GrapheneOS is the way to go.

Very good question! AFAIK, no.

Here is an article I saved while doing some research on Matrix VS XMPP. (I’m using XMPP) https://lukesmith.xyz/articles/matrix-vs-xmpp/

True. Maybe it was not the best phrasing. It may apply to some email providers (eg. Proton) if email communication happens only between recipients of the same provider, which is rarely the case.

I mentioned this to highlight that if this pressure is put on legitimate secure services like GrapheneOS, then you can imagine that your email data is scrutinized without your knowledge.

French government is trying to crack down on encrypted services. https://x.com/GrapheneOS/status/1993035936800584103 I’m avoiding anything from France for now.

Check Feishin. It works great with both Jellyfin and Navidrome.

If privacy is important for you, https://anytype.io/ has E2EE (End-to-End Encryption). You can run your sync nodes also. Personally, I’ve used Roam Research, Doom Emacs, moved to Logseq, then Obsidian, back to Logseq and now I’m using Anytype for two years.

Edit (hit post by mistake): The encryption part was not a must for me also, but then I started using my notes in my work laptop also and I didn’t want my notes stored in plain text on a computer which is not fully controlled by me. I’m mentioning it because over time you’ll have many, many notes and the transition from one tool to the other is very time consuming.

Anytype is awesome!

https://github.com/MattBlackOnly/SpotSpot + Gluetun

Anytype

Zotero

I’m actually paying a yearly subscription to support the project. I have the self-hosting task in my backlog, but I keep dragging it 😶‍🌫️

NewsBlur

There are a couple of things to cover here:

1. Keep your software/containers up to date. You can subscribe to the GitHub repo and configure it to get notified for new releases and security alerts. Complementary, you can use RSS feeds, newteleases.io and/or WUD (What’s Up Docker) and add labels to your docker compose files. Personally, I check the notification once a week and change the version for all minor tools I’m using. If there is a major release (or new Immich version) I read the changelog and update instructions (if it’s the case).

2. For container security scans, you can use Trivy, but the problem is that you don’t have a centralized overview of your scan results. For this you can use DefectDojo. Depending on the case/threat model, vulnerability management for self-hosted things might be overkill, but highly recommended of you want to learn more about this. It worth mentioning Trufflehog as secrets scanner and sops as a solution to encrypt sensitive data so you can push it to git/SCM.

You might wanna check out this article: https://lukesmith.xyz/articles/matrix-vs-xmpp/

I found it after I already settled with snikket.im The mobile application is reliable and there is Conversation as desktop client. From my point of view, the audio and video quality of Snikket are way better than Matrix.

It worth mentioning that initially I wanted to set up a Matrix server also, but I had second thoughts because I knew how resource intensive are the mobile app and the server also.

The last commit was 5 years ago. There are very high chances the container image is full of vulnerabilities. You might wanna rebuild it yourself.

It’s fairly simple with Caddy. https://marko.euptera.com/posts/caddy-webdav.html

Damn… Do you know other mirrors/container registries available?

I experienced the same problem and the workaround was to select English from the Default Language dropdown menu (after performing a search). I switched to another instance anyway.

Custom domain + SimpleLogin which generates a random alias (Tip: you can have emails forwarded to multiple “real” email addresses) + fake names and other personal info

There is also Neo Store which can be used as a F-Droid client.