancount with fava for a little while but it didn’t really stick.

PHP is kind of a plus

That’s not something you hear very often.

I really can’t see the point of encryption on local only connections

Browsers are starting to get pissy about http and once you have it done once it’s like a half dozen lines to add caddy to whatever docker project you’re spinning up.

We may be talking across each other here. Or I may be wrong about the details.

Instead of

ports:
  - 8080:9090

You can use

expose:
  - 9090

And that port will only be usable on the declared caddy_network, so caddy could still reverse proxy to it but nothing from outside will be able to access it.

And perhaps make it a good habit to bind ports to 127.0.0.1 by default

I think you can also use expose instead of ports in the compose file to only make them available on the internal docker network.