MinFapper

Ummm... maybe some more context is needed? That makes no sense

There are a lot of programs that try to detect VMs and other unverified environments (e.g. Google's safety net) to deter bots and fraud.

Buying physical devices circumvents all that

ngrok isn’t just for development.

That's news to me lol. I've personally only used them for development so I can't tell you how good they are for running production services.

I just looked at their pricing page and it looks like the Free and Hobbyist only include 1GB and 5GB of data, respectively. I've never actually measured my data usage because Cloudflare gives unlimited data, but I suspect that's nowhere near enough for a photo sharing app like Immich.

You might be misunderstanding the value-add of a CDN to self-hosting, so here's my attempt at explaining:

I've been self-hosting things for a very long time. In the old days, we would wrangle our routers to expose port 80 for HTTP (and later, port 443 for HTTPS) and forward those connections to the self-host server and then add the appropriate DNS records to point our website domain to our home IP address (which was its own fun challenge when ISPs refused to give static IP addresses for home plans). Relatively simple.

However, in recent years (especially after the pandemic) the internet has become a much more hostile place. People find vulnerabilities in your nginx/caddy/apache or whatever reverse proxy you use (or router, or any one of the many other parts of your network/software stack) gain access to your local network and your personal data. And then there are bad actors doing DDoS attacks or AI crawlers generating DDoS levels of incoming requests to overload your hardware.

All that combined means it's very dangerous to have your home IP exposed to the internet (allowing any sort of inbound requests) at all.

So, how do we access our self-hosted stuff while we're outside of home? The safest approach is to use a VPN. Tailscale is the most popular one that I've come across. Only client devices that are connected to the VPN have access to your stuff. Random bad actors can't poke your self-hosted stack for vulnerabilities.

Okay, what if you want to share something with people publicly? I for one, use Immich for my photo libraries and it's very easy to be able to share a link to an album for friends and extended family to access without having to install and configure a VPN on their phones.

That is where cloudflare comes in. We can run cloudflared on our machine, which makes an outbound request to cloudflare and creates a tunnel to route all the incoming requests from their servers to your reverse proxy. Your network is still not exposed to the internet, and the edge nodes (the machines that actually front the incoming traffic from the clients) are not owned by you.

Now, I guess it's feasible to rent a VPS on DigitalOcean/OVH/Azure/AWS and run a Tailscale exit node there to achieve a similar result. I haven't looked too deeply into Pangolin but it looks kind of similar. Now you're adding extra work to keep those configured correctly (and up-to-date), is less secure because you're not doing that full time (unlike the engineers at cloudflare) and you're still dependent on that VPS provider to not go down, so the disaster recovery profile hasn't changed all that much.

That's why there's no self-hosted alternatives to a CDN. I guess you can go with their competitors like Fastly/Akamai/etc, but all of them are considerably more expensive. And even the ones that do have free tiers have data limits or bill per gigabyte. That's an extra headache to worry about for that one month your mother decides to take 1000 videos of your son during the family vacation and her phone automatically backed up all of them at full-quality.

I mean waydroid already exists

Anything recommended by the Open Home Foundation or partners with Home Assistant

Honestly, these days I use fdroid as my primary app store. It's been an amazing way to cut through the junk and find great apps.

What did the original image say?

The best kind of correct

Might I suggest Bitwarden.

It's open source, syncs across every platform I know of, and supports passkeys.

Just checking: have you also posted this on Reddit?

Lemmy is a much better platform from an ideological standpoint, but for your situation maybe increasing visibility is a bigger priority.

This was absolutely not the case back when I started using Linux back in 2007.

There's been a lot of work put into the desktop Linux ecosystem by a many different organizations and individuals to get it to this point.

Linux phones are at the stage where you need to apply a custom kernel patch to get it to sleep/wake properly on your hardware, get the camera working, etc. It will also take a long time for desktop Linux apps to get responsive (i.e. offer a good experience with a small touch screen).