Obligatory: RAID is not a backup.

Security in software is about implementation, not different programming languages. Security as a whole is also not something you can achieve just by installing “secure” software - every software has bugs and vulnerabilities. Some of them are known, others are unknown and not every one of them automatically poses a security risk to you, this depends on the bug, your usage and environment. You can try to harden your system, but you need to do this in layers and the application code is just one of them.

For example, you could geoblock IP addresses so their requests never even reach your application. This does not mean that you’re automatically safe from attackers from e.g. Russia, but you make yourself a less easy target.

There are many other defense mechanisms like request limiting, dynamically blocking malicious requests with something like Fail2Ban, strong authentication, frequent patching, network segregation, virtualization, and so on. I hope you see where I’m going. Security is complex and depends a lot on your personal threat model.

That being said, if you need to know how secure the code of a given software is, you need to find something that has recently been audited or audit it yourself.

I might be cynical, but moving away from Synology and Plex because of the writing on the wall and then choosing Unraid probably won’t end well.

Don’t get me wrong, I understand the love for Unraid even though I don’t use it. It looks nice and newbie-friendly and you can throw all your random disks at it regardless of size. But enshittification will come for Unraid and I personally think that it has already begun.

Thanks for your response!

What made you switch from TrueNAS Scale to Unraid, if I may ask? Is it just the ability to mix different drive sizes? I’m currently using TrueNAS Core and thinking about migrating to TrueNAS Scale.

I have an offsite NAS where I run the Restic REST server as a docker container. I connect to it over Nebula but you could also use a traditional VPN, Tailscale, Headscale, Pangolin or whatever.

Works like a charm.

Interesting, I didn’t know that. Thanks!

Uhhh, I have always used Docker for Home Assistant with no issues? That being said, I’m no HA power user at all - so maybe you could elaborate about the limits you’ve encountered?

I was recently reading a lot about these because I wanted to use three Lenovo M920x for my homelab as virtualization hosts with Proxmox.

The really cool thing about them is their low power usage, that you can easily buy them used/refurbished and that you can fit a small PCIe expansion card into them.

I didn’t use them in the end because sadly 22110 M.2 SSDs don’t fit and I wanted to use enterprise SSDs for Ceph.

However, your use case seems simpler, so I’d think a M720q or maybe even M710q (without PCIe slot) would do, for less money than the M9xx series (which support vPro).

There’s a really nice forum thread on ServeTheHome with loads of information about these units.

Uhh, interesting! Thanks for sharing.

No, it isn’t.

EDIT: I quickly want to add that Jellyfin is still great software. Just please don’t expose it to the public web, use a VPN (Wireguard, Tailscale, Nebula, …) instead.

It’s been a while since that I set this up, so take this with a grain of salt. I have these two plugins installed:

• Chapter Segments Provider
• The older Intro Skipper

I’m honestly not sure if I even need both - maybe the Chapter Segments Provider is unnecessary, even though it’s official and newer. I don’t understand exactly how it works from the docs.

However, Intro Skipper gives you a new scheduled task named “Detect and Analyze Media Segments”. Use this to extract metadata about media segments from your library.

Now that the server knows about some media segments you need a client that can handle them. I’ve had success with the Android TV App (check the settings) and the Web interface should support them too.

I didn’t need to configure anything aside from that, as far as I can remember.

The media segments feature has been released as of 10.10.0 and it still needs a plugin. Still feels a bit clunky but works already on my Android TV box. I guess there will be more polish in future versions, now that the groundwork is done.

… Nebula…

You need more Excalidraw in your life.

I can recommend Restic with Wasabi S3 as cloud storage backend.

Having a solution that works for you is never a bad thing.

Now it comes down to what you want to archive: Do you want something that just works? Great, you’re done - now go on and do some other things that you like, that’s perfectly fine. Or do you want to learn more about servers, virtualization, linux, networking and selfhosting in general? Then there are a million ways to get started.

I’d suggest to setup a little lab, if you haven’t already. Install Proxmox on your server and run CasaOS inside a virtual machine. Now you’ve learned about hypervisors and virtual machines. Afterwards you could create a second virtual machine to play around - maybe install debian and get used to the linux cli. Install docker manually, run some apps using docker-compose. Now you’re already doing some stuff that CasaOS does under the hood.

The possibilities are endless, the rabbit hole is deep. It can be a lot of fun, but don’t force youself to go down there if you don’t want to.

Thanks for your response! It wasn’t my intention to sound overly critical. Congratulations on your spectacular growth and good luck for the future! I’ll definitly keep an eye on ChartDB.

Interesting project. I wonder though how a repo that’s merely a few months old and has only seen 117 issues in total does accumulate 9.8k stars? Seems a bit fishy to me.

This reminds me of nebula although nebula does require a central server to coordinate hosts.