I am not sure where this idea comes from, but putting a service behind a reverse-proxy does not increase its security in any way, unless you'd do authentication right at the reverse-proxy.

This explains it, although it is not really Git's fault as that article suggests, but rather the charset conversions to UTF-8 that broke things. With all that fixed it builds fine. I've been using DOSBOX and since all the required build tools are included in the repo, it is easy to build.

Did anyone manage to build this? It seems something is missing, or I am doing something wrong. The build fails due to missing symbols for me. Also, interestingly the assembler complained about one line in a certain file being too long. Fortunately that lines was just a comment, so it was easy to fix that.

Great photos!

Compared to other SBCs, Raspberry Pis have been pretty inefficient for a while. A Pi 5 idles at about 3 W, which is pretty terrible for such a board, compared to other similar devices. You can get X86 PCs that idle at 3 W which are way more powerful. Other ARM SBCs use less than half that at idle and similarly less under load.

There are probably multiple reasons for that. The Pi's SoCs have always used rather old process nodes, which are more power hungry than more modern ones used by other single board computers and PCs - 16 nm for the Pi 5 SoC and 28 nm for the Pi 4. Also, with the Pi 5 there is this additional "south bridge" chip which is attached via PCIe. This consumes additional power and for some reason the PCIe link is configured such that it never enters power saving states. I don't know why.

Also, the power supply circuitry on the Pi 5 is far from ideal with its 5 V / 5 A power supply. Such a low voltage at such a high current can easily cause additional losses on the wire. That's mostly relevant under high load though.

Since none of these require a Raspberry Pi to run, I would suggest using a mini PC (with an Intel N100 or similar) instead of a Pi 5. With all the accessories needed for the Pi, a mini PC can actually be cheaper and of course a lot more powerful. Since the Pi 5 is very power-inefficient, a mini PC can even be better in that regard too if that matters to you.

Especially for Jellyfin a PC with an Intel CPU with integrated GPU is awesome, since Jellyfin supports hardware transcoding with that.

Of course harassment is never okay, but I'd say when it comes to GNOME, this is not surprising. GNOME developers have been so hostile towards both users and other developers for a long time. I'm not saying every single person associated with the project does this, but it is pretty common (e.g. here and here ). Of course the GNOME devs don't have to accomodate everyone, but it is a common theme with the project to remove features despite user backlash and also to close bugs as WONTFIX often without good explanations as to why, even when there are pull requests for fixing the problem.

I am simply avoiding the project, since there are enough good alternatives.

There is quite a significant difference. An ssh server - even when running on a non-default port - is easily detectable by scanning for it. With a properly configured Wireguard setup this is not the case. As someone scanning from the outside, it is impossible to tell if there is Wireguard listening or not, since it simply won't send any reply to you if you don't have the correct key. Since it uses UDP it isn't even possible to tell if there is any service running on a given UDP port.

Getting certs from Let's Encrypt should work fine with any provider, even if you can't open any ports, since they do support DNS challenge.

Particularly in low-load scenarios there can be quite a big difference when it comes to PSU efficiency. While newer ATX PSUs have become better with regards to efficiency at low load, a Pico PSU can still be quite a bit better. Older ATX PSU often don't even reach 60 % efficiency at 5 % load (which would be a typical load for such a system at idle), sometimes considerably less than that. At the same load a Pico PSU can easily be at 85 % efficiency.
Of course, at higher loads the difference is way smaller.

Mine runs a little under 18 W with one 8 port managed switch, a DSL modem, CM4-based router, a tiny Wifi AP, and an Intel Celeron J4105 based mini PC server.

From a security point of view it is not a good idea to host multiple web applications in sub directories on the same hostname. With such a configuration, every application sees all cookies from all other applications. This also means that you can have collisions of cookie names between applications if the names are not unique.

So if one application would get compromised, it could easily steal all your sessions for all other applications.