$ grep -i "dns" /etc/letsencrypt/renewal/enter.domain.here.conf
authenticator = dns-netcup
dns_netcup_credentials = /path/to/netcup/credentials.ini
AFAICT it is using DNS challenges, unless the cerbot netcup plugin somehow does stuff it shouln’t need to do.
enter.domain.here is simply a redaction of my real domain as I did not want to doxx myself.
Outbound traffic has never been blocked, so it’s not a matter of me or my “certificate manager” being able to reach Let’s Encrypt.
I’ve been using DNS challenge for this domain from the start. I’m not sure what you mean by external DNS hosting. The domain is from netcup, the certbot host runs in my local network (as does the HTTP server that the domain points to).
Netcup is a German hosting company, I live in Germany, inbound traffic from Germany is NOT blocked on my router, outbound traffic isn’t blocked at all.
I have an old Debian 11 “bullseye” installation running on one of my servers. It’s stuck at nginx 1.18.0, but it should theoretically still be covered by Debian 11 LTS security updates, right? https://wiki.debian.org/LTS/Using
nginx/oldoldstable-security,now 1.18.0-6.1+deb11u5
Android (TV) on a Raspberry Pi: https://konstakang.com/
I wish Zulip was fully E2EE
I usually avoid these troubles by issuing -v /etc/timezone:/etc/timezone:ro
Sure, but that doesn’t make any difference in the maintenance effort required.
If I write my own Dockerfiles to tag my own images I also have to run my own update management.
I like to outsource this, so all I have to do is a simple docker compose pull (or in reality, let Dockhand or watchtower handle it).
Never heard of them, but they can fuck right off.
Today, AI can be pointed at an open source codebase and systematically scan it for vulnerabilities.
Well, then do that.
It’s not a perfect solution, but we have to do everything we can to protect our users.
All you do is shipping unaudited software, you cunts.
Check your plugins and your library preferences. Maybe the 10.11 update changed something in your setup.
Unfortunately it only has tag suggestions when there’s letters in the tag field already. I’m probably going to use a lot of tags/categories and I might not be able to remember all of them. In this case I’d need to cycle through all first letters to make sure to not miss one.
I’m not sure that’s what I want to do.
https://gosuki.net/
This one?
Looks like it doesn’t come with docker and seems like you don’t get access to the full source on the free version?
https://mozilla-services.github.io/syncstorage-rs/
This still relies on Mozilla’s login servers, so not fully selfhosted unfortunately.
It seems like you can selfhost the whole FxA stack in theory, but I haven’t found much documentation for it.
Does VPN protect my whole device?
No. The built-in VPN only hides your IP address and location while browsing in Firefox. It does not protect traffic from other apps on your device. For full-device protection, we offer Mozilla VPN.
Since you said you don’t need it for torrents, I thought this would suffice. But I realize now you still want to hide your IP while torrenting.
Cool tool, but not really what has been asked, is it?
Well, blocking inbound traffic from these countires is part of my firewall. I have some services that are exposed on the internet, but I don’t want the whole world to hammer these services, scrape them and potentially exploit vulnerabilities on them. I know a VPN would be more effective here, but that’s not an option for every service.