“What is your favorite self-hosted application?” had what looks to be about 15 matrix responses.

Would potentially be interesting to see Matrix/XMPP/etc prevalence in future surveys, maybe replacing ‘what activitypub apps’ with a more generic ‘what federated apps do you self-host’

Yeah that’s going to be a very handy feature and a strong motivator for me to get the untracked amount down to zero.

I think shared hosting there is more meant to refer to the older “upload your files in webmin and we’ll shove them in /cgi-bin/ with everybody else’s”-style hosting where multiple users sites are running on a single instance of a webserver versus a VPS giving you a VM with SSH access?

Where the metadata goes I think is important as well.

All Signal metadata necessarily goes through Signal’s servers and is tied to your phone number, but not all Matrix metadata ever gets near the Matrix.org if you are using a different homeserver.

I think both are less than ideal in that regard, and I think Briar (strictly P2P) has a much better model for dealing with this at the expense of generally being a UX disaster.

The server software appears to be available and updated now, which they’ve been spotty about in the past. I’ve updated to remove the closed-source part since that is not correct.

As for phone number: Signal still requires me to enter a phone number to create an account as of about 5 minutes ago.

Signal is centralized, closed-source, not-selfhostable (edit: in any meaningful way) and requires being attached to a phone number. (Edit: server source is available, but self-hosting requires recompiling and distributing a custom app to all of your contacts to actually use it.)

Matrix is decentralized, federated, fully open source with multiple client and server implementations, self-hostable, and does not require being attached to a phone number.

What part were you getting hung up on?

Used Ubuntu for ~15 years, switched to NixOS a couple months ago and haven’t looked back.

I’ve made a habit of clean installing all of the desktops/laptops/servers in my life on the first point release of each LTS (i.e. 22.04.1). That would mean there was time for the dust to settle and for me to tweak my install/customization scripts from the previous LTS.

So since I knew I was gonna have to modify my Ubuntu install scripts to work with 24.04 anyways, I fiigured it was a decent time to try and see if I could get the install scripts converted to a nix config instead, and it ended up working a treat.

If you are dead set on a specifically certificate-backed access control scheme, a VPN with the ability to use the hardware-backed certificate store (such as OpenVPN) is likely easier to set up as it is better supported on mobile devices and doesn’t require application-level support (i.e. everything is protected, not just the apps w/ mTLS support)

https://openvpn.net/faq/how-do-i-use-a-client-certificate-and-private-key-from-the-android-keychain/

I do find rclone to be a bit more comprehensible for that purpose, rsync always makes me feel like I’m in https://xkcd.com/1168/

Must have an android client,support mtls,support attachments and card layout.

ps: pls don’t suggest to save to local storage and sync that.

pls don’t suggest this app that cant do that but its great.

Anyways anyone aware of any app that can do that?

Nope, you seem to be well aware of the options available to you and there isn’t any one single app that meets all of your requirements, so unfortunately we can’t recommend anything at all to you, per your specific request.

You’ll have to build it yourself either from scratch or by taking one of the existing open-source tools and adding the missing functionality.

Looking forward to your pull requests!

Restic and borg are both sorta considered ‘standard’ for doing incremental backups beyond filesystem snapshotting.

I use restic and it automatically handles stuff like snapshotting, compression, deduplication, and encryption for you.

DigitalOcean and Vultr are options that “just work” and have reasonable options available in $5-6/month category.

DO is more established and I’ve used them for nearly 10 years now for a $6/mo VPS and for managing DNS for my domains. Vultr has some much closer datacenter options if you happen to be in the southeast US, rather than basically just covering California and NYC like DO does.

Given how common it is for people to use the ‘reset password’ link for this exact purpose, it does make it seem kinda redundant to even implement passwords on many services to begin with.

People recommend backblaze B2 as a restic/rclone/borg backend because it works extremely well and is an excellent value compared to other available options at a near-flat $6/TB*month rate.

The reason they ‘force linux users to use their b2 product’ is very specifically done, on purpose, to avoid the exact kind of abuse you want to do, which is upload 18TB of near-incompressible data for them to store for $9/month or less.

Buy a 20TB harddrive and keep it in a fireproof filebox, and maybe another to keep at a friends house. You don’t need cloud backups for media you can reaquire relatively easily, save that for the stuff you can’t trivially replace.

What CPU governor are you using? I saved about 40W idle powerdraw switching to powersave vs the default on a Ryzen 9 3900X.

I ran RAID-Z2 across 4x14TB and a (4+8)TB LVM LV for close to a year before finally swapping the (4+8)TB LV for a 5th 14TB drive for via zpool replace without issue. I did, however, make sure to use RAID-Z2 rather than Z1 to account for said shenanigans out of an abundance of caution and I would highly recommend doing the same. That is to say, the extra 2x2TB would be good additional parity, but I would only consider it as additional parity, not the only parity.

Based on fairly unscientific testing from before and after, it did not appear to meaningfully affect performance.

125W (Less than $15/month) or so for

• Ryzen 9 3900X
• 64GB RAM
• 2x4TB NVMe (ZFS Mirror)
• 5x14TB HDD (ZFS RAID-Z2)
• 2.5GBe Network Card
• 5-port 2.5GBe Network Switch
• 5-port 1GBe POE Network Switch w/ one Reolink Camera attached

I generally leave powerManagement.cpuFreqGovernor = "powersave" in my Nix config as well, which saves about 40W ($4/mo or so) for my typical load as best as I can tell, and I disable it if I’m doing bulk data processing on a time crunch.

My partner and I use a git repository on our self-hosted gitea instance for household management.

Issue tracker and kanban boards for task management, wiki for documentation, and some infrastructure components are version controlled in the repo itself. You could almost certainly get away with just the issue tracker.

Home Assistant (also self-hosted) provides the ability to easily and automatically create issues based on schedules and sensor data, like creating a git issue when when weather conditions tomorrow may necessitate checking this afternoon that nothing gets left out in the rain.

Matrix (also self-hosted) lets Gitea and Home Assistant bully us into remembering to do things we might have forgotten. (Send a second notification if the washer finished 15 minutes ago, but the dryer never started)

It’s been fantastic being able to create git issues for honey-dos as well as having the automations for creating issues for recurring tasks. “Hey we need to take X to the vet for Y sometime next week” “Oh yeah, can you go ahead and put in a ticket?” And vice versa.

what does industry do when they need to automate provisioning of thousands of devices for POS, retail, barcode scanning, delivery drivers, etc.

MDM doesn’t help with the kind of stuff OP is trying to automate, but it does usually cover most business use cases and if you need more than that, you generally either have a contract to get the manufacturer to do it for you or just put what you need into the org-specific superapp you already have to have.