dd-mm-yyyy is not an insane format, thank you.

KDE Connect and SyncThing

your firewal

Well, blocking inbound traffic from these countires is part of my firewall. I have some services that are exposed on the internet, but I don’t want the whole world to hammer these services, scrape them and potentially exploit vulnerabilities on them. I know a VPN would be more effective here, but that’s not an option for every service.

$ grep -i "dns" /etc/letsencrypt/renewal/enter.domain.here.conf

authenticator = dns-netcup
dns_netcup_credentials = /path/to/netcup/credentials.ini

AFAICT it is using DNS challenges, unless the cerbot netcup plugin somehow does stuff it shouln’t need to do.

enter.domain.here is simply a redaction of my real domain as I did not want to doxx myself.

Outbound traffic has never been blocked, so it’s not a matter of me or my “certificate manager” being able to reach Let’s Encrypt.

I’ve been using DNS challenge for this domain from the start. I’m not sure what you mean by external DNS hosting. The domain is from netcup, the certbot host runs in my local network (as does the HTTP server that the domain points to).

Netcup is a German hosting company, I live in Germany, inbound traffic from Germany is NOT blocked on my router, outbound traffic isn’t blocked at all.

I have an old Debian 11 “bullseye” installation running on one of my servers. It’s stuck at nginx 1.18.0, but it should theoretically still be covered by Debian 11 LTS security updates, right? https://wiki.debian.org/LTS/Using
nginx/oldoldstable-security,now 1.18.0-6.1+deb11u5

Huh?

Sure, but that doesn’t make any difference in the maintenance effort required.

If I write my own Dockerfiles to tag my own images I also have to run my own update management.
I like to outsource this, so all I have to do is a simple docker compose pull (or in reality, let Dockhand or watchtower handle it).

Unfortunately it only has tag suggestions when there’s letters in the tag field already. I’m probably going to use a lot of tags/categories and I might not be able to remember all of them. In this case I’d need to cycle through all first letters to make sure to not miss one.
I’m not sure that’s what I want to do.

https://gosuki.net/
This one?

Looks like it doesn’t come with docker and seems like you don’t get access to the full source on the free version?

https://mozilla-services.github.io/syncstorage-rs/

This still relies on Mozilla’s login servers, so not fully selfhosted unfortunately.

It seems like you can selfhost the whole FxA stack in theory, but I haven’t found much documentation for it.

Does VPN protect my whole device?

No. The built-in VPN only hides your IP address and location while browsing in Firefox. It does not protect traffic from other apps on your device. For full-device protection, we offer Mozilla VPN.

Since you said you don’t need it for torrents, I thought this would suffice. But I realize now you still want to hide your IP while torrenting.

https://support.mozilla.org/en-US/kb/built-in-vpn
https://winaero.com/enable-firefox-vpn/

Cool tool, but not really what has been asked, is it?

https://github.com/nicholas-fedor/watchtower/commit/9f73220741a8f07d7d334baf5ef0817bb22f1271

Oh nice, this actuall looks like a really useful addition.

Is Nicolas Fedor a known entitiy? Are they trusted by the community? I’d really like to switch from my unmaintained image.

What I really like about Dockhand is the built-in vulnerability checker for images.

Or you can not be arrogant towards your friends and family who have probably helped you on lots of occasions and will probably keep being there for you in the future.
Idk man, unconditional sharing feels pretty good, tbh. Making them jump through hoops isn’t really my jam. To me this kinda all plays into making a stronger bond with people that are close to me, so maybe we have different reasons for why we are sharing our stuff.

Inb4 “we are not the same” meme