I used to run LineageOS with a lot of my own tweaks to meet my privacy needs; however I reached a point I decided it didn’t fit my needs for security. So, I went back to GrapheneOS. Which, I am 1uite haply with. Ultimately, I dream of a fully operational Linux phone of sorts; but we aren’t there yet.
I ditched reddit, and most centralized social media. I ditched many big tech services in place of self hosting my own. And even that is mostly locked down. Very little exposed to the web. Ad blocking, as well as my own underlying upstream DNS, with a fallback that isn’t Google or Cloudflare. Services being firewalled off. Reverse proxy setup limiting access via IP:Port while also including SSL certs for local only https.
And this list goes on; it’s a constant journey. But the hard part is to still be social. Hahaha
I can totally understand where you are coming from.
I do hold the view that if you can read, you too can install GrapheneOS, or try Linux; but that doesn’t make it right for everyone. It’s a self imposed journey. I can’t expect everyone to make the same choices I do.
That is where I will educate people as to why I chose what I chose; however I will not try to force someone down the same road.
So totally understood.
My apologies; I have a computer running docker, who I hosts a plethora of services. I have an external drive connected to it (because i don’t have a NAS) and have it mounted to my underlying OS on that Docker server computer. And each container than needs it, mounts directories from that drive.
All of this is internal network only. And another server manages VPN connectivity to my home network. So I have remote access to everything I need with minimal ports forwarded.
I don’t Nextcloud currently, but I have considered it. Currently I have everything I want on a drive connected to my docker box, and if I need it I SCP it to or from that server. My need for files stored at home isn’t exactly huge. But nextcloud or similar is in the pipeline.
I am on the move often too, but because I can VPN into my network, and use the pihole+unbound DNS on my GrapheneOS phone all the time, I always have access to my stuff.
Digital Privacy is an ever evolving endeavor. What I was okay with a year ago, isn’t the same as where I am today.
I am still mid-journey of de-googling, de-microsofting, de-big-techifying my life.
The more and more the digital landscape changes, the more and more we have to be cautious of.
I went from using all the google services, all of the microsoft services, and more of big tech’s services. But at what cost? What was free really only made me the product. My data was and still is to some degree being used, bought, sold by many different providers.
So I have been working towards self-hosting anything that matters to me. File storage, self hosted. Media consumption, self hosted (mostly.)
I have one as far as running a pihole, with my own upstream DNS. Mix that with the only way to access my self hosted things through VPN. And beyond that other security/privacy measures.
The goalpost for being more private, and more secure, is ever changing. The goal is to minimize my exposure.
I wasn’t meaning to conflate the two, as I see your point. I didn’t claim it was FOSS, just that the source was available.
I know for me, I don’t mind using software that is licensed so that it doesn’t directly fall under FOSS. I just like the availability to view the source vs closed source software being a total black box.
I have no plans to monetize their work, nor fork it, only use it.
I know I don’t want to open up any more ports than I have to, but you’re right, that does sound like another alternative to setting up VPN.
Since I access more than just my pihole when connected to my home network. And because I want access to my home services, and don’t want to open up access to the public, opening one port and connecting to VPN is the way to do it. I have one port opened up for my VPN, and in order to connect you have to have my IP or my domain pointed at the IP, and you have to have a Wireguard profile setup, and know what port is open. So that does help a tad bit with my security concerns.
Edit: how would I go about that if I felt so inclined? Any tips?
Avoid any machine with an Nvidia graphics card for Linux. It’s more hassle than it’s worth. Source: my experience.
However, I have good luck with most laptops that have Intel integrated graphics. Specifically Lenovo machines. I am not exactly sure what budget you have, but you can get a second hand Lenovo machine that would work quite well.
If you don’t care about it being fully open source/libre, then from my experience you likely won’t have much issue with Wifi either.
As far as what you are wanting to use it for, you could get away with something fairly low powered. Depending on your preferences, I would suggest a number of distros for that purpose:
Fedora, it’s been a good distro in my experience. They offer different spins of it with different desktop environments. I personally love KDE, but you could go with Gnome too.
As far as hardware goes, if you are unsure about a machine being usable with linux, I would check here: https://linux-hardware.org/
Hope this helps!
Cant say that I have, but will now!