Let’s see the rule(s) then
Let’s see the rule(s) then
Just configured your mail clients pop/IMAP server as your fetchmail target and SMTP as your hosted service.
Yes and what exactly is a radical feminist to you
I just recently learned this.
For OsmAnd, go to search, then the categories tab, and then hit “Online Search”.
Voila, address lookup.
Just know that this is a step forward in the direction of making it technically possible to force people to usw the app.
I disagree. There is nothing stopping that as it is. What this really does is remove one more level of control from the end user on their device.
Ask yourself if you trust them to not try and profit from this.
Im not sure what you are getting at here. Of course i don’t trust “them”. Nor do i trust any corp. It’s those reasons among others why i have completely removed google from my computing life and almost exclusively use open source software as well as self host functionally all network services.
In the scope of wireguard it’ll just be a matter of you building appropriate firewall rules.
Since you want their internet traffic to go through you then i assime you’re effectively pushing a 0.0.0.0/0 route to your clients. You then need to add firewall rules on your server to block traffic to its local subnet and in the future allow traffic to only your jellyfin server.
This is also pretty simple and nothing wrong with that setup.
Correct. I’ve never used banking apps in the first place anyway. If my bank doesnt have a functional website then I would change banks.
And i say this not to be difficult or contrarian. I just really hate using apps for every business in existence and simply refuse to do so. Yes I have absolutely sacrificed convenience on many occasions due to this principal.
Well that’s an easy fix. I just won’t use those apps.
You did not answer what VPN tech you are using.
Without that knowledge i would recommend setting up tailscale and having your users use that. If you want to be fully self hosted you can also run Headscale as the control plane instead of relying on Tailscales own service.
I recommend tailscale as it is very easy to grant a user privileges to ONLY use an endpoint as an exit node but also grant access to any other endpoints as needed (such as your future jellyfin server) via theor ACLs.
Best practices comes down to what you do or do not want the VPN clients to access. This mostly comes down to routing and firewall rules.
So, what should your users have access to?
Also what is the vpn?
I’m not entirely sure what the actual question is. Can you rephrase what exactly you are trying to accomplish?
If you want simple you’ll have to manually decrypt each time it needs doing.
If you want it to be “automatic” then your best bet is something network based. A “simple” would be to just have a script ssh’s somewhere, pulls the decryption key, and then decrypts the disks. There’s plenty of flaws with this though as while a threat actor couldn’t swipe a single encrypted disk they could just log in as root, get your script, and pull the decryption key themselves.
The optimal solution would be to also encrypt the root partition but now you need to do network based decryption at boot which adds further complexity. I’ve previously used Clevis and Tang to do this.
I personally don’tencrypt my server root and only encrypt my data disks. Then ssh in on a reboot or power event and manually decrypt. It is the simplest and most secure option.
I backed this: https://www.crowdsupply.com/cool-tech-zone/tangara
Its not yet released and is in the manufacturing process but I think it’s worth considering
I prefer restic for my backups. There’s nothing inherently wrong with just making a copy if that is sufficient for you though. Restic will create small point in time snapshots as compared to just a file copy so I’m the event that perhaps you made a mistake and accidentally deleted something from the “live” copy and managed to propagate that to your backup it is a nonissue as you could simply restore from a previous snapshot.
These snapshots can also be compressed and deduplicated making them extremely space efficient.
Assuming the implementation is done in such a way that I am not indirectly owned by the manufacturer of the BCI and am capable of maintaining its software and firmware myself…yes yes absolutely yes stick that shit in my head.
But if it is not open source and I’m expected to be tied to some corporate entity just to utililze it, no, absolutely not.
Trust no one. Not fully at least.
Just look at the bit rate of what you are streaming and multiply it by 3 then add a little extra for overhead.
I mean I’m not sitting here defending soldered on ram but your unnecessary aggression and sarcasm in your previous responses overshadows the fact that while solder on ram sucks for the upgrade and repair market the underlying tech has very tangible improvements and now we can maintain that improvement and the upgrade and repair functions.
I agree, soldered ram is bad. But I disagree that LPDDR ram is fundamentally bad and this improvement allowing it to be modular while maintaining its improvements is a very good thing.
As far as your complaints of battery life on your thinpad goes, there is much more to battery life than the consumption of the memory but naturally every part plays a role and small improvements in multiple places result in a larger net improvement. I’m assuming you’re running linux which in my experience has always suffered from less than optimal power usage. I’m far from an expert in that particular area but its always been my understanding that it is largely caused by insufficient fireware support.
As a whole this looking at this article in a vacuum i only see good things. A major flaw with lpddr has been address and i will be able to expect these improvements in future systems.
I constantly hear this but I just want to be the counter argument here.
Self hosting email is not the impossible tasks that people make it out to be. It is on the more advanced side of things though if you are hosting your primary email that you rely on.
I’ve been hosting my own email forany years now and have had no issues whatsoever but I also have years of experience and know how email works better than many that have no interest in such.
I would NOT recommended starting your self hosting journey with email but I will never discourage people from doing it.
Take your time. Ask questions any time you don’t understand something. Be ready to learn a lot and design a solid plan for disaster recovery.