MoCA is a way to send wired Ethernet up to (300mb/s, at least the version i have) over coax. Verizon fios would provide these devices to send internet to set top boxes over existing coax cabling, but you can get a pair of these devices and send Ethernet in on one side, and Ethernet out the other side.

I have noticed however, it adds a bit of latency to the connection, which may be trouble.

Depending on your use cases and apps, file locking can be problematic when sharing across SMB and NFS simultaneously, their locking semantics are slightly different

TacticalRMM is very comprehensive, self hosted, but more geared towards organizations managing a fleet of machines.

IMAP on O365 now requires “Modern Auth”, which requires OAuth to authenticate access to mailboxes. Anything that connects via IMAP will need to be approved by the admins at this point (Including Thunderbird). Without the cooperation of your organization’s IT team, you are not going to get far.

Planka looks very promising too

TOR needs to have a lot of ‘background noise’ legit use, otherwise the folks needing to hide in the weeds stick out like a sore thumb.

If you use gitea, it’s just a few steps to enable it to be an OAuth2 provider. See Oauth2 Provider Docs

Not only do they not federate, they also seem to suggest they are not making the self hosting option as easy as it could be because they would prefer one instance that everyone connects with.

It seems pretty solid otherwise, and the self hosted option can work if you are willing to spar with it, but that position makes it super easy for one organization to buy or somehow influence all the primary devs and turn the project closed in no time at all.

Personally, I will use both: On servers with fixed network connections I will tend to use ifupdown; but on my linux laptops I’ll use networkmanager or networkd which tend to have nice UI’s for joining various forms of wifi networks. On my laptops for some VPN’s i"ll use the ifupdown configuration, which lets me setup all sorts of exotic configurations (bridges, vlans, vxlan, vpns, namespaces, etc.) The linux command line tooling has a litany of functions to check/test/diagnose/tweak networking settings, and they work across all the distros, AND they can reveal the full details of the network, as the kernel sees it. NetworkManager, networkd, connmann, etc, often omit details in the name of simplifying for the most common scenarios.

As an anecdote – I have been sitting on an elastic IP at AWS for years, with reverse DNS configured properly for it. Way early on (years ago), some spam filters would block the whole netblock, but I can’t remember the last time the IP Block was wholesale blocked. I think AWS is very much on top of any spam complaints from their Elastic IPs, and as long as you don’t abuse your specific IP, you are in good shape for light volume, non-spam mail.

LMTP support would be nice too: existing mail routing infrastructure could send messages into stalwart-managed mailboxes. (Edit: reading the docs, they do support LMTP! This is awesome)

A single binary can be invoked with different privilege levels. OpenSSH, for example is a single binary, but uses OS privilege separation when setting up connections from the root-owned daemon. (Just to be clear, I’m not sure that stalwart is using this technique, just that single binary apps do not exclude the possibility of OS privilege separation.)

What are you using for your DNS TTL value?