Gmail offers imap amd smtp access. You have to enable 2FA, and then it will allow you to create account for so called “less secure apps”.

In your place, I’d either continue using gmail directly, or finish the configuration of the self hosted mail server and just use that with any smtp/imap client. I suggest getting a separate domain for testing first, before moving your primary inbox there.

you still need good security configuration of the exposed service.

In a sense that security comes in layers, yes. But in practice, this setup will prevent 100% of bots scanning the internet for exposed services, and absolute majority of possible targeted attacks as well. It’s like using any other 3rd party VPN, except there’s not a central point for the traffic to flow through.

From the attackers point of view, nothing is listening there.

I’ve used a similar setup in the past to access a device behind a NAT (possibly multiple NATs) and a dynamic IPv4. Looking back, that ISP was a pure nightmare.

This is not a guide to hide from the government or ISP. Just a way to tunnel to your home server without publishing the sshd for random strangers. Personally, I’d just publish the ssh and be done with it.

I would rather live without the correlation attacks

The more people using Tor, the less useful targeted disconnects become.

Which is still just as open, but also a massive calling card for anyone trolling around the TOR network

Luckily, it is no longer possible to easily sniff the new v3 addresses by deploying a malicious relay. Any attack to even reveal the existence of a hidden service would require a very specialized setup. And we’re just talking discovery, not the ability to connect and attack the actual service running there.

just connecting to Tor is very much a huge exposure imho

Exposure of what, to whom?

Of course security comes with layers, and if you’re not comfortable hosting services publically, use a VPN.

However, 3 simple rules go a long way:

1. Treat any machine or service on a local network as if they were publically accesible. That will prevent you from accidentally leaving the auth off, or leaving the weak/default passwords in place.

2. Install services in a way that they are easy to patch. For example, prefer phpmyadmin from debian repo instead of just copy pasting the latest official release in the www folder. If you absolutely need the latest release, try a container maintained by a reasonable adult. (No offense to the handful of kids I’ve known providing a solid code, knowledge and bugreports for the general public!)

3. Use unattended-upgrades, or an alternative auto update mechanism on rhel based distros, if you don’t want to become a fulltime sysadmin. The increased security is absolutely worth the very occasional breakage.

4. You and your hardware are your worst enemies. There are tons of giudes on what a proper backup should look like, but don’t let that discourage you. Some backup is always better than NO backup. Even if it’s just a copy of critical files on an external usb drive. You can always go crazy later, and use snapshotting abilities of your filesystem (btrfs, zfs), build a separate backupserver, move it to a different physical location… sky really is the limit here.

If you come from IT, you never really quit. A little parser bug here, a small race condition there, or a fucking baking oven refusing to bake until you tell it what time it is. No hope, no escape.

https://mailcow.email/

I’m not exactly sure what it is that I’ve just seen, but I am mildly aroused.

more checkboxes == more better

Isn’t that mainly a problem with recursive DNS servers? The authoritative servers are only aware of the few domains they’re hosting.

What’s wrong with miracast? Almost every device sold these days has some kind of radio, but no way to talk to each other. Releasing a new standard every few years won’t help much.

Groups multiple tokens together and creates a capture group for extracting a substring or using a backreference

With an explanation like this, I thing I’ll take the AI.

Running for 6 days, save_pieces: false

My database is currently 184 GB

I don’t, but if I did, why would they stop at just 2? I wouldn’t raise a quitter!

I selfhost stuff, so same IP for over a year.

I love this website. It’s usually pretty accurate, except for…

Two big hard monster cocks pumped up Marilyn Crystal gaping ass & pussy FS033 sd.mp4

MyDaughtersHotFriend.23.06.07.Freya.Von.Doom.XXX.1080p.HEVC.x265.PRT[XvX]

I think I’d remember those…

There are not tons of themes. There’s like 5 of them for any major release. Not even the same ones usually. Sometimes new devs resurect an old theme, and port it to the current release.

It has been years of struggle to keep it looking decent. I’m especially fond of Arctic Zephyr. It’s not really a single theme, but a framework that allows you to make your own UI, without typing a single line of code. Multiple forks has emerged and died over time, and now I’m just ignoring the osmc update prompt until some brave soul embarks on a journey to properly port it again.

Also, kodi and plex are different things. Jellyfin would be an alternative to plex.

I’m surprised this is still on github.

Back in the windows 2012 era, we knew every time a major windows update was pushed, because the same set of customers would always create a ticket, complaining about inaccessible RDP. Windows firewall is just opinionated like that.

mobile websites are all their own apps

Yeah, written in react native :D

I think we’re going backwards. Back in the day, we were grabbing and indexing the data directly from DHT.

I bet it just ends up in some poor bastards mailbox anyway. :)

I love it. If everyone did that, we could even write a sensible fontend for people, so they can look for a job instead of fighting with some sap module that’s not even properly translated from german.

You can easily integrate the jellyfin to kodi, and have both - consistent library across multiple devices AND beautiful UI.

There are 2 addons for it.

One will allow you to browse your jellyfin media using the api, and to reencode on the fly, but it’s annoyingly slow to browse the library this way.

The other one will integrate your jellyfin library to local kodi database. You just need to specify the path to your samba share in the jellyfin library. It’ll fetch the metadata from jellyfin, but access the media using SMB directly. It’s pretty fast, since kodi doesn’t have to scrape the metadata itself, and it keeps itself up to date, no need for periodic library rescans.

You obviously know a thing or two about Kubernetes. I’m trying to learn. I’ve been at the cloud native conference, I attended the vmware tanzu course, even played with microk8s on my laptop. I still look for the “aha!” moment, when I understand the point of it all, and everything clicks into place.

However, whenever I see somebody describe their setup, I just cringe. It all just feels like we’re doing simple things in an obscure and difficult way.

The technology has been here for almost a decade, and it’s obviously not going away. How can I escape the misery, and start loving k8s?

Picture somehow related…

I was brought up thinking I live in a central europe. The “heart of europe” they called it. Only once I realized that I torrent without a VPN without consequences, I accepted the fact that I’m eastern european AF.