Don’t over think it, start small, a home server. Then add stuff, you will see that it’s not that crazy.

I personally have just one home server that locally creates encrypted backups and uploads them to backblaze.

This gives me the privacy I need as everything is on my server that I own while also having the backups on a big reliable company.

It’s not perfect but it fits my threat model

I run the official docker with mariadb and it was never an issue for me

One day I will setup my security onion, but I’m procrastinating

I have a router with dd-wrt and I have VLANS where only my “trusted” devices are and another for everything else (like smart things or guests)

But I get your point, thank you!

It does though doesn’t it? since every device needs to be authorized by me first

Arch which is great, but I want to move to FreeBSD or Proxmox for security reasons

Use something like no-ip, you can get a domain for free and renewing it every 30 days with a few clicks is much easier then managing a CA.

The only downside is the TLD but if you don’t care to much about how your domain name looks it really is the best option.

I use no-ip with letsencrypt, the LE bot does the certificate stuff for me, I use a single domain with different ports for each service and no-ip sends an email every 30 days to reconfirm the domain. Simple and easy.

There is Ohmyform which is great but not updated at this point.

It’s really basic, I wouldn’t recommend it as a form builder, more like a nice added feature.

Been using Firefly III for a few years, great tool, good and frequent updates and the developer, while strict, is open for feature requests.