A spreadsheet

The Tunnel daemon creates an encrypted tunnel between your origin web server and Cloudflare’s nearest data center, all without opening any public inbound ports.

From https://www.cloudflare.com/products/tunnel/

The good news is that in order to exploit the new vulnerability, the attacker first has to obtain kernel level access to the system somehow - by exploiting some other vulnerabilities perhaps.

The bad news is once Sinkclose attack is performed, it can be hard to detect and mitigate: it can even survive an OS reinstall.

Focuses on garbage these days

Cloudflare tunnel is an option, you can even scrap your own nginx

I’m a nix noob but I think this is a release of the nix package manager and therefore it’s unrelated to the version of the nix channel with nix packages.

Unless you’ve used something secure for formatting or wrote data to the SD after, consider attempting data recovery.

Speaking of Cloudflare, if you’re okay with not self hosting, then there’s Cloudflare Pages which is good for hosting static websites.

I’m running Arch on my RPI 4b+ and quite happy with it.

The installation was pretty simple IIRC - I did run into some issue with uboot which was easily solved by searching for the error on the internet.

Arch Linux ARM ships with a mainline aarch64 kernel and uboot by default, but if you are interested in running the RPI kernel and their boot loader, there’s a custom pacman repo and instruction on the forums: https://archlinuxarm.org/forum/viewtopic.php?t=16144

All in all I don’t think arch needs that much maintenance on a non-critical home server - just make sure to check for config updates every now and then and reboot after kernel upgrades.

I just added it to the home screen, and so far, it’s my favorite between Mlem and using the default web interface. Thanks for mentioning it!