Some game servers, some ISPs don’t provide IPv6 for (some of) their customers.

Dev needs to eat.

• xtream
• mpv

It’s a simple IPTV app. It supports m3u as well as xtream. It can be controlled by keyboard and opens videos/streams in a new mpv window.

I really like it although it does not do advanced things like showing program etc.

Arch requires reading the manual to install it, so installing it successfully is an accomplishment.

It’s rolling release with a large repo which fits perfectly for regularly used systems which require up-to-date drivers. In that sense it’s quite unique as e.g. OpenSUSE Tumbleweed has less packages.

It has basically any desktop available without any preference or customisations by default.

They have a great short name and solid logo.

Arch is community-based and is quite pragmatic when it comes to packaging. E.g. they don’t remove proprietary codecs like e.g. Fedora.

Ubuntu is made by a company and Canonical wants to shape their OS and user experience as they think is best. This makes them develop things like snap to work for them (as it’s their project) instead of using e.g. flatpak (which is only an alternative for a subset of snaps features). This corporate mindset clashes with the terminally online Linux desktop community.

Also, they seem to focus more on their enterprise server experience, as that is where their income stream comes from.

But like always, people with strong opinions are those voicing them loudly. Most Linux users don’t care and use what works best for them. For that crowd Ubuntu is a good default without any major downsides.

Edit: A major advantage of Ubuntu are their extended security updates not found on any other distro (others simply do not patch them). Those are locked behind a subscription for companies and a free account for a few devices for personal use.

Sadly they’ve gone up in price over the last 6 months.

Mindfactory had 16TB for 160€ (10€/TB), but now they want 240€ for 18TB (13.3€/TB).

On eBay there’s sellers like HMCW, which are now also more expensive. But returns/warranty are questionable to say the least.

Edit: I wanna punch myself because I didn’t get one at the time.

Yes, even IPv4 was intended to give each device in the world their own IP, but the address space is too limited. IPv6 fixes that.
Actually, each device usually has multiple IPv6s, and only some/one are globally routable, i.e. it works outside of your home network. Finding out which one is global is a bit annoying sometimes, but it can be done.

Usually routers still block incoming traffic for security reasons, so you still have to open ports in your router.

If you go with IPv6, all your devices/servers have their own IP. These IPs are valid in your LAN as well a externally.

But it’s still important to use a reverse proxy (e.g. for TLS).

Many places don’t enforce those laws for simply torrenting.

Some countries (US) ask the ISP to send warning letters and might disable the internet. In other countries law firms get personal details from the ISP and send a costly letter of a thousand Euro for a single infraction like in Germany.

I would ideally like to convert the library to h.265 or even AV1 if I can make it work.

Unless you’ve downloaded remuxes (which I doubt), I’d seriously recommend redownloading instead of converting your existing files.

h.265 and especially AV1 take a long time to encode by CPU, and hardware encoding won’t give you any space savings, unless you’re okay with losing much details.

Redownloading is most definitely faster, will result in more space savings for the quality you’ll get. PS: Unless you’ve got data volume limits, but even then I’d recommend slowly upgrading over time. It’s quite simple with TRaSH guides and giving h.265 a higher score.

• ActualBudget for finances.
• Radicale for calendar/contacts.
• Immich for photos/videos.
• Redlib as a frontend for Reddit (LibRedirect ftw).
• TheLounge as an IRC client.
• Bitwarden/Vaultwarden as a password manager.
• paperless-ngx for documents

There’s two reasons why r/linux is popular on Reddit:

1. Reddit is popular
2. r/linux is popular

NixOS in LXC works great, although I switched to bare metal NixOS a few months ago. I didn’t see the need for proxmox as it hindered my ability of declaring the whole system.

Creating NixOS LXC’s is a bit of a pita. Some links that helped me two years ago:

• https://wiki.nixos.org/wiki/Proxmox_Virtual_Environment#LXC
• https://web.archive.org/web/20230818134729/https://blog.xirion.net/posts/nixos-proxmox-lxc/

It’s great to see another open source OIDC provider (with more features). I’ve set up Pocket ID which is awesome because of it’s simplicity and it’s great.

I do the this and it’s great. An entire distro takes up only a few GB. Many graphical installers don’t support installing on an existing btrfs partition (or subvolume) and want to create a new one. This can often be solved by manual intervention (via terminal).

I found the guide/examples on their website a bit irritating at first (that’s on me) but it works well once understood and configured.

Yes. 127.0.0.0 is the localhost. This is the IP the container is listening on. Even if there was no firewall it wouldn’t allow any connection except from the host. If it’s set to 0.0.0.0 it means it’ll allow connections from any IP (which might not be an issue depending on your setup).

The reverse proxy runs on localhost anyway, so any other IPs have no reason to ever have access.

It’s mostly to allow the reverse proxy on localhost to connect to the container/service, while blocking all other hosts/IPs.

This is especially important when using docker as it messes with iptables and can circumvent firewall like e.g. ufw.

You’re right that it doesn’t increase security on case of a compromised container. It’s just about outside connections.

Some I haven’t yet found in this thread:

• rootless podman
• container port mapping to localhost (e.g. 127.0.0.1:8080:8080)
• systemd services with many of its sandboxing features (PrivateTmp, …)

I do the same, but with Wireguard instead of OpenVPN. The performance is much better in my experience and it sucks less battery life.