I did not find any instruction on the source page on how to actually deploy this. That would be a nice touch imho.

I’ve been with 1984.is for a couple of years now. I think my domains cost around 12 Euros a year each. Their web GUI works fine and I’ve never needed to contact their customer service, so I cannot comment on that.

Openwrt generally works great on x64 PCs. Thiss machine will most likely be more beefy than your home router and could become your main firewall. It can handle adblocking and vpn client for all PCs on the network as well or whatever your need, as openwrt can do many nice things no commercial router can do out of the box. Install openwrt on your home router as well and use that as access point (connected via cable). You will improve your wifi signal as well. If your machine does not come with rj45 lan ports, install usb3 to rj45 adapters to the usb3.0 ports. They will give you the full 1000 mbit speeds.

You need to change the nginx config (for the website you will be hosting your services at. /etc/nginx/sites-available/yourdomain.com

You can reroute all http requests to https in that config.

Watch a video on how nginx works and how to set it up, and then look for example nginx configs for your services. It’s a pretty standard setting nowadays so the syntax should be easy to find.

I think nginx can be setup to work locally only, but do you even need it for that? It’s primary use is to proxy http requests to the different websites running on your server, enable https via letsencryt and so on, I think.

Dawn sounds very interesting. It seems to need 802.11k and 802.11v on all AP-nodes, I am not sure they are supported by my hardware though. I’ve never heard of those standards, so it seems unlikely.

I also just read about a user complaining about crashes related to dawn. Does it run stable and does it also switch to the 5ghz band or does it seem to prefer 2,4ghz, as another user noted three years ago.

Do linkwarden instances federate, so that it can act as a decentralised way-back-machine?

I recently heard the idea to donate monthly to one project of your choosing so the developers could rely on a steady income. I think that’s a great way of doing it.

I’ve been using docus (izzys fdroid repo) for some time and can recommend it.

Edit: it seems it’s no longer being maintained.

I use Syncthing-fork (fdroid). It lets you set you granular per folder settings like only sync on home WiFi.

Could you explain why you wouldn’t use it?

I’ve been using it for a couple of years and am happy with it, it grants an extra layer of security I think, if you can wipe the device when lost/stolen. Also very handy if you misplaced the phone and its set to not ring, as with this it will ring at full volume. You don’t need to use their server for the app to function, if that is your concern. I use a secondary device from my household. You can send a text message to your phone to let it ring even when its set to silent mode/get its location/or even wipe it remotely.

Ok, yeah, you’ve got a point I think. But one could argue if microg is enabled by default, at least some info might leak to google as their push servers are contacted and a device id is created (even if the data is anonymized to some extend.). (Depending on if these settings are enabled by default in microg which I am not sure of).

Here’s some info from the divestOS faq (cmp.: https://divestos.org/pages/faq):

"Anything important I should know about microG?¶

The 'Google device registration' and 'Google SafetyNet' options WILL make microG connect to Google servers.
The 'Cloud Messaging' option WILL make microG maintain a persistent connection to Google servers.
The 'Cloud Messaging' option does NOT require a Google account.
The 'Google SafetyNet' option WILL download and execute proprietary obfuscated code from Google and is strongly NOT recommended.
While microG itself is open source, any apps talking to it will do so using the proprietary Google Play Services library."

It goes on to provide some guidelines if you want to use microg:

How should I configure microG?¶

"Depending on the apps you want to use there are a few different ways you can use microG.

Some apps don't need microG but check that they were installed via Play, in this case you only need microG Companion/FakeStore and to install the app via `Aurora Store` (via session installer) or `Obtainium`. This mechanism only works on 18.1+ currently, adb workaround still necessary on older versions.
Some apps will work with microG simply installed without any Google connections, in this case it is strongly recommended to revoke Network permission from the microG app.
Some apps need push notifications via Google, for them you must let microG maintain a persistent identifiable connection to Google. Enable 'Google device registration' and 'Cloud Messaging' in microG.
Some apps require a captcha to be performed by the user, for them you can enable the 'Google SafetyNet' option.
Some apps require SafetyNet to work, while the option to enable it currently exists it will not work in the unprivileged mode that DivestOS uses and will be removed in a future update."

So depending on your thread model, you still would want to disable some of the options in microg to have absolutely no leakage of data to google. For example I am not comfortable any more with using push notifications since it was revealed that state actors use this info to tail users communications.

Here is a thorough analysis of /os’s security and privacy.

https://www.kuketz-blog.de/e-datenschutzfreundlich-bedeutet-nicht-zwangslaeufig-sicher-custom-roms-teil6/

Tldnr: it’s alright but but grapheme, divestos or calyxos should be preferred if those are available on your device.

Problematic seems the unique device id /e os generates and sends on every update and also security updates for the integrated webview browser have been severely out of date in the past.

You don’t really need the sever at all if you have another phone in your family that can send a text message. Now that I think of it it might not be a bad idea to set up a sever as backup. But the public sever from the developer should be fairly safe to use as well…

Another option would be to install an im server that is low on resources and not eating your sdcard. I think xmpp would work a lot better on a pi. Prosody, ejabberd or snikket should work nicely.

Sounds kind of cool. Does is support Rockbox, yet?

Ditto.

Flahbang!

There is no need fire up a dedicated machine to do this. Use your router/ap running openwrt and connect a hdd via usb. The machine needs at least 128 Mb RAM (256 mb would be better). Install the transmission package, set it up, add a gig of swap space on the hdd and you are good to go. The AP runs 24/7 anyways so there will be very few extra power consumption. Vpns often don’t allow port forwarding (mullvad has stopped support recently if I remember correctly). You can just be a passive node and not often ports, that should work good enough. Consider seeding parts of sci-hub. it’s a project worth supporting imho.

You can just download once of the parts below with less than 12 seeds and set it to host without ratio:

https://phillm.net/torrent-health-frontend/stats-filtered-table.php?propname[]=seeders&comp[]=<&value[]=12&propname[]=type&comp[]===&value[]=scimag

I am using a Fujitsu mini office Pc at the moment. I5 3470T I think. Idles around 8 Watt. I think it’s a gen 4 I5. This one plenty powerful. An I 3 might be enough as well. There are other vendors like hp and Lenovo as well. They are all quiet and easily upgradable. Fujitsu provides a whitepaper for any of those sff machines, where real life power consumption is listed in detail. The other vendors will be pretty close in power consumption I think as the cpu is the most demanding part in these machines. The newer cpus 6 and newer generations seem to draw even less power, 4-6 watt at idle, which might be worth the higher used prices of these machines in the long run.

Thin clients might also be a viable option if you find one cheap. https://www.parkytowers.me.uk/thin/

has a lot of thin clients and their respective power consumption listed.

Maybe try the searxng matrix support chat, I think there might be a few developers around that could point you in right direction:

https://matrix.to/#/#searxng:matrix.org

They also have a Mirc support channel is that is more your cup of tea.