Yeah, you can’t just use wireguard directly on a home network depending on provider (CGNAT) and you can’t just switch providers as most providers are in a non-compete with other providers. So, Cloudflare Mesh or Tailscale is the best option for those.
I’ve been looking for a new book server and discovered Booklore/Grimmory as well. Here is the history I can find on it as some of what people are saying is not 100% correct.
It was not vibe-coded. The original project predates genAI, so that wouldn’t have been since. I think some of the newer code might be, but the core seems unchanged.
The security issue mentioned is an API authentication bypass whereby book files were exposed if the endpoint was reachable (CVE-2025-62614). This has an 8.7 rating on severity, but realistically the end result is your books could be copied.
Licensing. This is the real skullduggery in my opinion. The maintainer had plans to switch from AGPL-3.0 to BSL. That might not be legal and it cuts out any contributors and sets the project up for monetization.
My concern with Grimmory is that it is too embedded with the flaws of Booklore. In testing it was really sluggish on mobile. I still need to do more testing, but aside from being graphically nice, it didn’t feel that stable. I was hoping to move away from Calibre-Web due to auto-importing not being supported, but in the end, I’ll likely just write something to support this on my end.
No, that’s not how the new EU legislation works. The new laws build off existing Digital Services Act (DSA) and legacy E-Commerce Directive (2000/31/EC) requirements. The DSA states again that you would have to lock down access to the material (once you become aware) and then inform authorities.
All site operators maintain safe harbor with EU authorities unless those two points are broken. In both US and EU pending legislation, no requirement to scan all STLs is required, so you do not have to automatically check all files like you mentioned.
I wouldn’t let that be a deterrent to starting an instance. Just make sure you understand the obligations you have as site owner when it comes to misuse. Maintain good logging and follow legal requirements (which in the US is locking down and preserving evidence and reporting to law enforcement hotlines - depending on the nature of the misuse).
I think the supply chain issue is probably the most pressing out of all of them. The other points people have are either non-issues or a result of dropping usage hogs into existing electrical infrastructure. Infrastructure can be updated, though.
Supply chain is different. There isn’t a supply shortage of chips, its that profitability dictates you should sell them to datacenters or adjacent industry. Unlike infrastructure where you can just build out more, adding more supply for chips just means you have more to sell to datacenters. Since the demand is there, end of day profits will always win.
Saw it was already commented about CO2, so I thought I’d counter-point your environment claim regarding water usage (since that is something I’ve seen a lot of too).
The ISSA had a call to action due to the AI water use “crisis”: https://www.issa.com/industry-news/ai-data-center-water-consumption-is-creating-an-unprecedented-crisis-in-the-united-states/
68 billion gallons of water by 2028! That’s a lot…right? Well, what I found is that this is somewhat of a bad faith argument. 68 billion gallons annually is a lot for one town, but those are numbers from a national level and it isn’t compared to usage from anything else. So, lets look at US agriculture (that’s something that’s tracked very well by the USDA): https://www.nass.usda.gov/Publications/Highlights/2024/Census22_HL_Irrigation_4.pdf
That’s 26.4 trillion gallons of water annually. So, AI datacenter represents 0.26% of agriculture consumption. If AI datacenter consumption is a crisis, why is agriculture consumption not a crisis? You could argue that agriculture produces “something useful”, but usefulness doesn’t factor into the scarcity of a resource. So, either its not a crisis, or you are cherry picking something that has no meaningful outcome to solving the problem.
I think the article is pretty accurate about what to expect. The author’s view is grounded in reality. They are a business, but that doesn’t mean “the capitalists are in control”. I would like to think commenters have researched Accel’s prior fundings, but I know that is not likely. In short, they do not attempt to control companies. In 300 fundings, they have never attempted to take a majority stake in any company and do not hold majority stake in any company. They don’t do acquisitions.
Accel is probably one of the few equity groups that isn’t pure fucking evil. If anyone wants to pick a fight over that, fine, but at least research that company first.
If you end up going with a SFF build, I would recommend a dedicated GPU for Jellyfin. Nothing fancy, just a low profile GTX-1030 or RX 550 to handle the transcoding. Otherwise you’ll probably run into high CPU spikes while watching content from browser or some smart TVs.
There are a lot of Docker GUI tools out there. There just isn’t Docker Desktop. Here are a few: