I understand your position better, indeed. Thanks for taking the time to explain! You’ll be happy to learn that what you describe, EUI-64, is not the only way to generate an IPv6 address. The router will give you the prefix in any case, but there is the Stable Privacy Addresses scheme if you want the link-local part generated automatically, and you can set up a static IPv6 address (or several) on your machine, and the router will just have to shut up and deal it to you (for the local part, the prefix is still coming from the ISP)

Why not on IPv6? If you received a /64 from your ISP and pick only one IPv6 for Tor, I don’t see what the issue would be…

Secrets go in Keepass.

For server configs, a LibreOffice Writer file per machine (except for RPs, I only have one for those), written as a didactic manual explaining how to install and configure everything (I work on bare metal still). I started that way since diving into self-hosting was also a way to learn Linux, Sys-Admin and web-hosting. I don’t do anything without updating the relevant chapters, or creating new ones. Not gonna lie: it’s tedious. But also a life-saver, and the rationals for my choices remain available years later, which is priceless in many ways.

Once upon a time I had neat network gear running, and I mostly YOLO-ed the doc for those, relying instead on the firmware/config backups. I had to put those devices away, but when I finally get to play with them again, I’m going to suffer re-learning and re-discovering everything.

Recently, I got to hack and old console, and just did a chronological log-file with actions taken and URLs to guides, instead of writing down everything myself. It got me thinking I might add a simple log-file to track my actions, on top of my usual guides.

Or not. Having a life is nice too 😅