That still wouldn’t get past your firewall

All of my services run on LXC containers. Some files and configs are backed up to NAS and offsite. The containers are snapshotted in their entirety before I do any work on them. A snapshot takes 5 seconds to make and causes no downtime. If I regret a change or mess it up, I can restore the snapshot in under a minute at the cost of some seconds of downtime.

My only non-container machines are my desktop (doesn’t count), my NAS and the Hypervisor. The Hypervisor is very clean and wouldn’t be much fuss to reinstall and the NAS is literally just Debian with NFS. All of these have a regular rsync which runs to backup the important files.

By having it be a container

Well, obviously they don’t want you to!

You sound like you have zero costumer contact, thank god

we are not obliged to accept it here.

He wasn’t obligated to respond at all. He choose to be unchill. He wasn’t even the person they replied to, and neither are you the person I replied to. Seems to me like you guys just wanna complain!

bro chill

Subsonic is also a protocol (and opensubsonic) which supports many other clients, if you want. Personally my music collection is just hosted on gonic, a server-only subsonic implementation and I stream it to whatever clients I want.

I’ve been waiting since the initial announcement. It’s gonna be so good!

I don’t think you understand. I know privacy extension is for outbound and not inbound, but what use is it on a server?

I think there’s some misunderstanding

I get how IPv6 works, I got a /48 from my ISP. The problem is that I have some 15 devices here that I have to refer to in DNS and either I have to change their static IPs or I have to change their IPs in DNS if the prefix ever changes (it shouldn’t, because I pay for them to not do that). My laptop, phone and desktop do not get a static IPv6 and use the privacy extension. Is that not how you’re supposed to do it?

if your prefix ever changes you’ll have to update it everywhere

I mean that’s a good point but I’m paying money to not have my prefix changed. If I were to do it the intended way using DNS, how would I set up the DNS to be prefix agnostic? How would I reference devices in the firewall?

Very useful, but I don’t understand concept 1, “Don’t pick numbers”.

If I’m right, it’s basically saying don’t do stuff manually, just let the computer do it. I kind of disagree with this. All of my fixed devices have a fixed IP that I manually assigned and derived from the original v4 schema I also have. For example 192.168.x.y becomes prefix::y

Am I misunderstanding something?

This is the less edg version of my naming scheme; greek gods

I’m not a programmer but I work with IT and I regularly need complex shell scripts. ChatGPT has enabled me to skip the largest portion of slamming my head against the wall by writing the script for me and then I can tune it if it gets something wrong. Saves me hours and hours of my life.

and porn

If my ISP didn’t constantly break my network from their side, I’d have effectively no downtime and nearly zero maintenance. I don’t live on the bleeding edge and I don’t do anything particularly experimental and most of my containers are as minimal as possible

I built my own x86 router with OpnSense Proxmox hypervisor Cheapo WiFi AP Thinkcentre NAS (just 1 drive, debian with Samba) Containers: Tor relay, gonic, corrade, owot, apache, backups, dns, owncast

All of this just works if I leave it alone

I think the point is that root is a universal user found on all linux systems where as users have all kinds of names. It narrows down the variables to brute-force, so simply removing the ability to use it means they have to guess a username and a password.

Do you like dry reading? I do, and I started here http://intronetworks.cs.luc.edu/

That’s the source code for the Discord bridge, I’m talking about Beeper

I’ve already had Discord accounts snupped out from under me for not giving them my phone number, I don’t wanna give them a real reason to ban me 😅

That’s not what I asked

How is beeper reading my Discord DMs without breaching Discord TOS?

e: Their ToS and privacy clauses are way too opaque for something that’s not open source. No from me, Ma’am.

I can’t recommend Navidrome to people who aren’t necessarily big on self-hosting, it’s simply far too big of a project. Gonic is very narrow in scope and it’s a drop-in binary; just works.

Stream your own music at whatever quality you have it in!

server https://github.com/sentriz/gonic

client https://f-droid.org/packages/org.moire.ultrasonic/

Good to know!

what do you mean upgrade WiFi to any device?

Wireguard and DNS filtering (albeit not as fine tuned and automatic as pihole) can all be done on OpnSense

I recommend OpnSense on whatever modern low-power hardware you can get your hands on, ThinkCentre, NUC or whatever, if you are okay with a separate device for WiFi or do not need WiFi. WiFi APs can be had for as low as 20 bucks and are usually straight forward to set up, but you gotta shell out more if you want the latest and greatest connectivity.

There is also the possibility for adding WiFi directly to OpnSense but I have not even bothered touching it. If you love tinkering and suffering, that’s a route you can go.

For the love of God, if you’re going to install PfSense, just get OpnSense instead. It’s just better.

rsync for backups. SMB / NFS for things I need on a daily basis. SSH FTP (use whatever client you want) for things I need rarely but don’t wanna bother with SCP and I especially don’t bother ever setting up vsftpd for ‘real’ FTP.

All they achieved was make me not ever engage with their website in any capacity. I’m not making an account, I’m not logging in. If I can’t see the content without logging in, or with a proxy, I’ll just never see it. It’s no sweat off my back if I can’t see some random porn someone linked in a group chat.

I’m very uncertain about your network topology. Why is WAN 192.168.x.x?

I’m not really sure what this does that necessitates all of this code and backend? I just have a single HTML file with embedded CSS, and it looks better than their demo.

Because it’ll stop working on a not-insignificant portion of their userbases devices.

take a look at https://github.com/acmesh-official/acme.sh