Ollama + open webui + tailscale/netbird

Open webui provides a fully functional docker with ollama, so just find the section that applies to you (amd, nvidia, etc) https://github.com/open-webui/open-webui?tab=readme-ov-file#quick-start-with-docker-

And on that host install netbird or Tailscale, install the same on your phone, in tailscale you need to enable magicdns but in netbird I think it provides dns by default.

Once the docker is running and both your server and phone are connected to the vpn (netbird or tailscale) you just type the dns of your server in your phone’s browser (in netbird it would be “yourserver.netbird.cloud” and in tailscale it would be “yourserver.yourtsnet.ts.net”)

Checkout networkchuck on youtube as he has a lot of simple tutorials.

Just the fact that it costs means that most people won’t even consider it, making it very hard to recommend.

It is not as good as a decentralized system, and even though the server is open source, it isn’t self hostable (technically in an intranet you could but not easily)

But the signal foundation is a non profit with external audits and a proven track record with law enforced requesting data and getting basically nothing (If i remember correctly they only have your user to phone number relation and the last time you were online)

So although it is imperfect, it is an amazing solution that is almost the only 1:1 competitor to whatsapp/messenger/imessage that is privacy respecting, so I am very grateful for it’s existence.

Just like any foss project, there some level of trust if you are going with the main distribution. In theory you are correct that not much is stopping them from releasing a malicious update, but because it is open source, soon enough people would notice that either they released new code that is malicious, or that the new version does not match the source code. That kind of scenario is known as a supply chain attack.

Since the code is open, you can literally read it for yourself to see exactly what the apk does. You can also fork it and modify it however you like, just like the creator of Molly did (Molly is a fork of the Signal client that adds some security features)

Gonna get hate for this but…

The one thing I think LLMs are actually super good at is helping you find the right terms for things that you don’t know how to find.

There are a few reasons why someone might use Proxmox. It doesn’t have to be just security, it can also be different network architectures that don’t work as well in Docker and it can also be just greater control over the services which is less comfortable to do in Docker as it’s meant to have built images that are running and are ephemeral. There are also certain services that either don’t have a pre-built docker and someone might not want to bother with making their own docker infrastructure around it or have technologies that are not well supported or are not well executed in docker.

There is also the fact that Proxmox is meant to be used in production, which means that it’s more stable (than some casual docker rubning on whatever distro they have) and it does have a very low overhead, even if you do use dockers you can use them within Proxmox and it gives you a lot of capabilities that add to stability and manageability.

Generally speaking if your threat model is very small, you’re running this within your private network, and it’s not exposed to the internet or anything large like that, then it doesn’t really make a big difference and you should probably just use whatever is comfortable for you.

I personally moved to Proxmox for three reasons which are security, customizability and stability. I felt that within Docker containers it was a lot more annoying to have to pull the images and make my own Docker files and update them and build them every time. I find it easier to have my own server with its dedicated service and that I know how to update and how to modify more properly and that I built from scratch. There is also the advantage that I can use whatever OS I want for different situations. Of course I personally use exclusively Linux but even within that I can use different distros and I can have all kinds of different services running without interfering with one another in any way, and in extreme cases I can have a windows vm.

And another major factor for me was that I just wanted to learn how to do it. I think it’s cool and it was interesting and I have already experienced Docker to a level that I felt comfortable with it and it was time to move on and expand my horizons.

Wow, that took so long! But good on them for finally doing it!

So basically “if they are not a state we kill them slowly, if they are a state we kill them quickly”?

Thanks!

My method has always been the same, it it always works eventually.

When my devices go against my will, I lean real close and whisper “I’m gonna fucking disconnect you and then throw you in a river” and usually after a few hours of threats I get what I want. I guess the debugging and manual reading and whatnot does help a bit, but I suspect it is mostly the fear that fixes the issues.

My arch only breaks when I (unknowingly) tell it to.

Kinux

Tip, if you have the room for it, looking for second hand servers (as in actual servers with server hardware) is often really useful.

As you start hosting more stuff you realize that ram and cpu cores are very limited in consumer hardware. With a shitty second hand server you could have more cores and more ram than anything in the consumer category, and you can stick an old GPU on it if you want some better media performance.

But if you truly believe that you won’t spread out and that potentially 64gb ram and 8 cores will suffice, just go ahead and build it however you want. It is no different from a regular build. Get a nice ssd, get a wired ethernet connection and you are like 90% of the way there.

Edit: everyone else is giving much better advice, ignore my overkill here. For media and simple game servers with a low energy consumption target you are probably better off with a mini pc with an integrated gpu or if you want to future proof a bit, maybe one of those unified memory ones where you ram is also the vram and can produce pretty good performance.

So also reduced sentences on all crimes under the insanity defense? Or just the parts that fits your agenda?

Canons are a dangerous weapon

Wait… Pissing IS letting it go, how would I let go of letting my piss go?

Ah yes, I once had a vaccine and I remember going home to serve my master and get whipped. But after a few days the slavery side effects went away and I got back to being a white kid in the 2000s.

WTF goes through these people’s minds?

Happiness is a distraction from perfection, let it go!

Only tailscale fpr vpn and backblaze for backup

Probably grapheneos until it dies (thanks Google) then 2 phones, a cheap stock one at home shutdown and no sim, only for critical services that are exclusively app based, and a Linux phone as my main.