Kudos!

That looks so cool! Thank you for sharing! I can’t wait to use it in production

Do you have an IBAN for donations?

That’s cool

That’s one risk. Someone could use it for a bot net or other attacks. Or he could try to escape the device and hack into other devices on the LAN. But also, it depends on the reward that a hacker can get. Is the expected reward worth the work to hack into your server?

I’m not saying it’s low risk because then you could/would blame me if something happens.

An open port is a door to the service. The service needs a vulnerability and then an attacker can abuse that. Oftentimes multiple vulnerabilities are used in an attack. Attacks can become public years after they were found. Just because nothing is public doesn’t mean that it’s not there. What can an attacker gain if he enters your server?

https://app.opencve.io/cve/?product=jellyfin&vendor=jellyfin

If you want to know what happend to people who opened their ports in the past, look in the lemmy and reddit selfhosted subs for the posts about it. I am not aware of a single post in the last x years about someome complaining that his jellyfin media library was encrypted and she shall pay a sum x for the encryption keys.

Backup apps with e.g. this https://www.nixtutor.com/linux/keep-a-backup-of-installed-packages/ and this https://itsfoss.com/back-up-restore-flatpak-apps/ and borg/pika/deja dup/kopia for files. Let’s add appimages, snaps and brew and containers/distrobox.

The only thing that is missing is an all in one solution that puts everything together. And a cloud where you can restore it.

wanderer is built on the ActivityPub protocol, meaning your instance can connect with others to share trails, profiles, and updates. Follow users across the network, discover new trails from different communities, and interact seamlessly with other federated platforms like Mastodon — all without relying on a central server.

Is there an example account that I can follow from lemmy or mastodon? can you connect your mastodon to your wanderer account?

Your right. The rest of the comment still holds. Backup and restore.

Edit: I have to sanitise the final script and remove all the wrong commands afterwards 🤔

Neither do native and flatpak vscode work the same way. It’s about that OP decides it, not the user.

It looks great but I don’t like it.

You decide that firefox gets installed via apt and not flatpak. Why?

This aims at someone who already has a system and wants to have some reproducible thing for a new system.

Back the fuck up and restore from backup.

This also includes take asnapshot of flatpak apps and simply reinstall all of them on the new system.

Yes, there is a lot of improvement to automatically do all this. But not with another solution. Just use dotfiles. Dotfiles and a cloud sync thing.

Try nextcloud with docker/podman. Take a backup/copy right before upgrading, upgrade, if it fails remove the upgrade and wait another week/month before upgrading or fix it. In the meanwhile, you can simply use the version that you have not yet updated.

I’ve had no problem in years

Caddy with caddyfile is very easy although it lacks a gui. Use nginx proxy manager if you want a gui, but it is more work than a caddyfile.

https://caddyserver.com/docs/quick-starts/caddyfile