1. Host family media through Jellyfin, etc. This would include tv, music, and possibly books as well. Many of these will be managed through the Arr apps.
2. Degoogle my phone - I’m beginning by replacing Photos with Immich, but hope to also use Home Assistant, backup other phone data such as messages media, shopping lists, etc. I hope to replace Google storage/backup with Proton Drive.

Seems like a solid plan. I used Nextcloud as a Google Drive/Photos/Calander/Lists replacement, but depending on what you are running as your server it may be a bit too heavy.

I’ve heard that once you get into it, Linux distros like Ubuntu are not very user friendly for self-hosting as a beginner.

Not sure who is saying this. Granted, if your not used to *nix, our ways of doing things can be a bit obtuse from time to time but the Ubuntu based distros are some of the most heavily documented distros available with only Arch being better documented (Don’t use Arch unless you’ve got stock in Bayer. /joking, kinda).

Your current OS choice is maybe not what I would choose, but it is fine. Xubuntu just Ubuntu Server with the XFCE desktop installed. A bit heavy for a server install as a result. One thing I will say is that most server software is setup via the command line and setup via configuration files (These are just regular text files readable by any text editor. I like micro, but anything will work). The desktop environment is just extra weight you don’t really need in this application. Doesn’t hurt anything, just heavy and not really needed.

So is it better on the whole for a beginner to have a popular distro with lots if documentation and step by step guides, or to have a purpose-built OS like TrueNAS that might be more straightforward, but with less support?

Stick with what you have. Ubuntu is a very well supported server distro, and the XFCE desktop doesn’t change that. Things like TrueNAS, UnRAID, and whatever is the flavor of the week tend to cover things up to simplify things. This is fine when they work correctly, the problem comes when things inevitably break. You won’t know where to go looking to fix things. Also TrueNAS is a network storage OS, not really suited for what you are trying to do currently, which seems to be hosting services.

It seems to be working well, but I’ve had a few hiccups trying to update it,

What hiccups were you running into? And were you using the GUI tool or apt on the command line?

I don’t know about Silverblue, but I know you can use NixOS on pretty much any VPS using the tool nixos-infect.

Not sure how it would reduce your attack surface though. That’s not really the problem that they are trying to solve.

I’ve heard mixed things about them, never used them though. Personally I used Digital Ocean for my VPS needs till I had a spare computer available, at which point I moved everything in house.

They didn’t care. You know non tech folk, they don’t care so long as it works. If you’re lucky, they know enough to hit the button with the power symbol to turn it on, but make sure you have step by step instructions printed out for those that can’t figure it out. I wish that was sarcasm.

In our location it was mostly used for passive tracking of equipment via a scanner on the roof of the truck and tags on the trailers and we didn’t use the software much beyond that. From what I saw of it, it was some native custom application. Used the default Gnome interface and design scheme of the time. Looked to be pretty idiot proof.

When I was working for Averitt Express, a trucking company out of Cookeville, Tn, our yard trucks had computers in them (for yard and dock management) that ran Ubuntu. This was 10ish years ago.

And this is why I don’t dual boot anymore. Or run Windows anymore for that matter. Learn to play nicely with others please, Microsoft.

That’s what I thought you might try. Answer is, I don’t know. I think it would depend on what the UEFI does with the secure boot keys when you disable secure boot. From a security standpoint it would make most sense for it to wipe those keys, but I could be wrong. The easiest way to find out if it would cause a problem would be to try it.

If I understand this article correctly however, Windows only requires that the UEFI be capable of secure boot, not that secure boot be enabled.

I think the first thing I would try is to try installing and booting Windows without secure boot. If that fails, than reinstall, this time with secure boot enabled and leave it enabled. Several other comments here are saying that secure boot in linux is now largely seamless and as it has been several years since I’ve mucked about with it, I’m inclined to listen to their recommendation.

Should be doable either way, but swapping secure boot on and off may cause problems with Windows in your proposed setup. I would pick one and stick with it. I know Linux is compatible with secure boot, I just never bothered to learn how to work with it. If I remember correctly, every time a change was made to the kernel, the keys would need to be reenrolled. This includes whenever the Nvidia driver’s updated.

Might want to read up on secure boot.

https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot

https://wiki.gentoo.org/wiki/User:Sakaki/Sakaki's_EFI_Install_Guide/Configuring_Secure_Boot

The last time I had secure boot enabled on any of my systems was several years ago, but yes. At that time you had to enroll the keys both on the initial install and every update. It was such a headache for limited benefits (for me) that I just started disabling secure boot whenever I was setting up a system.

Things might have gotten easier, but I doubt it as he secure boot system is not really under the control of open source developers (for good reason) and the end user can really only choose whether it is enabled or disabled.

Not necessarily, but doing so will make your life alot easier, especially when it comes time to update the drivers.

I really only run 3 addons in Firefox currently. Chrome is the same but without UBlock.

• UBlock Origin
• BitWarden
• Streetpass for Mastodon

With used hardware, it very much depends on what the hardware is and what you’re using it for. if you can find something from the last 10 years it’s probably worth it, but I wouldn’t get anything older than that. Power usage is the main concern, as systems have been plenty powerful enough for most applications for sometime. Hardware reliability would be another factor.

When I was looking a couple of months ago, it looked like $200 USD was the sweet spot for used hardware, but at that price point, you could get one of those NUC knockoffs brand new, such as the Beelink N100. It just depends on what you need.

Sometimes it’s an ideological issue. Some distributions don’t ship nonfree drivers, some do, but require you to manually install them, and some have trouble making up their mind. This last is where you get live cds that automatically load the drivers needed for your hardware, but when you actually install, things aren’t working anymore.

Mine mostly exists as a statement that I exist. It was supposed to be a blog and contact page but I never actually write anything for the blog and nobody ever tries to contact me except for spam.

In the US, it’s a violation of copyright. You could be sued, but wouldn’t likely be arrested.

I would say that the odds of being sued are minimal, close to nonexistent, if it is just a few close friends and family. Jellyfin uses password protection which helps, but you can improve your odds of staying off the media companies’ radar by keeping the server on a private VPN like Tailscale and remembering the rules of Fight Club.

You didn’t say what OS you were running, but if you’re running an iPhone, the original Sonic is in the App Store and is pretty playable on a phone. I also really liked Temple Run.

Just get a Brother. Any of them are fine.

I use AIO as well though I’ve heard the snap version is pretty painless, most of the time.

Google.

Personal preference.

Unless something has changed, Caddy isn’t a dns server. It’s a web server and reverse proxy. If you might expose something to the public internet, you will want it behind the reverse proxy.

If you want to access local network services (private vpn counts) via a domain name all you need is a DNS server and for you clients setup to query that dns server. I use PiHole for this. From what I understand Adguard may be similar to PiHole but I’ve never looked a it.

One thing to be wary of, there are no reserved private network domains. Depending on how you set things up your local network dns queries may go out onto the public internet. It’s best to go ahead and register a domain name that you want to use so that you can control it routing if that happens. They can be had cheap as $11 USD each.