Have my main server back home, while I’m traveling I have a script to reencode to av1 onto my local machine, works beautifully and the quality drop isn’t too bad (colors look weird but think that’s the Intel xe encoder)

Used to have miredo, which worked pretty well, but think they killed that.

Should still have old 6to4 protocols, they use ipv4 address tricks to get everything working.

This is something I’ve felt we’ve needed for a long time, but cloudscalers have their own environments that include resource management and beyond dev, if anything goes wrong they either reboot the net image or offline it for maintenance.

This is something I’ve wanted to throw together, will give it a try soon, could even be useful for development.

They probably moved it to somewhere under /usr or /var/lib.

and I trust them as a company enough that I have no interest in self hosting vaultwarden.

I pay the subscription, but I trust no company that much.

Have nginx for all my reverse proxies, it wasn’t trivial, but I used it for a lot of other things so it’s fine.

I back it up manually to encrypted json, it’s not the right way, but I never had much of a proper backup system, other than zfs snapshots and occasionally mirroring to another zfs pool.

It’s not a lot of extra work once you have the rest of your apps running, it’s fairly low maintenance and mostly just works, but again I haven’t bothered with backups really.

Edit: Running most if not all my services on freebsd as jails, that might have made it easier.

Good Ole Bobby tables.

I wish you were here.

I love what you did, especially the c++.

Using a unifi right now but this is the perfect replacement, especially since it’s programmable, just put a few nic ports on a vm and let it run.

Just beautiful.

Yeah, lidarr just takes care of it, and plexarr for playback.

I’m not homeless, though my backpack does have a wraparound pillow attached to it for when I used to camp in Chinese data centers or do chip bringup.

Have a collapsible cot in my trunk too.

Nah, I worked on router firmware, we rarely have time to finish the requirements, but I would worry if it was someone like tenda.

Put your own distro on it and be happy, intel has more root ware on that than anyone.

Many, many, many subnets, so many subnets, different subnets for vms, for jailed services, for guest wifi, ‘secure’ wifi, ‘normal’ wifi (ie phones and shit), my workstation has a routed subnet for its lxc containers, I have remote subnets for my wifi routers over vpn when I travel (with restrictions similar to home access and the same 3 ssids), an unrouted subnet for stuff like bmcs, switches and infrastructure, a subnet in my dmz with statics, the backside of that subnet, the subnet that subnet uses for upstream access.

I have a lot of subnets.

You need to start learning about ipmi, try googling ipmitool and the name of your server.

I used to, but less so now, I get that weakens the separation.

Mostly the vps is hardened to f and that’s my defense but I agree it’s a bad one.

https://youtu.be/xIAfCupuZ3w

There’s an internal ip address for the VPN server, say 4.3.2.1, you point the http dns record to that address.

The VPN server has 2 addresses by definition, an internal address and an external, public one that you connect the VPN to. Make sure the webserver only exposes itself on the private address, either by configuration (nginx/apache listen address) or by firewall (iptables -A input -j DROP)

Same as the public one, just with an internal address.

Have this on my domain, public domain with a subdomain server behind VPN and 1 host that points to an internal address.

Anyone tries to reach from outside just times out or something.

DNS is just a lookup of names to numbers, that’s all it is, the numbers can be anything, I can point my domain to Google if I want.

You’re not wrong, but at the same time suse is one of the oldest distros, and having worked with them they seem to have the best attitude, I’ve never seen them be dicks about anything to anyone.

Still, never good to depend on anyone lest they turn out evil, but I’ve hated redhat since they started, they wanted to become Microsoft from the beginning and all their code looks like it came straight out of Redmond.

So I don’t see it getting worse at least.

Hopefully IBM kills redhat with their shit touch like everything else and put them out of our misery.