This survey doesn’t distinguish between levels of cloud service provider, so I was a little confused.

Virtual private servers, cloud virtual servers (like AWS), cloud-based software where you provide code or a program and the cloud system runs it on a server of its choosing, and cloud-based systems where someone else provides the software (like Google Docs).

Jellyfin depends on proprietary Microsoft .NET, even on Linux.

It’s still better than Plex and Emby, which are fully proprietary, and have no source code. But I will stick with sshfs with kodi, and nginx plus mpv for now.

Try going to http://000.000.000.000:8080/ in your web browser (replacing the 0’s with your public IP address), on your home connection. If it doesn’t work, it means that your port forwarding is probably not working. If the page loads correctly, it means your port forwarding is working correctly, and the problem is probably your ISP doing port blocking.

In my system, the raid arrays seem to do periodic data scrubbing automatically. Maybe it’s something that’s part of Debian, or maybe it’s just a default kernel setting. I don’t think it helps much with data integrity – I think it helps more just by ensuring the continued functionality of the drives.

When it’s running, you can type cat /proc/mdstat to see the progress.

That command will also show you if there is a failing drive, so that you can replace it.

Sure. First you set up a RAID5/6 array in mdadm. This is a purely software thing, which is built into the Linux kernel. It doesn’t require any hardware RAID system. If you have 3-4 drives, RAID5 is probably best, and if you have 5+ drives RAID6 is probably best.

If your 3 blank drives are sdb1, sdc1, and sdd1, run this:

mdadm --create --verbose /dev/md0 --level=5 -n 3 /dev/sdb1 /dev/sdc1 /dev/sdd1

This will create a block device called /dev/md0 that you can use as if it were a single large hard drive.

mkfs.btrfs /dev/md0

That will make the filesystem on the block device.

mkdir /mnt/bigraid
mount /dev/md0 /mnt/bigraid

This creates a mount point and mounts the filesystem.

To get it to mount every time you boot, add an entry for this filesystem in /etc/fstab

The man page at https://btrfs.readthedocs.io/en/latest/mkfs.btrfs.html says:

RAID5/6 has known problems and should not be used in production.

So those profiles have unknown, unspecified problems.

But btrfs is safe on top of md-based raid1/5/6. It also has the advantage that you only need to encrypt one volume.

The easiest way to disable unnecessary services is to uninstall them with aptitude, or whichever package manager you like. Try terminating services one by one, and see if anything bad happens. If nothing bad happens, you can probably uninstall it. On the other hand, if the system does get wonky a reboot should fix it. Or, you can research the services by name and decide whether to uninstall them. (avahi-daemon for example is a good idea to uninstall.)

To make the GUI not run, uninstall your display manager (gdm, xdm, nodm, or whatever) and uninstall your xorg server or wayland server. There may be GUI programs remaining after that, but they will only be consuming disk space, not RAM or CPU.

If the battery is old and holds little charge, you may save a few watts by removing it and throwing it away, instead of letting the system keep it topped off.

Get a power meter, such as a Kill-a-watt device. Then, experiment with different settings. If it’s consuming less than 30 watts, you’re probably fine. If you live in the US, one watt-year is about one US dollar (or a little more), so for every watt it consumes, that’s about how much you will pay per year for its electricity.

draw .io is closed source.

Using a VPN (like Tailscale or Netbird) will make setup very easy, but probably a bit slower, because they probably connect through the VPN service’s infrastructure.

My recommended approach would be to use a directly connected VPN, like OpenVPN, that just has two nodes on it – your VPS, and your home server. This will bypass the potentially slow infrastructure of a commercial VPN service. Then, use iptables rules to have the VPS forward the relevant connections (TCP port 80/443 for the web apps, TCP/UDP port 25565 for Minecraft, etc.) to the home server’s OpenVPN IP address.

My second recommended approach would be to use a program like openbsd-inetd on your VPS to forward all relevant connections to your real IP address. Then, open those ports on your home connection, but only for the VPS’s IP address. If some random person tries to portscan you, they will see closed ports.