Verifying that the code doesn’t contain regressions, bugs, or vulnerabilities, that it doesn’t conflict with whatever the owner is actively developing privately, in addition to making sure it wasn’t vomited out by a goddamn clanker, is a huge burden on a solo developer. They are free to decide whether to take on this responsibility.

What sounds like gatekeeping is often a strongly worded emphasis on having the prerequisite knowledge to not just host your services, but do it in a way that is secure, resilient, and responsible. If you don’t know how to set up a network, set up a resilient storage, manage your backups, set up HTTPS and other encryption solutions, manage user authentication and privileges, and expose your services securely, you should not be self-hosting. You should be learning how to self-host responsibly. That applies to everything from Debian to Synology.

Friends don’t let friends expose their networks like Nintendo advises.

Put all of the postcodes in a paginated list that displays only 30 entries at a time (60 and 100 per page for premium users), only has next/previous navigation buttons, orders the entries by popularity, and goes back to the first page if you reload the website. Or an infinitely scrolling page that loads each page dynamically, but returns 429 Too Many Requests if the user scrolls too fast.

I think you can get some kind of exemption for archival purposes. I know that the Internet Archive has one. But I also know that ultimately Microsoft is responsible for the data hosted on Github, and Microsoft’s interest is to not even risk getting sued.

At work, we use PiSignage for a large overhead screen. It’s based on Debian and uses a fullscreen Firefox running in the labwc compositor. The developer advertises a management server (cloud or self-hosted) to manage multiple connected devices, but it’s completely optional (superfluous in my opinion) and the standalone web UI is perfectly usable.

You can absolutely use it without a reverse proxy. A proxy is just another fancy HTTP client that contacts the server on the original client’s behalf and forwards the response back to it, usually wrapped in HTTPS. A man in the middle that you trust.

All you have to do is expose the desired port(s) to all addresses:

# ...
  - ports:
    - 8080:8080

…and obviously to set the URL environment variables to localhost or whatever address the server uses.

I don’t know which feature you mean, can you link the documentation?

I used it for a while, and it’s a decent solution. Similar to Tailscale’s subnet router, but it always uses a relay and doesn’t do all the UDP black magic. I think it uses TCP to create the tunnel, which might introduce some network latency compared to Tailscale or bare Wireguard.

Right… my mistake, I guess I had SSH config entries in Termux and never questioned whether SSH was using those or DNS.

Still, try to find some way to check which server is being queried. It might reveal connectivity problems with the local DNS server.

Install Termux, then use either the dig or nslookup command to query the DNS name, and check which DNS server is queried. If it’s the private server’s address, you might be having connectivity issues. If it’s 100.100.100.100, the resolver is still trying to query Tailscale’s MagicDNS.

A while ago, I wanted to try Home Assistant. Then I realised that I didn’t have a single thing to use it with. The locks are mechanical, the lights are simple LEDs, the irrigation system is manual, my car has push buttons, and I live in a safe enough area (by European standards) to not need doorbell or security cameras. Nothing I own depends on any external services other than the electric transformer down the street.

Never a better time to be a modern Luddite.

private dns setting of android

Probably. If that setting is enabled, Android (including Graphene) defaults to 8.8.8.8 if the higher-priority DNS servers (manual or received from DHCP) don’t support DNS-over-TLS or DNS-over-HTTPS.

Proxmox is my number one choice. It’s based on Debian, and has an excellent, extremely straightforward web UI for managing virtual machines and LXC containers.

It’s perfectly reasonable from the perspective of corporate scum: take away a standard feature, then sell it back as an extra. As far as I know, the modem still had UPnP for applications that rely on it.

No, I got it from the horse’s mouth: my WAN address was publicly routable all along, the ISP just disabled those NAT-related features remotely.

I finally got my ISP to enable bridge mode on my modem.

I also learned that I didn’t lose port forwarding and related services because I had been moved behind CGNAT or transitioned to IPv6 – they simply no longer offer port forwarding to residential customers. Ruminate on the implications of that statement so I’m not the only one with blood pressure in the high hundreds.

Even in the open source community, the libre-ness of a product is just one of many factors. The fitness for a purpose, the initial difficulty of the setup, the continuous difficulty of operation and maintenance, the pace of development (if applicable), the professional or community support structure, the projected longevity of the product or service, and the general insanity of the people involved are all important factors that can, and often do outweigh the importance of open software.

Thus do we invoke the Machine God.

Local Unbound with Tailscale’s split DNS has been solid for me. I use it as an OPNsense service with the web GUI, but the standalone YAML config looks simple enough.

I’ve never used Linkwarden, but the /data folder is often used by Docker containers to store the application’s data, so it’s likely an internal path. You’ll have to create a volume that exposes the internal /data path to the host filesystem, then whatever is written into that directory will be made available to both the container and the host system. Any file or directory in the container can be exposed this way.

I usually put my data volumes in /srv (where my large RAID array is mounted) and config volumes in /config, into a subdirectory named after the service, and with the minimal necessary privileges to run the container and the service. You could, for example, create volumes like this:

/srv/linkwarden/postgres_data:/var/lib/postgresql/data
/srv/linkwarden/linkwarden_data:/data/data
/srv/linkwarden/meili_data:/meili_data

The volume path (left side of the colon) can be anything. The right side is where the services expect their files to appear inside the container.