First off you should realize that the registrar’s and domain name servers don’t have to be the same. Feel free to use any registrar (ex: namecheap, gandi, etc) and host the domain name server anywhere else.

Secondly, if you want a good API for dynamic updates, I’d recommend looking for something that supports nsupdate, which is bind’s built-in update mechanism. It’s supported almost everywhere, including by let’s encrypt clients like Lego.

Can’t believe no one has mentioned Inovelli yet. Developed with the community, with OTA support in Z2M, they are absolutely fantastic and incredibly flexible!

https://inovelli.com/ blue series

PCIe absolutely does support disconnecting devices. It is a hot swap bus, that’s how ExpressCard works. But it doesn’t mean that the board/uefi implements it correctly.

You should be good to go. Make sure vfio is loaded in the modules-load.d

vfio
vfio_iommu_type1
vfio_pci
vfio_virqfd

Make sure the module options are set correctly and the kernel module is blacklisted in /etc/modprobe.d/vfio.conf

options vfio-pci ids=1000:0097
blacklist MODULE_NAME

Make sure.IOMMU is enabled in your kernel command line (ex via grub): intel_iommu=on iommu=pt

This is probably not complete, but it should get you pretty far into allowing you to add the pci device in the hardware config of your vm

WordPress shop maybe?

Not sure about you latter point tbh. I run an email server, with nothing but grey listing and spamassassin and the amount of spam is absolutely minimal.

Proper config and fail2ban easily takes care of direct attacks.

Nevertheless, I wouldn’t recommend it to anyone but the most determined.

The domain won’t change that. Even with a static IP if it’s coming from an ISP owned up block you’re likely going to get banned. Even with reputable VPS’ it’s hard. Make sure you have DMARC, DKIM, and SPF setup, but even then almost certainly going to get banned. The big player are creating and inherent monopoly instead of improving their spam filters.

As you’ve mentioned, I highly recommend you look at Prosody for the server. It is by far the easiest, but also really really good. The only thing ejabber might be better at is for extremely large deployments with failover and load balancing.

XMPP doesn’t use sip, it has its own protocol for voice and video calls (called Jingles). All servers, afaik, support it. On the other hand, SIP/RTP servers such as FreeSwitch and Asterisk do support Jingle bridging!

OMEMO and GPG support is purely a client side thing, so server support is irrelevant. Though some servers can be configured to refuse to pass unencrypted messages.

With XMPP bridges are usually implemented as external components (a feature built-into the XMPP standard). Slidge franeworm seems to be the latest and greatest in terms of external bridges: https://sr.ht/~nicoco/slidge/ a WhatsApp bridge is built using it: https://git.sr.ht/~nicoco/slidge-whatsapp

Prosody is also really easy.

Does snikknet federated properly? It’s weird they don’t seem to mention XMPP anywhere on the site

But your cousin almost certainly already uses XMPP, in the form of Messenger, WhatsApp, iMessage, gChat, Zoom, or something like that…

Sounds like your problem could easily be solved with a symlink…

Also for externals see: https://stackoverflow.com/questions/571232/svnexternals-equivalent-in-git/18088319#18088319

What you’re looking for is git-annex

Yes of course, with dm-crypt (luks), very little as AES-NI is incredibly fast.

Go on the demo site?

If cheap (but reliable) is your main criteria, check out buyvm.net they’ve been solid over the years

Use a controller with WLED

For one you offload the entire processing and driver handling to the VM, so if the OS wants to do something funky, it can.

Another option is to pass through the PCIe devices to the VM.

OpenWRT?