I’m using a commercial desktop with an i5 Sandy bridge. I maxed out to 32Gb of ram only because I’m running trueNAS, debian with containers, and home assistant. Most RAM goes to trueNAS and trueNAS doesn’t accurately report ram. For CPU, mostly just task limited but I don’t really think thats a proxmox issue. Obviously it’s not going to support an enterprise or even small business but it works for what I need of less than 4 users on my budget.

Proxmox doesn’t really ask for much but I probably would recommend docker for your arm devices.

There’s a website called privacy.com for US that lets you virtualized any debit card. I believe PayPal has the feature too.

I keep everything behind a VPN so I don’t have to worry much about opening things up to the Internet. It’s not necessary about the fact that you’re probably fine but more so what the risk to you is if that device is compromised, ex: a NAS with important documents, or the idea that if that device is infected, what can that device access.

You could expose your media server and not worry too much about that device but having it in a “demilitarized zone”, ensuring all your firewall rules are correct and that that service is always updated is more difficult than just one VPN that is designed to be secure from the ground up.

Have you checked and enabled hardware acceleration?

Support and troubleshooting steps are dependent on your GPU and OS.

Sounds like do not track +

On Android and I believe IOS it’s a single connection. I would start with the basic functionality (also don’t create a tailscale account with GitHub bc it does weird things with sharing if you ever want to have multiple users).

Once you’ve got the VPN and storage working I can think of two options to give you the functionality of 2 vpns

1. tasker is an android app that can let you automate a lot. It might let you switch vpns when opening say your storage app and switch back a bit easier than toggling it in settings.
2. setup your lap-server at home with an outgoing public VPN so traffic goes mobile device> tailscale> public VPN. Essentially acting like you’re home using your public VPN. This may take some tinkering to work properly, especially when you’re home on the same network. Plus you would definitely see a Network speed impact on your phone.

Tailscale + truenas is a simple solution that should allow OP access outside the network without any network config. E

As others mentioned, you can probably use a 3 gang standard faceplate.

The other option would be using a Shelly this is wired like a 3-way switch inside the box; the outside will look normal. As long as you have space, I think the mini should work but I’m not super familiar with their models.

I setup openvpn on my network originally + duckdns on a dynamic IP in 2021/2022. It’s an “older” protocol but I felt it was easier to setup since it’s been around longer and the tools just make it easy.

Wireguard has speed advantages but being newer, takes more work to see those speed advantages. There’s a docker container called wg-easy that I’ve heard mixed things about (speed in a docker container vs easy to setup).

I used tail scale when I rebuilt my VPN server because I was originally using Oracle Linux (wanted to learn it more but went back to Ubuntu).

If you can get certificates working, wireguard shouldn’t be too difficult. I prefer VPN over exposing multiple ports/protocols for a family or small userbase. If you’re sharing libraries or other services with extended family, I’d probably expose those to the Internet and work on hardening/having that server in a demilitarized zone + certificate based authentication and MFA on any public admin accounts.

I bought the GL-AR750S a while ago and kept it stock. It’s a customized version of OpenWrt with an “advanced mode” that lets you get into what I believe is just the regular wrt configuration portal.

I didn’t have anything that the router couldn’t do from VPN to repeating to spoofing Mac to get through cafe-style portals at hotels.

Looking at their website, it looks like their newer models still use wrt https://openwrt.org/toh/gl.inet/start.

Looks like it’s to push credit karma onto folks but with no budgeting features :/

Credit Karma does not currently provide budgeting features the same way that Mint has in the past.

Technology connections cut a hole in a dishwasher to demonstrate how different detergents work.

Cloudflare has DDoS protection but it can’t stop everything 100% of the time. According to the admins, the attackers are very familiar with how lemmy works and are using this knowledge to overwhelm resources. This isn’t just a simple script kiddy or bonnet for hire but likely points to someone that has worked within the lemmy community.

https://www.cloudflare.com/learning/ddos/what-is-a-ddos-attack/

https://www.cloudflare.com/learning/ddos/glossary/web-application-firewall-waf/