Served in the Krogan uprisings. Now I run a podcast
Connect it to your PC or laptop and do a netinstall. Configure SSHD and a static ip. Plugin the disk to your server and then connect via ssh to admin it.
You could also set your laptop or PC to boot from the attached disk in the bios to test the services you want to start are starting
Happy to help 😉
Syncthing can do direct sync if you give the ip address to each node and you can disable relay servers .
Yeah this is a much better approach
You could just poll it every few minutes via a cronjob and only send a notification if the numbers have increased.
Personally I use miniflux too in docker but I dont have a need for notifications.
Could you just poll the miniflux db directly ?
On laptops yes, on my server no. Most of the data is photo backups and linux ISOs form over the years.
Btop and logwatch with logrotate. I use healthchecks to check if the server is unreachable and it notifies me.
I refuse to use discord.
My block list is very small actually due to the non standard ssh port. Everything else goes through wireguard.
If it was open to the public then yes I’d have to reconsider the ban length.
You could not connect the TV and printer to the network but instead attach them to raspberry Pi or similar devices. This allows you full control and stops them calling home and spying.
Please see my reply below with links.
Onion repositories are package repositories hosted on tor hidden services. The connection goes through six hops and is end to end encrypted. In addition to further legitimizing the tor network with normal everyday usage it has the benefit of hiding what packages have been installed on a system.
Here are some notes about them if you want to read more.
https://blog.torproject.org/debian-and-tor-services-available-onion-services/
Well I dont trust closed source software and do what I can to avoid it when I can. At least foss can be audited. Also all the linux devices on the main network are devices I admin.
Only remote access by wireguard and ssh on non standard port with key based access.
Fail2ban bans after 1 attempt for a year. Tweaked the logs to ban on more strict patterns
Logs are encrypted and mailed off site daily
System updates over tor connecting to onion repos.
Nginx only has one exposed port 443 that is accessible by wireguard or lan. Certs are signed by letsencrypt. Paths are ip white listed to various lan or wireguard ips.
Only allow one program with sudo access requiring a password. Every other privelaged action requires switching to root user.
I dont allow devices I dont admin on the network so they go on their own subnet. This is guests phones and their windows laptops.
Linux only on the main network.
I also make sure to backup often.
Debian
I use wireguard and nginx but I set my WG DNS as the server ip. I have adguardhome running on the server and have added the external domains to map to their LAN address so theyre resolved locally when using the vpn or the LAN. A similar setup should work for you.
Personally I just throw my roms in directories and serve them from nginx. Its easier to just pull them down on deck that way and requires no extra effort or maintenance on my end.
Everything else is on steam.