It’s on April 1st, but nobody takes it seriously.

I like Miniflux.

The at load efficency isn’t always the most important metric, depending on what you are using the machines for. If they are mostly idle, efficiency isn’t too bad. Many server tasks don’t load the CPU to the fullest anyway.

They are not too terrible really. 3rd gen i7 is the Ivy Bridge generation, so 22 nm. For many homelab server tasks the CPUs would be just fine. Power efficiency is of course worse than modern CPUs, but way better than the previous 32 nm Sandybridge generation. I had such a system with integrated graphics and one SSD and that drew 15 W at idle at the wall.

Pi Zero uses the CPU from the 3

No, the original Pi Zero uses the CPU of the Pi1 (only clocked higher). So it is quite a bit slower than a Pi 2, since it has only a single ARMv6 CPU core. Still fine for a DNS server on a typical home network.

It won’t get wikis or issues though.

You can easily mirror Github wikis as well. You just need to add .wiki.git to the repo URL. That way you can clone the wiki just like any other Git repo.

Sure, if you have exactly one client that can access the server and you can ensure physical security of the actual network, I suppose it is fine. Still, those are some severe limitations and show how limited the ancient NFS protocol is, even in version 4.

NFS is bulletproof.

For it to be bulletproof, it would help if it came with security built in. Kerberos is a complex mess.

If someone compromises the host system you are in trouble.

Not only the host. You have to trust every client to behave, as @forbiddenlake already mentioned, NFS relies on IDs that clients can easily fake to pretend they are someone else. Without rolling out all the Kerberos stuff, there really is no security when it comes to NFS.

archival strength USB NVME drive,

Does such a thing exist? Ordinary flash storage is pretty bad at keeping its content when powered off for a long time, due to how flash memory works. I’d be curious about such drives.

Thanks, I think the risk here is that there may not be hardware to read it.

M-Disc DVDs are readable by ordinary DVD drives. So you could simply put a USB DVD drive alongside those backup M-Discs on the shelf.

The script appears to be missing the #! line. Without that, it is unclear which interpreter should be used for executing the script.

or a domain with a random string of characters so no one could reasonably guess it? Does it matter?

That does not work. As soon as you get SSL certificates, expect the domain name to be public knowledge, especially with Let’s Encrypt and all other certificate authorities with transparency logs. As a general rule, don’t rely on something to be hidden from others as a security measure.

Then I don’t understand what your point is. A CPU on its own without a system isn’t of any use. Since there were no motherboards allowing you to use that much RAM, the point about the CPU supporting it is moot as far as I am concerned.

While technically true, the P4 did support PAE, in reality you couldn’t really make use of it on consumer hardware for most of its lifetime. No ordinary socket 478 mainboard with DDR1 memory supported more than 4 GB of RAM. With socket 775 more RAM was possible, but that socket is “only” ~20 years old.

Besides that, there were other even newer systems that supported only 4 GB of RAM, like some Intel Atom mainboards with a single DDR2 socket. Same with Via C3 mainboards.

I’m using a DuckDNS domain with caddy as reverse proxy, but it appears that the domain is defaulting to port 80 no matter how I set up the config. I can’t specify a port number in DuckDNS as far as I can tell.

A domain or DNS in general has nothing to do with ports. DNS is primarily used so that you don’t have to remember IP addresses.

kWh is a unit of power consumed. It doesn’t say anything about time and you can’t assume any time period. That wouldn’t make any sense. If you want to say how much power a device consumes, just state how many watts (W) it draws.

How would ZFS snapshots help in a situation like this, where you have accidentally formatted your drive?

Unless you require the dynamic features of Wordpress, you could have a look at some of the static site generators out there (such as Hugo). Having a static site would reduce the attack surface considerably. Also due to the shenanigans happening with Wordpress at the moment, I would be weary of using it.

About SSL, what others have already mentioned, SSL certs are available for free these days, thanks to letsencrypt.

Why? Even 1080p is more than what is usually needed for such a KVM solution. It is not like this is meant for doing remote work on a computer or anything like that.