I have one of these cars (in the US no less) and i absolutely do that sometimes. No tickets yet

Was surprised to see this here. But yes absolutely, they are expensive don’t get me wrong. But they are worth it. Their shit just works, i have their washer and heat pump dryer, dishwasher, and CX1 canister vacuum. Each are the best version of that thing I’ve ever used. Dishwasher will clean anything no rinse/soak needed even for baked on pasta or cheese, vacuum is powerful but also shockingly quiet, dryer sips power (700w avg load) but dries everything just fine.

Had em for the years now, i am NOT gentle with the vacuum i drag it outside to clean the car and other various things it’s not really for, toss it around use it as a footstool sometimes and it shows no signs of the wear. You get what you pay for with them

Eh, i just use pubkey only Auth config (so password entirely disabled as an option) and put ssh on a non standard port to reduce script kid noise. (and no 2222 is not non-standard it may as well be the default)

Fail2ban triggers false too often for my taste in a high traffic environment.

If you ran nginx as a non privileged user it wouldn’t be able to bind to 80/443 as those are privileged ports. So you would need to use iptables to forward them to an unprivlaged port

I mean it WOULD work you would just need a von on every device you wanted to use.

The REAL answer is never host them DIRECTLY, always use a reverse proxy like nginx. Many projects (i believe jellyfin is one of them) explicitly recommend this for better security. Which it looks like you did so congrats

For extra bonus points you can setup nginx to run as a non privileged user and use iptables to forward the lower ports (80/443). A pain but closes out a large chunk of nginx as a risk.

Wasn’t that because people just… Didn’t react at all? Just stood around watching the ceiling be on fire. I seem to remember there being footage to that effect

Only female bees have stingers tho

https://spartanhost.org/ owner is super chill will make custom spec deployments and they actually have a really nice management panels with nice easy custom iso support

One end is a local VPS with insanely good peering pretty much round the damn world, other end is my opnsense router. I actually pass a block of ipv6 through the vpn and my router hands it out to devices which is a nice little bonus

That sounds like a lack of port forwarding on at least one side. Ensure the vpn port is properly open on both sides. There is also an option you can add to the wireguard config for keepalive set it to something like 1min

I feel like im missing something here. This is pretty trivial and the comments i see are over complicating the hell outta everything. All you need is your VPN tunnel working. Personally i use wireguard for this. Then you just use nginx as the reverse proxy it talks to services on the other side of the VPN.

The nginx server config looks like

server { listen 443 quic; listen [::]:443 quic; listen 443 ssl; listen [::]:443 ssl; server_name my.domain.tld; http2 on; http3 on; quic_gso on; tcp_nodelay on; error_log /var/log/nginx/jellyfin.access.log; ssl_certificate /path/to/ssl/fullchain.pem; ssl_certificate_key /path/to/ssl/privkey.pem; ssl_protocols TLSv1.2 TLSv1.3; add_header Alt-Svc ‘h3=“:$server_port”; ma=86400’; add_header x-quic ‘h3’; add_header Alt-Svc ‘h3-29=“:$server_port”’;

location / {
    proxy_pass http://10.159.4.12:8096/;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forward-Proto http;
    proxy_set_header X-Nginx-Proxy true;
}

}

I have no idea how to do the proper code block i guess so have a paste from my reverse proxy hosted pastebin lol https://paste.kitsuna.net/upload/snail-seal-pig

I feel like this all started around that time that there was that article that mentioned the most popular desktop environments on Arch Linux from repo stats where KDE plasma was the highest with over double gnome.

Clearly gnome foundation salty

Yup, i paid my $1,000 for my index and it was the best purchase I ever made love that thing. I’m definitely getting a steam frame as well not because I don’t love my index anymore but it would be nice to have something that is a little more flexible with the space.

I don’t even mean just large remodels, a lot of times in most Apartments the appliances are whatever you get and you can’t put your own in. Many apartments have rules and limitations on what can or can’t be hung on the walls personally I’m a huge fan of shelves on the walls a couple L brackets and some stainless steel string make for a very aesthetically pleasing and very useful shelf space most Apartments don’t enjoy you doing that.

Electricity bill getting really high and you wish you could have a heat pump dryer instead of the cheap ass piece of s*** they put in? Well that’s just too damn bad etc. Want to modify your balcony? Put up special netting or something? Some places will let you some places tell you don’t even think about it. And don’t you dare leave stuff sitting on the balcony we can’t have that it has to look nice

There are plenty of rules and limitations on apartments that go well beyond just Mass renovations

Also can’t make many changes, limits to what can be installed in general etc etc. How is owning literally nothing about your home NOT depressing

It just creates unnecessary complication. It’s not particularly memorable, it’s a pain to even just lookup tye syntax imo compared with v4, and I genuinely do not see the benefit at the home level to getting rid of NAT. Carrier and backhaul? Oh yeah nat is a fucking plague. But home level? Literally causes no issues it’s trivial to work with, 98% of people do not need ports forwarded ever. Those that do it’s not hard. IPV6 necessitates more careful control of a firewall now that every device is globally reachable and means that it won’t even make opening a service any easier. It’s just firewall instead of NAT forward which on most routers will more or less be the same process

6to4 exists and could handle translation of the backhaul 6 to a local 4. Only the router itself need be directly addressable imo.

More of a NCC-1701-E man myself

I’m not, and I’ll never give it up on any network i control. It’s simple, easy to remember, i don’t personally need 255 ip addresses so ipv4 space is just fine for me. And i don’t need my devices to be individually addressable globally i can port forward if something needs to be accessed externally.

IPv6 makes sense at the carrier level but at the endpoint networks especially just for homes there is literally nothing wrong with ipv4

Thank you for including the YouTube link so that my phone will properly open in libretube

It must be, every time I’ve ever had a problem with electricity if you look back far enough it was an electrician that set it up. Coincidence? I think not