What do you want to do with this workspace? Are you looking for a VNC controlled Linux desktop environment? Or a “codespace” with an editor and a terminal in the browser? Or an office suite? Or…?

Your Postgres and/or MariaDB is probably configured to take as much RAM as it can get. It shouldn’t use that much with the light workloads you’re likely to have.

Modem for what type of internet connection?

I second that. Their cloud servers/VMs are pretty fast (the hosts don’t seem overprovisioned) and even their dedicated servers are cheap for what you get. I can also recommend their server auction page.

Use Wireguard instead of OpenVPN.

Serviceable, but still not great quality most of the time.

Not self-hosting email anymore, but back when I did all the hype was https://mailcow.email.

Fair enough!

AM4 can do 128 GB with 4 32 GB sticks.

Other than that I agree with your post. No way you get more for your money as soon as you start going beyond the base configuration which is still 8 GB RAM /256 GB SSD in 2023/24 by the way.

Sure, it’s a compact and very power efficient device and having 10 GbE built-in for a reasonable price uplift (decent PCIe 10 GbE cards aren’t much cheaper) is great. But to be honest an Intel NUC or even desktop parts with low-end motherboards aren’t exactly power suckers when mostly idle.

And then SSD storage and RAM pricing is like a quarter compared to what Apple charges for it, if even that. And you have the choice of going for ECC RAM on supported platforms, which is great for a file server for example.

OS compatibility is a big one as well, you can basically choose between macOS and Asahi Linux and while the latter is probably okay for self-hosting purposes, I prefer more stable and long-supported distros like Debian.

Point being that an attacker also needs access to said vault.

It’s a cool concept that quickly falls apart in my opinion:

1. It’s not really stateless as soon as a website has certain password requirements. You probably don’t want to remember the configuration of all passwords in your head.
2. If the password for a website gets compromised, you have to set the “counter” + 1. Again, not stateless.
3. If you have multiple accounts per website, you’ll have to store the site differently (for example including www, not including www) or interlace the counter (odd/even) between the two. This gets more and more messy the more accounts you add, and again, it’s not stateless.
4. The master password is the only thing an attacker needs (plus the state mentioned above, but it’s easy to brute force a simple counter). With most other password managers, the attacker needs access to the vault/database and potentially a keyfile, secret and/or some form of second factor.
5. Changing your master password because it got compromised or ideally before it gets compromised changes the passwords for all websites.
6. You still have to remember your username or login email, so that’s again not stateless if you’re saving it in some sort of LessPass client.

I could probably list a lot of other reasons why it’s not a good idea to use it. There are probably some edge cases where it’s good, for demonstration purposes or training sessions where the participants all need unique (temporary) logins for several services.

Nice frontend, but honestly the Borg CLI and borgmatic config is so easy and straightforward to use, you shouldn’t need any GUI.

May I ask why you are running Borg inside a container? You could just run it directly on the host and that would’ve solved your problem it seems.

I switched to Prowlarr recently and while the autoconfiguration of the other *arrs and the consistent UI is great, Jackett works just fine and achieves the same goal.

While not S3 compatible, it’s compatible with rclone, rsync, borg, restic, and generic connection methods like SFTP, Samba or WebDAV.

Safe to say that most backup applications will be able to connect to it somehow.

So, did you tell them your currently needed limit?