Meanwhile i have a linux server that’s currently running individual LXC containers for hosting

Snipe-it, zammad, paperlessNGX, wiki.js, rustdesk server, firefly III, flare, among a few other things. And it’s barely using 6GB total. Less than windows sitting at desktop these days. It’s pathetic how bad windows has become.

Feed worked out lol

Ah yeah, that’s how I handle piping audio in the Discord as well it is unfortunate that it can’t remember the connection

Your looking for easy effects. It plumbs into the system audio amd creates both a virtual out and input and has every filter you could dream of. I use it both for APO curves on my headphones and then noise removal, gate, and dessing on mic

Someone should really let the people over at matrix.org know that, the messaging is very clearly aimed at normal users.

The problem is that there isn’t really anywhere to Exodus to. I already know people here on Lemmy are going to say Matrix but that’s just not an option. It’s trash, the protocol was designed by idiot neck beards that have never heard the term UX. Pretty much everything was done in a way that while technically speaking is efficient makes it unbelievably tedious to actually use and in some cases just outright annoying ensuring that users will never want to use it. Most recent example is forcing device verification, it is technically correct, it is better from a security standpoint it is better from a verifiability standpoint. But for the average user who could not give less of a shit about that it is nothing more than something that pisses them off and annoys them every single time they open the application because despite the fact that they should be remembering at least in my testing it almost never does and I have to put in my stupid key every single God damn time especially if I’m using it in the browser.

Teamspeakers trying to rebuild itself to be more Discord like but it’s still in early beta and not at all ready for it so that’s not an option, and everything else is pretty much either just as shit or just as likely to implement this tomorrow as Discord

Because propaganda has convinced people that a car is useless if it can’t go 300+mi AND only take a few minutes to be ready to do it again. Range anxiety, even though they only fill up maybe once a week and could easily charge an ev at home with just a standard outlet not even a special charger and keep up with their actual real daily use

Eh, i just use pubkey only Auth config (so password entirely disabled as an option) and put ssh on a non standard port to reduce script kid noise. (and no 2222 is not non-standard it may as well be the default)

Fail2ban triggers false too often for my taste in a high traffic environment.

If you ran nginx as a non privileged user it wouldn’t be able to bind to 80/443 as those are privileged ports. So you would need to use iptables to forward them to an unprivlaged port

I mean it WOULD work you would just need a von on every device you wanted to use.

The REAL answer is never host them DIRECTLY, always use a reverse proxy like nginx. Many projects (i believe jellyfin is one of them) explicitly recommend this for better security. Which it looks like you did so congrats

For extra bonus points you can setup nginx to run as a non privileged user and use iptables to forward the lower ports (80/443). A pain but closes out a large chunk of nginx as a risk.

https://spartanhost.org/ owner is super chill will make custom spec deployments and they actually have a really nice management panels with nice easy custom iso support

One end is a local VPS with insanely good peering pretty much round the damn world, other end is my opnsense router. I actually pass a block of ipv6 through the vpn and my router hands it out to devices which is a nice little bonus

That sounds like a lack of port forwarding on at least one side. Ensure the vpn port is properly open on both sides. There is also an option you can add to the wireguard config for keepalive set it to something like 1min

I feel like im missing something here. This is pretty trivial and the comments i see are over complicating the hell outta everything. All you need is your VPN tunnel working. Personally i use wireguard for this. Then you just use nginx as the reverse proxy it talks to services on the other side of the VPN.

The nginx server config looks like

server { listen 443 quic; listen [::]:443 quic; listen 443 ssl; listen [::]:443 ssl; server_name my.domain.tld; http2 on; http3 on; quic_gso on; tcp_nodelay on; error_log /var/log/nginx/jellyfin.access.log; ssl_certificate /path/to/ssl/fullchain.pem; ssl_certificate_key /path/to/ssl/privkey.pem; ssl_protocols TLSv1.2 TLSv1.3; add_header Alt-Svc ‘h3=“:$server_port”; ma=86400’; add_header x-quic ‘h3’; add_header Alt-Svc ‘h3-29=“:$server_port”’;

location / {
    proxy_pass http://10.159.4.12:8096/;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forward-Proto http;
    proxy_set_header X-Nginx-Proxy true;
}

}

I have no idea how to do the proper code block i guess so have a paste from my reverse proxy hosted pastebin lol https://paste.kitsuna.net/upload/snail-seal-pig

There’s nobody for me to join, the only family that are not horrible manipulative monsters are beyond my means of travel, currently it’s just me and the dog so there’s really no point in making an elaborate dinner for myself. So today is just me being bored and alone till friends become available again.

I don’t not celebrate it because Christian or whatever. I don’t celebrate it because there’s nobody to celebrate it with

Thank you for including the YouTube link so that my phone will properly open in libretube

Because they are, they pay their workers a fair wage, give them good benefits, and give consumers reasonable prices when nobody else will. Pretty sure the entirety of the rest of the industry wants them to go out of business

Have you never used a modern-day LED flashlight they can make them tiny with small dials and still make them brighter than the goddamn Sun lol

Imagine not having an opnsense firewall deployed as an IT professional

Can you not just setup an nginx reverse proxy at the network edge to handle the ssl for the domain(s) and not have to worry about the app itself being setup for it? That’s how I’ve always managed all software personal or professional