I cannot fathom what a respectable website would need with a port scan. They should normally just be listening to/broadcasting on 80/443. Is it looking to see if the normal html ports are remapped? That’s the only reason I could imagine.
Yeah you can copy and paste images into a note just fine.
Joplin is great. It can’t do the handwritten notes like onenote as far as I know, but otherwise I think it’s got pretty good feature parity. You can sync it using an existing nextcloud, WebDAV, or even onedrive or dropbox if you don’t want to deal with the hassle of self-hosting at all.
The requirement of managing an LDAP or AD directory service just to get some auth for NFS is a dealbreaker for like 99% of people. It’s such a dumb protocol for the average user and was designed with only huge corporate clients in mind.
Just give people a simple password auth or let them exchange private/public keys between the devices that need to connect!