For DNS challenges, I personally prefer using acme-dns. It’s a separate DNS server that only serves ACME DNS challenges. I felt a bit uneasy using an access token for my actual DNS host since it grants full read/write access to every record. acme-dns reduces the attack surface.

Let’s Encrypt follows CNAMEs and supports IPv6-only DNS servers, so you could just run acme-dns on a spare IPv6 address (assuming your internet provider has a static IPv6 range, or you have a VPS with IPv6).

I think it’s all read-only access through, so you can only use it to import data not make new transactions.

That’s alright. Even read-only access is useful. I could write a script that pulls my current investments, prompts for the amount I’ll be investing in total, and prints out the buys (eg “buy 10 x VOO, 5 x VXF, 20 x VXUS”) that’ll keep the account balanced based on some percentages.

Does SimpleFIN use OAuth to log into bank accounts, or do you need to enter your bank’s username and password?

Unrelated to this post, but do you know if SimpleFIN supports investment accounts? If it does, it seems like an easy way to let me write a script to help rebalance my investment accounts. I might look into it.

I didn’t see a docker image

https://actualbudget.org/docs/install/docker

https://github.com/actualbudget/actual-server/blob/master/docker-compose.yml

Keep in mind that software doesn’t have an expiry date. If a piece of software is unmaintained and doesn’t have an active fork but it still fulfills your use case and doesn’t have any major issues, there’s no need to replace it. Some of the software I use hasn’t seen any updates in five years but I still use it because it still works.

Edit: As an example, a lot of people still use WinDirStat even though the latest release 1.1.2 is now 17 years old.

You need it for file sharing apps like BitTorrent or Soulseek, if you don’t want to be seen as a leech, and/or you want to use private trackers where you need to maintain a good ratio. :)