SirMaple_

Devices at home are named after Autobots and remote devices are named after Deceptions.

• crowdsec
• SSH - change port, disable root login, disable password login, setup SSH keys using SK(YubiKey in my case)
• nftables - I use https://github.com/etkaar/nftm to keep things quick and simple. I like the fact if will convert DNS entries to IPs. I then just use dynamic DNS update clients on all my endpoints
• WireGuard for access to services other than SSH(in some cases port 443 will be open if its a web server or proxy)
• rsyslog to forward auth logs to my central syslog server

I selfhost both Lemmy and Mastodon. Lemmy is set and forget follow the communities you etc. Mastodon does need a little bit of tweeking after being setup. I have a script the removes remote content from my server after 7 days which keeps the used space down considerably. More details about the commands used can be found here -> https://docs.joinmastodon.org/admin/tootctl/#media-remove

Nah don’t use those. Get your own direct from Let’s Encrypt. Less hoops to go through when its time to renew. Acme with a crontab entry takes care of renewals automatically. Don’t forget to add to the crontab line to restart nginx right after the renewal so that the new certs are used.

Edit: spelling

I have one last domain to move off Google Domains as the registrar. All my other domains are moved to Porkbun already and haven’t had any issues. All of my domains use desec.io for DNS.

Not sure if it’s hers anymore but it was when the “Streisand effect” came to be.

I’ll just leave this here…

Yes that’s what SimpleLogin does and its part of the Proton umbrella. You can use your own custom domain or a SimpleLogin domain to create email addresses. It also enables you to send from the custom addresses so the end user never learns your true email address. SimpleLogin also has mobile apps so you can create addresses very easily.

If you have Proton Premium point your domain to SimpleLogin and use it. Its included with Proton Premium. Its helped me root out 2 places so far that have sold my email address or were compromised and failed to disclosure.