Not familiar with opnSense, but on your PC, you can check the address it assigns - if it’s /128, it’s a single address.
My ISP does not assign a prefix for delegation unless you specifically ask for it. I had to add “request_prefix 1” to my dhclient.conf file to get a /64 I assume opnSense has a friendly setting somewhere for that. For me, the key phrase was ‘prefix delegation.’ After I got that, I could search around and get my solution.
Beyond “whomever holds the highest office at the moment,” there’s “whomever gets the biggest media coverage.” That might be Gavin Newsom, who’s not very popular, even in his home state. Bernie Sanders and AOC always get good coverage, but that’s partly because they’re so far outside the mainstream.
US isn’t really set up for singular leaders at the national level, which is part of what makes Trump so unusual.
My sense is that a lot of the people who say, “Well, I never had that, so why should others?” fail to recognize or remember the kindnesses and support they did receive. i.e.: they’ll also say, “I grew up the child of a single mom on welfare - no one gave us anything.” There’s a specific right-winger I’m thinking of, but I can’t remember his name.
Logging power use by my server was one of the motivators to add homeassistant. That also showed me that specific containers use a (relative) ton of background power. Immich and authentik each raised power consumption by 2-3 watts, so I leave them down unless I have specific need.
I’m going to go with: foot/toof or feet/teef. Good anadromes that also stand at opposite ends of the body. Except for the scientific units (eg, ohm/mho), they seem to generally be unrelated words more by chance than intent.
If you only need it to be accessible inside your home, then you just need to run your own DNS. Have your dhcp point at your DNS and your DNS declare itself the master for your domain.
To get full functionality, you’ll probably want to have your registrar point to the public IP you get from your ISP as the domain’s authoritative name server.You should be able to script it to update the registrar when your ISP changes your IP, but that usually happens infrequently enough to do manually. Obviously can’t do that if you’re behind CGNAT.
To get Lets Encrypt certificates, you can do the DNS challenge. If your ISP gives you a (even inconsistent) public IP, you can do fancy ‘views’ with your selfhosted DNS, where it responds with private IPs inside your network and your ISP-given IP outside your network. I have certbot set up to expose my DNS & web server just before it starts its renewal process, then close the firewall after. Once you have the certificate, you can move it to where ever it will actually be used.
Probably just scream that Kamala would have done the same thing, but worse.
To me, the nonstandard port is mostly nice for reducing log spam from scripts. The risk is that using a nonstandard port lulls one into a false sense of security and overlook good sshd practices. Good sshd practices will prevent the script-kiddies just as well as the non-standard port, while a non-standard port will not challenge a targeted attack. And, if you interact with multiple servers, it can be inconvenient to remember a different port for each one.
You can start by experimenting on your current computer. Install docker, get some service that sounds interesting, and just access it on localhost. You’ll miss out on anything the service does overnight or downtime, and you won’t be able to access it from off-site, but it’s a fine way to wet your toes and see how it goes.
Docker: https://docs.docker.com/desktop/setup/install/windows-install/
Photo library: https://docs.immich.app/install/docker-compose/
Some maintainers even provide handy windows installers
Media library: https://jellyfin.org/docs/general/installation/windows
I suspect that some of the ‘lazy union worker’ stereotype is workers following their contract and refusing to do non-contracted work, which is, of course, essential to maintaining the value of that contract. Pride in your own work/trade doesn’t mean cleaning up after the other trades; professionalism in your own work doesn’t mean unpaid overtime to fix someone else’s fuckup.
In the old days, university IT put essentially no access controls on their networks, so students’ dorm computers were completely exposed to the internet. Any service you started was immediately, globally accessible. Some big sites, including slashdot and facebook, got their start in some kid’s dorm room. I feel like access controls really got going in the early 00’s - first for residential, then for broader campus.
Check with your IT people - they may have policy or conditions under which they will expose ports on your personal computer to the internet. Otherwise, your best bet is probably free-tier AWS or Oracle.
Not free, but there are some ‘KVM VPS’ providers out there that will rent you a small, internet exposed computer pretty cheap. They can be a good platform for experimenting with self-hosting services, without exposing your personal equipment or home network. eg: 1CPU/1GB RAM/24GB SSD $12/year https://my.racknerd.com/cart.php?a=add&pid=903
Good discovery tools are essential on a federated platform. An important part of twitter, facebook, and reddit success is/was that that they were the place for their particular style of content. You had a pretty good chance of being able to discover your old high school friends, because they were on the one platform. Then the (early) algorithm started discovering for you all the obscure content similar to your history.
Discovery has to work differently in a federated system. You can search for communities on Lemmy, but if your instance doesn’t already have someone subscribed to a community, then you’re not going to find it.
I realize you’re looking for new toys, but ‘anywhere in the flat’ includes ‘under a pile of pillows.’ Otherwise, for personal photo-sized storage, just put a couple 2.5mm format SSDs in the QNAP.
Depending on the board in your mini-server, you may have enough SATA ports to plug in directly. I have a system similar to what you’re describing (N100 with 4x 2TB HDDs with 1.5TB data): 2 of those drives are set up in RAID1 (mirror), and once a month, I plug in one of the spares, rsync the array to it, and unplug it. Every 3 months or so, I swap the offline drive with an offsite drive. I used to use a USB dock for the offline drive, but I got a 3-bay hot-swap enclosure to make the whole process faster and easier.
The server shares the array via NFS and SMB, and it is absolutely a NAS for all my other systems.
If you expect to exceed 2TB data within 2 years, then you’ll need to replace all 4 of those 2TB drives in 2 years. You might, today, get a pair of 4 TB drives and one 2TB, use the 4TB as your main storage, the 2TBs as rotating backups, and wait until you actually outgrow 2TB to upgrade the backups.
I’m not interested in their narrative, I’m talking about their numbers. They measured plaque formation - colonies - of bacteria from surface wipes around the toilet after flushing a contaminated toilet bowl. Depending on the location & lid state, they got, generally 103-106 plaques. 10^5 with the lid closed, 10^6 open, which is a 10x difference. There’s no difference in the surfaces directly facing the bowl; hardly surprising that there’s little contamination left by the time you get all the way to the walls - 1/r^2 effect. Look at the surface you sit on.
Are you sure you read that right? They report contamination in log units, so a reduction from 6.23 to 4.81 is a 26x difference. There’s not much difference on the faces of lid & seat that directly face the bowl, but even the seat top had 15x more contaminants with the lid up than down.
The study where gustofwind got the illustration says it’s around 10x reduction of deposited bacteria with the lid down.
https://www.ajicjournal.org/article/S0196-6553(23)00820-9/fulltext#tbl0010
I see you’re getting lots of advice just to use c/selfhosted as a free consultant. That’s good advice if you’re self-motivated and focused.
If you want someone to be a coach through the process, to keep you focused and moving, that’s a) a slightly different skillset and b) worth putting in the description. I mention this only because I have a bunch of aspirational projects on my to–do list that have just sat there for literally years because of perfectionism, anxiety, and maybe some undiagnosed ADHD. I’ll also counter by noting that a lot of people, this time of year, buy a gym membership on the theory that spending the money will somehow force them actually to go to the gym, only to find that spent money is not actually a motivator.
Great project. I like the 1-star reviews complaining about the lack of advertising and tracking.
ID, credit, debit, transit, auto insurance, health insurance…
On topic, I did recently stop carrying a phone card - back before cell phones, you could buy a card, call an 800-number from a pay phone, enter the card number, and make long distance calls. My parents gave me 1200 minutes when I went to college in the late 1980s, and the card still has, probably 1000 minutes. Last used it probably around 2002.