If when you run a fingernail over it, if your nail catches in the scratch, the scratch is very likely too deep to fix with paint correction(like buffing/polishing).

A proper fix will require prep, painting and blending, which you shouldn’t try to do yourself. You could buy a touch up stick that matches your paint to cover the scratch. It won’t look perfect and won’t last forever without clear coat on top, but it will prevent rust.

Before you decide how you’ll deal with this, you can bring it to a body shop for an estimate, most shops will do that for free. Most shops can give you an estimate from photos emailed or submitted to their websites.

For most purchases, people really only have vanishingly few choices of companies to buy from. A truly free market might work, but the profit motives that have corrupted our political, legal and regulatory systems has made most markets into oligopolies. These companies work together to manipulate prices, without ever directly communicating in a way that can be punished.

For a free market to really drive prices down there needs to be real competition. When eggs went up in price, they allegedly did so because of avian flu. But that flu only affected a small amount of the production. Cal-Maine, the largest egg producer in the country, lost no egg production at all. Yet they increased their prices massively. If the market was working as you say it does, Cal-Maine would have kept their prices low to capture more market share. Instead they saw that other producer might have to raise prices and preemptively raised their prices.

I wouldn’t say I am ashamed, but I cannot believe I liked Insane Clown Posse and thought it was legitimately good music.

Rsync everything besides media to a Storj free account. I also rsync my most important data(docker compose files,config files, home assistant, a few small databases) to Google drive.

I have many of my services open to the internet, but behind authelia w/2fa and a reverse proxy. I haven’t had a security issue yet, been running this way for a few years.

I think it’s pretty safe as long as you keep them up to date. I run backups weekly and do updates at least once a month.

Using geoip restrictions will also help a lot because you can block most of the scanner bots by denying connections from outside your geographic region. These bots detect what services are open to the internet and then add them to databases like shodan. If a security flaw is found in one of those services, hackers will search those databases for servers with those services running and try to exploit them. If you aren’t in those databases they can’t easily find you before you are able to patch.

We’re also in a big vehicles arms race. I’m always telling people about how big vehicles cause more kids to get run over, more pedestrians to die, more damage in accidents, etc. The most common response from giant vehicle owners is that it makes them feel safer in an accident.

In 10 years they’ll probably all be driving tanks with stadium lights mounted on top.

I think SSO is less important than having everything behind the reverse proxy. The importance of the proxy is that if there is a security hole in the web server component of your service, it cannot be exploited without a second flaw in the proxy. It’s an additional layer of abstraction and security that doesn’t add a ton of overhead.

An attacker would have to find an exploit in nginx, which is used by most of the big tech companies, so it is well secured compared to the services many of us selfhost.

Another advantage of using SWAG is being able to use fail2ban and geoip restrictions. Any ports open to the ipv4 internet get scanned by security services and malicious actors many times each day. It’s nice to be able to have nginx refuse connections from any of them that repeatedly fail to login, or that come from outside your geographic region.

If you’re going to try Authelia and a reverse proxy, I recommend using SWAG. It’s a docker container that includes Authelia, nginx, fail2ban, geoip restrictions, and has premade config files for most of the selfhosted software that people run. The config files are especially useful since they include comments that describe the settings you need to change within the services you run, like changing the external domain in Emby for example.

https://docs.linuxserver.io/images/docker-swag