One of the main reasons I run my own instances (Mastodon and Lemmy). Keep the garbage blocked and out of sight.
Devices at home are named after Autobots and remote devices are named after Deceptions.
- crowdsec
- SSH - change port, disable root login, disable password login, setup SSH keys using SK(YubiKey in my case)
- nftables - I use https://github.com/etkaar/nftm to keep things quick and simple. I like the fact if will convert DNS entries to IPs. I then just use dynamic DNS update clients on all my endpoints
- WireGuard for access to services other than SSH(in some cases port 443 will be open if its a web server or proxy)
- rsyslog to forward auth logs to my central syslog server
Hard pass. Which ever vendor keeps making dumb appliances gets my money. I can live with basic "smart" appliances as well. The ones that connect to WiFi simply to tell when say the wash cycle is done by sending a message to your mobile. But I don't need no flipping AI crap in my house thank you.
940/940 unlimited for ~$90/month in Western Canada
The interest is actually higher as it's calculated on interest that's accrued on the more than $350 million award handed down last week. According to an NBC article it will be $111,983.86 on the $454,156,783.05. Note that's just against Trump himself. Doesn't include interest on the amounts against other offenders.
IF it's possible you might be able to take the ISP SFP and put it in a SFP to RJ45 media converter and then you can use any 1gig capable router. I did this with my Telus SFP.
OPNsense or OpenWRT. I run multiple OPNsense firewalls for family members all connected together with a WireGuard Mesh.
Cisco is command line for the most part until get into the APIC NSX stuff. There's others but I'm only exposed to those 2 where I work.
I selfhost both Lemmy and Mastodon. Lemmy is set and forget follow the communities you etc. Mastodon does need a little bit of tweeking after being setup. I have a script the removes remote content from my server after 7 days which keeps the used space down considerably. More details about the commands used can be found here -> https://docs.joinmastodon.org/admin/tootctl/#media-remove
Nah don't use those. Get your own direct from Let's Encrypt. Less hoops to go through when its time to renew. Acme with a crontab entry takes care of renewals automatically. Don't forget to add to the crontab line to restart nginx right after the renewal so that the new certs are used.
Edit: spelling
I have one last domain to move off Google Domains as the registrar. All my other domains are moved to Porkbun already and haven't had any issues. All of my domains use desec.io for DNS.
Hetzner or BuyVM. Only issue with BuyVM is you might have to wait for stock. You can use buyvmstock.com to setup an email alert.
I feel that Nvidia drivers in Linux will always be a pain and it's straight up Nvidias fault.
I love the remarks Linus made about Nvidia.
Not sure if it's hers anymore but it was when the "Streisand effect" came to be.
I'll just leave this here....
Works fine for me. I'm going through ProtonVPN and it loads. Using a Canada server if it matters.
Yes that's what SimpleLogin does and its part of the Proton umbrella. You can use your own custom domain or a SimpleLogin domain to create email addresses. It also enables you to send from the custom addresses so the end user never learns your true email address. SimpleLogin also has mobile apps so you can create addresses very easily.
If you have Proton Premium point your domain to SimpleLogin and use it. Its included with Proton Premium. Its helped me root out 2 places so far that have sold my email address or were compromised and failed to disclosure.