Start a self-hosted server. You're welcome to join !selfhost@lemmy.ml or !selfhosted@lemmy.world.
clmbmb
joined 1 year ago
No one who really cares about Linux ever cared for this shit.
and how is it simpler to tamper with a binary tree with different tools?
I hate zscaler. At my company it's set up so that it proxies all traffic through it and comes with its own CA certificates, which breaks a lot of things - I can't install pip packages for python, I can't clone/work with git repos if they're on https only. We are used to temporarily disable it to do these things because corporate won't change the policies.
It's not slow as in slow to respond. it's slow when restarting... sometimes it takes 3-4 minutes until it's up and I don't have time for that ;-) Also, it's a good "reason" for me to learn traefik.
Thanks for the great explanation.
So, currently, as I said, I'm using nginx proxy manager and do this:
- reverse proxy to all my services inside the internal network on http: *arr stuff, rss reader, jellyfin and some other minor things. All of them use name.local.home notation. I'm using a local DNS for this, of course.
- reverse proxy to just two services externally on https under wildcard certificates - both are non-standard names and the names are not related to the services themselves. For both these services I use Authelia with 2FA, so even if an attacker guesses the subdomain name, they'll have to bypass that. As far as I can see in my logs, there are no attempts to breach my services. This is what I want to replicate and I'm planning on testing it.
On the other hand, You gave me a good idea about using *.lab.domain.com getting resolved by the local DNS and the main *.domain.com by my public DNS. I'll give this a try too in the near future. Another plan for me is to start using Authentik, as I saw it's a bit better than Authelia in some areas, even though it may be overkill for a little project - I'll have to see.
it’s probably not what you want
What do you mean?
If they're used to Windows, then KDE Plasma would be the better option IMO. If you feel it's too slow on an old laptop, then you can try Cinnamon or XFCE.
For docker, you have to create /etc/docker/daemon.json and set:
{
"data-root": "/docker"
}
You can move your /var/lib/docker while the daemon is stopped. I had no issues when I did the move.
~~I don't know how to change this for podman.~~
Slackware in 1998, installed from DOS with a series of diskettes. Then Debian, Red Hat Linux (not Enterprise!)... and so on.
This looks really interesting. I'll check it these days.
TLDW: read all the blog posts, all the discussions and make your own opinion. I lost 15 minutes of my life and didn't become any more informed or smarter.