I want to be able to upload/download/share my photos from anywhere in the world without using a VPN. Additionally, this satisfies the wife requirement. It works in the background without her needing her to turn on the VPN. I don’t want her to keep asking me how do I turn on the VPN? If it’s just me, then no issue, I’ll use a VPN.
It’s hard to explain from scratch.
Caddy is a reverse proxy software that essentially redirects traffic from a certain port to another port. For example external:port => internal:port. It also enables SSL encryption meaning everything will be encrypted en route between the external and the user.
VPS is a virtual private server. Just someone else’s computer you can expose to the Internet.
Tailscale is a mesh VPN that uses wire guard as its transport. I use this to tunnel between my VPS and my Immich server to hide my home IP and to allow encrypted traffic between my Immich server and my VPS.
A zero-day (also known as a 0-day) is a vulnerability in software or hardware that is typically unknown to the vendor and for which no patch or other fix is available. The vendor thus has zero days to prepare a patch, as the vulnerability has already been described or exploited.
There’s no fix other than security through layers.
Pretty much I have caddy on a VPS that’s pointing to my internal IP using a tailscale tunnel. You are still exposing the web gui to the Internet so I just changed authentication to OAuth to mitigate since risk. There is still a possibility of attacks via zero days, but my immich is on a VM and I’m creating firewall rules to just allow certain ports out.
You will need a VPS as your other endpoint
I can actually game one the AMD one pretty okay. Couldn’t with Intel. Battery life also increased by 30 minutes.
I understand what you mean. The way I did it was a full disk encryption as an “external drive” so the whole disk was encrypted
No, that’s absolutely true. Dynamic loads will need to be accounted for in real world examples.
How are you accessing the fediverse?
Consider a dam that is 10m tall
Then consider the height of water behind that dam is 5m tall.
Does the dam need to be built stronger if the water behind it is 1 km long?
How about only 500m?
How about 1m?
The answer is, it doesn’t matter. Water exerts pressure equally regardless of how much water is behind it.
Therefore a graduated cylinder that is 10m tall needs to resist the same amount of force as a dam 10m tall regardless of how much water is behind the dam. Even a thin sliver of water 1mm thick and 5m tall has the same force as a 5m lake behind the dam.
Incompressible fluids are pretty insane
Can you elaborate?
When I sold my drives, I used veracrypt with a 128 character password and PIM of 800+.
Isn’t that the same thing as shredding?
PiHole and AdGuard are both easy to setup servers for network wide DNS blocking. (Homenetworking)
NextDNS is an external entity that allows you to setup DNS blocking on devices that support DoT, DoH, and occasionally plaintext DNS. (For your phone and other mobile devices)
iPhones and Androids both support DoT while Firefox (and likely most modern browsers) supports DoH.
If you don’t want to rely on an external entity, you could use a wire guard split tunnel to block your ads away from your home network. Additionally you can set up a VPS and self host your DNS server there.
Helped my dad through the process and he got like 41 dollars from an old business tax over charge. Not much but that’s dinner money!
I have maybe a few dozen USB C devices all from dumb 5V/2A chargers to 20V/5A chargers. From USB 5GB to USB 40GB. Never once have I ever had issue with the cables and connectors. Only time I’ve had an issue was when I dropped my phone into the charging cable where it physically broke off.
Meanwhile I’ve had an iPhone for 4 years and the lightning connector broke in such a way I had to use hot glue to pull it out of the port.
Gotta hop on that pixelfed!
Duck or Mozilla email relay?
Maybe T-Mobile home Internet is good enough?
Their 3tb and 16 TB are super trash. I’m running 20tb and 24tb and they’ve been solid… So far
Pee pee poo poo
I just use google OAuth since everyone I know has a google account. It just can’t use OAuth on private IP addresses, just FQDNs.