I’d like to do the same, but atm I use nginx to serve all the web interfaces… And keycloak support is either a plus subscription feature or made to work with hacky Lua scripts.
So for now it’s security through obscurity, I got a wildcard cert and the pages are accessed based on subdomain. So afaik nobody has a clue unless they start iterating common subdomain names. (At some point™️ I’m adding proper auth though)
To maintain my privacy I proxy it though :)
To be fair for now it’s only used to access some admin portals for services I got running (Arr stack, syncthing, etc). The main domain isn’t even mapped (so gives 404), though at some point that might become a portfolio website.
Seeing as my homelab domain is literally {first name}{last name}.{country I live in} I didn’t really care :P
Big fuck you to the Belgian govt who detected my developer settings being on and blocked their app from working…
Btrfs works with different hard drive sizes, with 1 disk failure with no data loss.
Anddd… You use wifi to connect to their servers, so they’ll have your residential ip (unless you got a VPN on at all times… And even then there’s probs some way to fingerprint you enough). Partner uses the same wifi network and your profiles are linked again…
There really just is no way to completely escape. Blocking all ads and trackers on a DNS level (using a pi-hole or external service like nextdns[paid, but its pretty good]). Is a good solution though, at least you won’t need to actually see ads
I use it all the time for the one time use cards, and it’s been effortless to use.
The data breach is of course bad, but no company is completely immune to those.
Privacy policy… Is not a great look (especially with the marketing being opt-out and having a convoluted process…) I honestly hadn’t heard about it. But even now I’ll continue to use it because weighing the marketing vs my CC details out there is still not a hard choice.
Depending on where you live Revolut might be an option for you. Unlike privacy.com its basically just an online bank where you can open an account and send money to/from, but they offer a one-time-use credit card (which changes every time you use it).
It’s more of a way to reduce costs for the CDN, using torrents everyone contributes and they only have to send a small magnet file.
Simply making the hash really hard is not a good option. All most people will notice is that their underpowered phone suddenly takes way longer to unlock compared to before. Cracking the hash on very powerful hardware is then ‘trivial’
As the other comment mentioned, a hardware solution seems to be the only one.
What I use for such sites is a frozen card which I only unfreeze after setting a limit for my exact purchase amount. Pay, freeze again for the next time.
Installing GPU drivers :). Bonus if you need to use CUDA on top of that