As of now I am currently using FreshRSS, although before I properly deploy this to other users in my family / friends I might give Tiny Tiny RSS (tt-rss) a shot as well. I don’t think the differences will matter for end-users as the majority of mine will likely all be using it through the API via a mobile app (e.g NetNewsWire (ios & mac), FluentReader (desktop), CapyReader (android) etc. etc.)., however the main difference that will dictate which one I stick with is the filtering capabilities and the ease of setup of article-collection with readibility / mercury to remove extrenuous content / ads.

I am also quite interested in miniflux, although it is quite intentionally bare bones. It lacks a plugin api (a potential security improvement), and instead natively supports many of the things people would use plugins for (native youtube-nocookie embedding / invidious embedding, integrations with readlater services like instapaper and wallabag, etc., integrated article fetching and parsing with readibility [and can change user agent / cookies to bypass bot protections]). It also seems to have a bit better security stance (supporting modern web browser features like passkeys, content sanitization, sanitizing url parameters in share links automatically etc.).

Miniflux definitely feels like the best ratio of ootb functionality + security, but the UI of FreshRSS feels more natural if you envisage less techy users to use it (and in my case I see one person using the website over an app).

That is what it seems like based on what I have read :/

I guess the best option in my case then is likely to add them as a non-admin user to my tailnet. The only concern I have is with the potential of one user deactivating the VPN connection unkowingly, which is probably where Funnel comes in as a better option, but I would prefer to avoid serving stuff on the web when possible. (It is specifically a FreshRSS instance for now)

Yes, there is two ways you can go about this. The way that you are thinking of (and the way that I would ideally like to go about this) is as listed on this help article. This is perfect for sharing a home server to some friends, and letting them access a given service without seeing any of your personal devices.

The other option is to have just one tailnet, but having multiple users as detailed here. Notably this can be a security regression (if you don’t limit access on a per-user basis with ACLs), but is ideal for sharing access to your entire network with your spouse / older children perhaps.

For example, I have a friend who has shared a minecraft server with me and that is an ideal example of sharing one node to a seperate tailnet. I am an admin of the server, and can manage the docker container for it + the backup sidecar and the SMB share, but that is where my access to his network structure ends.

This contrasts the situation with my partner for example, where we share a tailnet (with seperate user logins) to make things like gamestreaming just that much easier to setup. Hypothetically I can use ACLs to limit access to stuff like the Cockpit web-management portal, or block the SSH port, but I don’t feel like I need to in my specific case.

I still think a syncthing client of some form is ideal. As someone else mentioned there is the option of using the Syncthing Tray devs experimental android build. To avoid issues with sync-conflicts / maintain high-availability access to the most recent file, I sync the databse to a raspberry pi with the encryption option selected (not that the pi is untrusted per se, but it is a device that doesn’t need access to the file, it just serves the most recent changes to other devices since often my laptop / phone / desktop are not all on at the same time).

The more important metric too Canonical however is corporate / paying customer marketshare - I am guessing it hasn’t suffered too much otherwise they would have backed down on some of their decisions regarding snaps.

That frankly sounds like power-tripping / intimidation, but perhaps I’m biased living amd working in a multi-lingual environment.

There is also last.fm. I would have suggested libre.fm but they are no longer open to registrations it seems

This would replace the “algorithmic” component of spotify, I would still suggest some other options (sharing stuff in your social circle, seeing who opens for your favourite groups etc.)

Some countries have a working vacation type of visa, but most of the jobs you’d get with that arent going to pay super well and are intended on covering your living expenses while travelling.

and it would put me on the path to a better life than I would have in America

If you’re intending on immigrating, many countries have pathways for taking higher education and getting permanent residency & a career after you graduate.

There’s also specific industries that countries may give you a work visa and a pathway to immigrate (e.g British Columbia, Canada is trying to acquire healthcare workers from the US).