Revolt is kinda “centralized”. You can host your own version, but they seem to actively discourage you from doing so.

https://github.com/jgraph/drawio/blame/dev/LICENSE <-- that’s … a rather specific and recent change. Is there a story here ?

You are aware that draw.io is itself open source and self-hostable: https://github.com/jgraph/drawio ?

At $dayjob I switched from Apache to nginx 15+ years ago. It’s Callback/Event based process model ran circles around Apache’s pre-fork model at the time. It was very carefully developed to be secure, and even early on it had a good track record. Being able to have nginx handle static content without tying up a backend worker process was huge, and let us scale our app pretty well for the investment of time. Since then, Apache implemented threaded + Event based process models, Caddy, traefik, and a bunch of others have entered the scene.

TBH, I think the big thing nowadays is sane defaults, and better configuration, even automatically discovered configuration – traefik is my current favorite for discovering hosts in consul/Kubernetes/simple host definition files, but since traefik can’t directly serve files, I simply proxy from traefik to … nginx :)

Navidrome is another server that works pretty well, implements the subsonic protocol ( so all the apps that can cache and stream to your mobile device work). You can have multiple logins, or just share out playlists and albums individually to non-authenticated users.

MoCA is a way to send wired Ethernet up to (300mb/s, at least the version i have) over coax. Verizon fios would provide these devices to send internet to set top boxes over existing coax cabling, but you can get a pair of these devices and send Ethernet in on one side, and Ethernet out the other side.

I have noticed however, it adds a bit of latency to the connection, which may be trouble.

Depending on your use cases and apps, file locking can be problematic when sharing across SMB and NFS simultaneously, their locking semantics are slightly different

TacticalRMM is very comprehensive, self hosted, but more geared towards organizations managing a fleet of machines.

In fact, it can be better: having root means you can arrange additional ‘firewalls’ between apps and your data , or omit/falsify sensor data the the banking app should not need, that the Google is unwilling to implement.

IMAP on O365 now requires “Modern Auth”, which requires OAuth to authenticate access to mailboxes. Anything that connects via IMAP will need to be approved by the admins at this point (Including Thunderbird). Without the cooperation of your organization’s IT team, you are not going to get far.

I worry too – if this gets any significant uptake, what’s stopping Reddit from shutting off the spigot? Given their reasons for turning the screws on API and other policy changes, they may not take kindly to having “their” content re-posted elsewhere, let alone to a system designed specifically to escape reddit.

If it’s a secure enough environment, I imagine that there will be monitoring on the device, and the moment a hub shows up that’s not supposed to be there, or any other USB device tree that doesn’t match the approved list, , alarm bells ought to go off. If it’s valuable enough; the attack would be to use a passive device picking up leaky signals on the wire, or even hidden camera watching screen/keyboard.

Planka looks very promising too

If you use gitea, it’s just a few steps to enable it to be an OAuth2 provider. See Oauth2 Provider Docs