First, confirm if you can access Cockpit by going to the https://localhost:9090, If not, follow the Fedora instructions here: Having some familiarity with Command Line is essential. Your graphical package manager may or may not include Cockpit.

https://cockpit-project.org/running#fedora

Cockpit does sometimes allow you to install “plugins” from the web GUI, but in my experience (both on Debian and Arch), it doesn’t do it to well. If you can’t install plugins for 45 Drives file sharing plugin, you will need to do it manually:

For the 45 Drives plugin to enable sharing: https://github.com/45Drives/cockpit-file-sharing (I believe it’s the “Direct from .rpm” section if you scroll down in the Readme)

From there, once you are logged into Cockpit on the left you will see a link for “File Sharing”

This isn’t as complex as it may seem as long as you follow their steps you should be golden.

I only use a Windows VM For our ancient (in computer terms) Canon LIDE 60 scanner which seems to work best there (linux produces highly grey contrasted scans).

For all of our scanned documents from the scanner, I have it mapped to a network drive via Samba Shares. Since you are using Fedora, I think you may already have Cockpit installed. This makes it a lot easier and is a web gui to manage servers. You can usually access it on your Desktop via https://localhost.9090 Then you would need to install 45 Drives File Sharing plugin and setup a SAMBA share.

From the Windows VM, just map to the same workgroup you set in the SAMBA Share you created and give it a drive ID such as F:

You can always use something like SSHwifty It retains your logins through your browser’s session data and never on your server, but it will allow you to remote into your local system from anywhere on the WWW if you desire to do so. With Tailscale, once you are connected into your Tailnet, you can pretty much SSH into any of your devices as long as the subnet sharing flag is turned on I believe. I’ve never had any issues with mine not allowing any SSH connections.

For terminal, the first thing I install is Midnight Commander - dual pane file manager. https://midnight-commander.org/

For all of my physical Linux machines - Cockpit and Cockpit-File Sharing plugin.

Desktop

• Thunderbird

• Firefox

• Vivaldi

• Gnome

• Chromium I use Firefox, wife uses Chromium and My WFH job I use Chrome. Vivaldi is a backup browser, I’ve been messing around with.

• QEMU/LibVirtd - So I can run a Windows VM for my old Canon Lide 60 scanner which scans clearly there, otherwise in Linux, it’s contrasted super grey for some reason.

• Kopia-UI - Backup system which supports NFS Shares - set and forget type of setup.

• VLC - Need I say more? Lol

• OnlyOffice - Better aesthetically IMHO than LibreOffice

• PDF Arranger - Works well to re-arrange pages or rotate them after scanning them in. (I self host Sterling PDF and will probably switch to that later)

And for some inspiration - the “Awesome Linux Software” list (Not mine) similar to the other Awesome lists you see around. https://github.com/luong-komorebi/Awesome-Linux-Software

Homebox - before we relocate - whenever that is, I will be printing labels and putting them under and behind my stuff, scanning it into there and then will use that to keep track of our items after the move to know what is in which box etc.

NocoDB Self Hosted (I use this for a few things) - started out with my network ip’s I have on my servers and ports for my containers and most recently a sleep log.

Just a couple there.

Grafana + Prometheus dashboards can be quite addicting or useful. Noted.lol put together a nice tutorial for getting started.

For most of my services though, I simply use Uptime Kuma which then sends an alert to Gotify when my services go down or whatnot, Gotify then instantly notifies my phone so I can be aware. It helps keep the spouse happy when their go to service for some reason crashed. :)

From their readme. I asked about that last night and he replied an pointed me to it. :)

Kiosk mode

Kiosk mode can be activated by a checkbox on the page. Note that there is no way out of kiosk mode (except refresh or closing the browser), and the play/pause and other controls will not be available. This is deliberate as a browser’s kiosk mode it intended not to be exited or significantly modified.

It’s also possible to enter kiosk mode using a permalink. First generate a Permalink, then to the end of it add &kiosk=true. Opening this link will load all of the selected displays included in the Permalink, enter kiosk mode immediately upon loading and start playing the forecast.

I didn’t see IIS mentioned, but I didn’t take a close look at the code. They give you a docker run command to set it up, so I converted it to a docker compose file so I can run it later. All of this is running on a Debian 12 system, so if IIS is needed, I’d wager that is if you are running a Windows setup.

I have mine embedded in Home Assistant now as an iframe using the Kiosk mode setting which works.

Looks nice! I set mine up and have it as an Iframe in Home Assistant. The app is a fork from https://github.com/vbguyny/ws4kp with his demo site here: https://battaglia.ddns.net/twc That version has the music we all came to know and love from back then.

Authentik is my IDP provider so I put it in front of all my publicly facing Apps which support OIDC login. For example, I can log into my Portainer instance from an external network, but to do so, I log into Authentik First which sends it to my service.

For the apps which support HTTP headers, like I said, Pomerium acts as the service which passes my credentials to the device. I admit - Authentik does this also without the need for Pomerium, (through their flow settings) but I found Pomerium to be much easier to set up for this than Authentik and haven’t looked back or felt the need to change it.

With that, I use Pomerium for apps which accept a HTTP Headers, for example, my Fresh Tomato firmware flashed router, it has a HTTP dialog. This allows me to login from the road if I need to manage something like rebooting it or updating firewall rules etc.

My access flow is this :

router.example.com —> Cloudflare Tunnel —> Pomerium IP —>Authentik —> Router’s Gui.

It works flawlessly. I don’t often use it, but when I do, it helps. I also had it enabled for AdguardHome but moved to Technitium DNS which I prefer and that doesn’t have the HTTP Headers so it’s not fully compatible with Pomerium that I’m aware of.

I use Ferdium on my desktop and self host my server for it, then just add it through there. Works quite well. Plus, with Ferdium, I can add other services such as Discord, and Mastodon so, it’s sort of my go to hub for a lot of my social media.

For those that don’t want to go back to the Dark side (Reddit), the post referenced a theme (Grey Layout global theme) which got KDE Dev’s involved who in reaction removed the listing from the store.

In short - the theme ran code to run a rm -rf on the user’s drive which wiped everything during install. Aside from backing up your data religiously, be sure to inspect the code instead of blindly installing for now. KDE Dev’s said they will need to do better so I expect some changes are afoot to provide better security.

I am testing it and it seems to run every 5 minutes to sync. Handles standard IMAP and POP inboxes. No auth for main page, so they caution appropriately to avoid public facing web exposure. They are planning on adding more support for Gmail and the like:

https://github.com/bandundu/email-archiver/issues/6

It installs by default in debug mode which may or may not be a red flag depending on your security model.

The email search is fast, but could use work, I will say it is VERY early in development. But for downloading email for later storage, it should do. It stores your e-mails in a SQLite database in the same directory as the installer, so if you want to manipulate the compose file a bit, it should be able to point to your desired storage directory. With that said, I also was able to add a TZ= directive so my logs at least are a bit cleaner with timestamps to match my timezone, something they have not added.

If you wish to access this remotely before they add a public facing login, protect it with a SSO solution or other front facing login setup so it would not be accessible. Or securely access it via Wireguard, TailScale, or Headscale.

I use Proxmox and don’t use Truenas. My setup is basically to install Cockpit on the host server via apt-get and then the 45 Drives cockpit-sharing plugin. This provides the NFS and Samba sharing I need and use. I host Home Assistant in a VM and Docker containers in a few LXC containers which host about 10 containers each. Then, in combination with https://tteck.github.io/Proxmox/ you can set up pretty much anything you need from there.

This is on in computer terms, ancient; a 13 year old Dell Optiplex 990 with 16gb Ram and software such as Authentik and Vaultwarden from different dedicated LXC containers. Never have any issues with overload of the system resources or running out of memory. It’s pretty much rock solid.

Tailscale is but since you already tried them, maybe headscale that’s supposed to be the self hosted version of Tailscale that someone wrote, so you have better odds at less latency! https://headscale.net/

Zerotier? Not sure -https://www.zerotier.com/ can speak more to this.

If behind CGNAT and forwarding is not an option, Headscale, Tailscale or ZeroTier may be an option. I use Tailscale and it have ZERO forwarding on and can access anything on my network when connected through it. Think of these as Wireguard on Steroids. :)

As Another Proxmox user - I’ve been doing well with it. I use these scripts for the LXC’s which has been fantastic:

https://tteck.github.io/Proxmox/

I also can log into it from the web as it’s secured by Authentik, SSO OIDC login when Away from home and need to manage it. Rare! But the option is there! :)

YAY!!! FINALLY! From the site:

"KWin’s “Active screen follows mouse” setting is now gone; now the active screen is always the one with the cursor on it, or the last one that was tapped with a touchscreen. This turns out to be much simpler and it’s what we think most people wanted anyway, hopefully alleviating complaints about OSDs and new windows opening on unexpected screens"

That was one of my most annoying issues, but learned to work around it. But on the rare occasion where I end up clicking and I don’t realize that my mouse was on the the other screen, this will be a huge improvement. (especially when I have my Always on top windows for my job)

Xpipe https://xpipe.io/ is an alternative it runs and stores your data locally on your machine and not web based. I’ve been playing with that a bit, it does auto discover Containerized apps and you can sort of exec into them to run commands and also browse the directories of your containerized apps with a simple click in a File type GUI. It uses your OS’s default Terminal application so it won’t bring any extra with you so it’s more native to your OS.

I’ve been a Konsole user on KDE for a few years now and it’s pretty much what I’ve been used to. Trying out Xpipe now and Termius about a year ago, I can say that Xpipe is stronger in it’s ability to interface with my containerized apps (Docker), but lacks the polish that Termius has visually. They both get the job done, but at the end of the day, I still reflexively just hit my Ctrl+Alt+T key combo to log into my machines.

Then, for a whole different take, SSWifty! https://github.com/nirui/sshwifty - Instead of launching an app, deploy this on your server, and then use your browser’s session to securely access your sites.

I got lost with setting up a nice inbox downloader to store all my emails on a HDD attached to my RPI4, but haven’t quite mastered the SMTP server part or found the right software to run on it. It’s currently powered off waiting for a reflash of the SD Card so I can try again. The end goal for mine is to set up fetchmail and have it grab from my inboxes then imap capabilities so I can read it in Thunderbird. (Don’t talk to me about webmail, I know it’s the way but I’m older than Star Wars (Original one) and am stuck in my ways. Now get off of my lawn!

Seriously though, I have tinkered with it before as an AdguardHome Server, but somehow, my latency increased so I dropped that. Most of it’s life was spent hosting Home Assistant on it until I moved that to the umm…more controversial Proxmox VM method. I’m also on the fence about setting up the Raspberry Pi Nextcloud on it. (Maybe).

Here is a good resource for 36 different things you could possibly do with yours.