• 1 Post
  • 23 Comments
Joined 1 year ago
cake
Cake day: June 10th, 2023

help-circle






  • Some time ago I’ve done a “public IP implementation” on my VPS when I was on mobile network (no public IP).

    Basically set up IPSec/Wireguard on VPS and connect your router to it. Then setup EoIP over VPN between VPS and your router. Then add EoIP tunnel to your LAN’s bridge in your router.

    Then setup all ports forwarding (using iptables) from your VPS to your router on LAN, so if you connect to your VPS using tcp80, it will be simply forwarded (NAT’ed) to your router. Except tcp22, for SSH to your VPS obviously…

    And now you have yet another public IP lol.

    This is not something you asked, but might give you some ideas.



  • Isn’t “MAC NAT” you are after? I’ve seen Mikrotik has this feature to perform NAT for bridge devices. EDIT: no, since your ISP might check at DHCP leases and realise that you are cheating. Go with regular router instead.

    Also regular router would be sufficient IMO. Also don’t forget to set static TTL value so your “ISP” doesn’t see that you have a router between your devices.

    Also create MAC address and save it. Always change it before connecting - you will have less trouble.




  • Here is the example docker-compose.yml:

    services:
      caddy:
        image: caddy
        container_name: caddy
        volumes:
          - ./caddy/data:/data
          - ./caddy/config:/config
          - ./caddy/Caddyfile:/etc/caddy/Caddyfile
        ports:
          - 80:80/tcp
          - 443:443/tcp
          - 443:443/udp
        restart: always
    
      lemmy:
        image: lemmy
        container_name: lemmy
        ...
    

    Before executing, create a new directory caddy i working directory, then create new file Caddyfile in it (lemmy is a container name):

    mydomain.com {
        reverse_proxy lemmy:<lemmy_container_http_port>
        encode zstd gzip
    }
    

    Then fix your UDP Buffer size, so it’s compatible with QUIC: https://github.com/quic-go/quic-go/wiki/UDP-Buffer-Sizes

    And that’s it. tcp80, tcp443 and udp443 should be reachable from anywhere, as Caddy out of the box uses ACME to retrieve TLS certificates for your domain.

    Give it a try. Honestly Traefik is shit for a simple load balancer. It’s more suited for large enterprises and kubernetes services, but it also has numerous issues, such as basic auth performance issues, lack of headers customization as well as in overall somewhat difficult configuration. Caddy makes it straightforward & simple, which is perfect for simple users who love to self-host.



  • I get your point and I agree with you, but let me clarify what I was talking about.

    The idea is a very small office where people don’t focus on working with computer, but rather use computer to help certain tasks, process payments, save something to MS Excel and so on. Those people don’t really need laptops, so stationary devices are perfect.

    Just focus on what I wrote. I am the “admin” of such “small office”.

    Intel nuc is perfect solution for me, the performance is more than enough and small size factor really takes the cake. I am really sad that NUC goes away and hope that soon there would be alternative. ✌️




  • Myself I have dual boot. For the sake of simplicity - let’s say I have 2 drives:

    1. 512GB NVME SSD - for OSes.
    2. 2TB SATA SSD - for games.

    512gb ssd partitioned into 2 parts - 256 for Linux and 256 for Windows.

    2TB ssd without partitions, but a plain BTRFS with zstd compression storage.

    Guess what - There is WinBTRFS driver. I am also sharing the same Steam library (on 2TB ssd) between both OSes… 😅 Works like a charm. 👌👌👌



  • It depends. Kind of prefer Flatpaks as they are always working as expected on any distro, but some of them are giving me just too much struggle.

    For example, dealing with sandboxing, or especially VSS code app. Yes, there are instructions, but then I install Golang SDK via Flatpaks the hard way (using CLI) for Go development, then having a nightmare trying to setup everything in vss code. Then how tf should I access go binary within my host terminal?

    On Arch Linux I just tend to install from official repos, while the rest of apps - from Flatpaks.

    Personally I don’t like the way they are sandboxed, bit as long as it works I am fine.


  • zikk_transport2@lemmy.worldtoLinux@lemmy.mlGood printers?
    link
    fedilink
    arrow-up
    12
    ·
    edit-2
    1 year ago

    HP

    You fucking what? 😂😂😂😂😂

    Seriously, there might be a debate of what printer company is better, but there is no debate which one is worst. It’s HP. 😅 They are so bad that they have no competitors of the worst fucking printer company. xD

    Myself I got Brother printer. Works like a charm, no bullshits. People on Reddit also highly recommend this brand too. Totally agree.


  • In the company I work, we have to use jumpbox + “password” from proprietary code generator.

    Imagine going through this, then you suddenly need 2nd terminal. Inconvenience doing it again in another terminal?

    Well, there is a solution:

    1. tmux
    2. CTRL+B then ". And now you have 2 terminals.

    Also tmux is great for “quick solution” kind of things - to leave something running in the background. Talking about background - you can have many terminals open, from only 1 SSH session. :)