zfa

joined 1 year ago
[–] zfa@alien.top 1 points 11 months ago

AGH with upstream lookups over DoH, and adblock list from oisd.nl.

Split-brain topology to give internal IP in preference to public IPs for my selfhosted services, and selective routing of a defined set of domains to a geo-unblocking service so I can access things like BBC iplayer etc. from my home network.

[–] zfa@alien.top 1 points 11 months ago

I suspect your friends probably don't need access to your whole media stack.

What parts they do need access to, and from what type of devices, will determine the best approach.

[–] zfa@alien.top 1 points 11 months ago (1 children)

At least on Linux you just include the bind address and port on the cmdline, e.g:

./filebrowser -a 127.0.0.1 -p 8008

EDIT: Just downloaded the Windows bin and seems to be exactly the same.

[–] zfa@alien.top 1 points 11 months ago

It would be remiss of me to not point out that up until somewhat recently they had a gaping wide security hole (for presumably years) that allowed any customer to send email as any other and fully pass their spf and dkim checks (due to shared keys and having no way of ensuring their users could only send mail from domains under their own account).

When this was disclosed they abused the reporter, kicked him off their service without giving him time to back up his mail, tried to discredit him, lied that their bad practices were commonplace throughout the industry (narrator: they weren't) before finally going around removing all traces of the discussion. I was lucky(?) enough to see the reddit side of it as it unfolded and I've never seen such pseduo-tech bullshit being thrown around and well as nasty attacks on the reporter.

So yeah, they're cheap but they also seem pretty poor technically (or at least were) and seem like horrible people. YMMV of course.

[–] zfa@alien.top 1 points 11 months ago

Nah, no idea what you're on about. Must be a young man's thing lol.

[–] zfa@alien.top 1 points 11 months ago (3 children)

Lol, you're gonna have you work cutout if you're going around downvoting and saying that on every single comment that ever mentions a VPS.

Hosting your own MC server, no matter where, is a perfectly fine 'self-hosted' counterpoint to using a Microsoft Realms subscription. What ridiculous gatekeeping, lol.

[–] zfa@alien.top 2 points 11 months ago (5 children)

Seeing as you say port 25565 you're using Minecraft Java, so i'd prob just do this:

https://blogs.oracle.com/developers/post/how-to-set-up-and-run-a-really-powerful-free-minecraft-server-in-the-cloud

Couple of points:

  1. Make your account PAYG to lessen likelihood of server being shutdown (will still be free)

  2. Take nightly backups just in case.

You could stump up for a management console like AMP if you want to make things a bit easier.

GL.

[–] zfa@alien.top 1 points 11 months ago (1 children)

I don't self host anything where it would impact me unduly if it went down while I was on holiday to the point where I'd have to break state and go fix stuff.

I don't want to have to leave my beer or beach and head off to fix things like an email server, restore a password manager db etc. so anything like that which is critical to the point where an outage would prob have me do so means I pay someone else.

[–] zfa@alien.top 2 points 11 months ago

Outside of fixing your SSH issues, you should also change from using 11.0.0.1 for WG as that's a public IP. See RFC1918.

[–] zfa@alien.top 1 points 11 months ago

Gaming server? VPN? File-sharing?

[–] zfa@alien.top 1 points 11 months ago

I don't self host anything where it would impact me unduly if it went down while I was on holiday to the point where I'd have to break state and fix stuff.

A password manager falls in that camp so it's paid-for Bitwarden every night every day every possible way for me.

Sure Vaultwarden suits others - generally those who either want control of their data, smaller target on their back than a public instance user, watching their pennies etc.

[–] zfa@alien.top 1 points 1 year ago (1 children)

Normally fine but if you want to be more careful about what is being pushed to your server you can use something like diun to get notifications and run updates manually.

Personally I love dockcheck, which I think is by a guy on the sub. I tend to just run that every now and again and be done with it unless I am notified of a perssing update, although I do still have a couple of things I don't care too much about just auto update with watchtower.

view more: next ›