deleted by creator

Could also be a good opportunity to add a service monitor like Uptime Kuma. That way you know what services are still down once things come back online with less manual discovery on your part.

Only because I was randomly invited to one by a friend, otherwise I wouldn’t have bothered with it.

I expose most things to the web so long as they have auth and 2FA options. The one exception being my Jellyfin server. I share it with friends and needed to make it as easily accessible as possible.

With Cloudflare WAF, reverse proxy, and an isolated subnet with IDP I feel comfortable with public services. Nothings perfect but if they get through it and pwn my lab I’ll just nuke it and rebuild.

Love the concept. Waiting to see how it grows. The wife approval factor isn’t there quite yet.

I just enjoy having 1 app to browse the content I want to watch instead of a dozen different apps that suck in their own special ways.

deleted by creator

Spez killed third party apps so he could track people and sell ads. First party apps were bad and getting worse. And the whole way it went down was just dishonest and shitty. I don’t wanna support that.

I also really enjoyed being able to see new content AND comment on it/interact with the community. That was the reason Reddit was cool to me. If I didn’t channel that energy towards something else I’d have ended up back on Reddit.

And the cherry on top, I love the idea of decentralized social networks. It’s better for the internet.

Down in a reply to some other comments https://lemmy.ca/comment/3915756

I am horrified, but equally impressed 😂

I would HIGHLY recommend that for something as essential as DNS, you should be running it on its own hardware. Considering, as you’ve experienced, that any issues result in a complete loss of normal access to the internet.

You can run pihole on something as small as a Raspberry Pi zero w, then just set it with a static IP and forget about it.

Considering you said you’re currently using WSL I suspect there is an extra layer of networking bullshit that is breaking your routing. If you haven’t already looked at this document, it might have the information you need https://learn.microsoft.com/en-us/windows/wsl/networking#accessing-windows-networking-apps-from-linux-host-ip

But for the sake of stable DNS services you will thank yourself for just getting a dedicated device of any power level to ONLY handle DNS.

I’ve got a few layers of security for my homelab setup that make me feel pretty comfortable against random attacks.

Cloudflare is used to manage my domains and act as an external proxy to obscure my IP address, I’ve only forwarded ports 80 and 443 to Traefik my containerized reverse proxy, Authelia to add 2FA to services that I feel should have extra protection and my homelab nodes are on a separate vlan that is configured to drop all attempts to initiate communication outside of that vlan. I also use the ubiquity intrusion detection and prevention features on my firewall to attempt to stop any know malicious activity.

A majority of these configurations are overkill for a homelab, but were fun to implement. If you use a reverse proxy and keep your software up to date you will likely be fine unless you are specifically targeted by skilled hackers. Any random scans, or shotgun style attacks tend to target unpatched vulnerabilities.

My conversation with the moronic MBAs that lead my org today. Who cares about doing impactful work when we can just do useless busy work that makes the nontechnical morons happy.