Probably all of them. Germany is really not ideal for solar in terms of weather, yet they are installed by many people all over the place, even today. With the cheaper prices things will get even better.

Germany is already over 50% renewable. :)

https://www.destatis.de/EN/Themes/Economic-Sectors-Enterprises/Energy/Production/Tables/gross-electricity-production.html

I mean more money would solve the IP issue.

Step 1: Get more money Step 2: Buy additional dedicated IPs for the casino Step 3: Profit from the profits of a casino.

You could preemptively write the policy if you know the context and policies you want to apply. I just don’t think it’s worth the time when you can generate a policy with two commands.

Fair. But audit2allow makes it really easy to add support for apps without policies. For custom in-house apps I use this to spit out some nice policies that can be rolled out.

I get it. It does have a learning curve. This being said, I would argue that without selinux Linux can’t really be meaningfully secure. It’s worth learning. Seljnux exits elsewhere too. I deploy Debian with selinux and it works well there as well.

I understand. But do you see what you wrote could be seen as toxic? Intent is nice, but what and how you write really determines the tone of a community.

No need to be toxic here. You don’t need put people down. We’re all learning here together. Hey. We all are all learning more about how reverse proxies and forwarded headers work together right now, including you.

We should aim to be an open welcoming community.

You want to set the appropriate X-Forwarded-For or Forwarded headers in Nginx. The final application server being proxied (if well written) should be able to handle that.

Documentation can be found here. https://www.nginx.com/resources/wiki/start/topics/examples/forwarded/

Contrary to that other comment reverse proxies with actual IPs forwarded through them via the appropriate headers are normal and used commonly. Almost 100% so at scale.

Don’t let the wannabe elitists get you down. I personally would not host my production email server at home but self hosting is a learning journey. If you learn how email serves work along with reverse proxies you got it! That’s a win. Hack away.

I use route53 APIs and just directly update the AAAA and A records. Set a low TTL and you don’t really have to worry about any middle men services.

All you need is a simple script.

As for “years away” I agree. As my first post said people should wait till you can use bcachefs in the stable distros. Debian isn’t getting kernel 6.7 any time soon 😆. So years away is right in any case.

I think bcachefs addresses the reason why people don’t use SMR HDDs. (Aka changes resulting in cascading writes)

You could have a data pool with the following tiers.

Tier 1: SSDs

Tier 2: HDDs

Tier 3: SMR HDDs

With bcachefs you would only ever write to your tier 1 storage. In the background, as able, bcachefs would offload the data from the faster lower tiers to the slower higher tiers based on frequency of data access.

You would only ever read from the SMR HDDs and would never write to them. They act as a sort of async backing to your data.

Personally I would love a data pool with a few SSDs, backed by a few HDDs, backed by many SMR HDDs. You would save so much money just with good architecting.

Bcachefs should be a ZFS killer. All the features of ZFS with storage tiers being a superior version of ZFS’s L2arc with none of the DKIM kernel license incompatibility nonsense.

I haven’t used it yet personally, but I would bet as soon as Debian/Ubuntu LTS/CentOS/openSuse/other stable Linux distros get kernels new enough to it will be not just a btrfs killer, but a ZFS killer too.

The tiered write and read layers and SMR support put ZFS caching to shame.

Strong recommend for Forgejo. It’s a community fork of gitea that’s actively maintained by the community and a great open source nonprofit.

It’s actually a drop in replacement for gitea if you are using that now.

Super lightweight. Super snappy, and it supports GitHub Actions style CI/CD.

I am not an expert but I suspect this isn’t realistically doable.

1. Google sells you a serialized pixel 5a with a google controlled root of trust.
2. You log into the phone with your account.
3. Google adds a database entry to your account with the serial/root of trust info.

I don’t really see a way to beat this except maybe buying a “still in box” unopened pixel 5a that has never been registered to anyone before and setting it up.

This assumes the program is still open. Google may have time boxed it such that you must have registered before the announcement or whatever.

All this being said be careful. Don’t get you account banned. You can’t appeal if google thinks you are doing something shady they don’t like.

Lastly I have to say this. I may be worth escaping the google ecosystem. Why let a company control so much of your life? Not related to this community, but an important point.

I encourage homelabers to set up email servers and to play with them. Doing all of that will help a lot and you will learn a lot for sure.

It’s mostly the bureaucratic stuff that’s the killer here I think. Without putting in an effort to do the constant spam list appeals you can never be confident that your email makes it into people’s inboxes. Sure you could test with Gmail, but you can’t test for all of the smaller email hosting providers that mostly use a combination of spam assassin and spam lists.

Without confidence I don’t think it would be wise to use email in “production”. If you only use email to receive notifications it might make sense to self host. But if you need to reliably, timely, and confidently send out messages the downsides of self hosting are rough.

I hate to say this but even for dedicated self hosters it’s almost never worth it to self host email, either at home or hosted on some rented server or via some IP tunnels.

The reason being is that even after you set up DKIM and SPF and DMARC perfectly you will still need to fight to keep your IPs off of spam lists.

It’s somewhat doable but at the cost of:

1. Your email being unreliable and not making it to the destination inbox, AND you not knowing if it went to spam or the inbox.
2. You will need to dedicate a few hours a week to appeal and scan spam lists for your IP.

If anyone in the /16 that your IP lives in sends spam you get re added to the list.

Self hosting email is almost never worth it. I self host everything except for email and maps. Those two just are not worth it.

I feel like he’s telling on himself. I think for most people having a sense of empathy is the default, and learning how and when (if ever) to ignore that feeling is the hard part.

It’s rough in some spots but doable. If you are looking for search replacement I found that paying for Kagi was the only way to go. Unlike DuckDuckGo and Bing it does not suck. I’m convinced the reason is because they don’t try to sell you ads.

True but we don’t know what google does to accounts that are bulk download videos from their platform for offline viewing. It’s definitely against the terms of service.

I would say air on the side of caution. I don’t use any google services outside of YouTube so me getting my account banned would cost me nothing. I personally wouldn’t be hurt at all if my account was banned.

If you live in google world and suddenly and irrevocably losing all your google accounts/access/data would be painful you should go with a VPN. Google is a private company where you have no rights to appeal.

Lastly if you do live in google world you should consider getting out. Don’t let mega companies run your life by fear nor allure.

Edit: Don’t use free VPNs. If you are not paying you are the product.

When using Joplin using the built in sync features is the way to go. Trying to sync files manually or via something like syncthing will just result in pain. My family and I have personal and shared notebooks all synced via my self hosted Joplin sync service and it works swimmingly. Before I set that up I used OneDrive and that worked too, although a bit slower.

If people are wondering why Joplin has such weird back end files it’s because Joplin keeps note history. Convenient, but makes for a messy file backend if you peak behind the curtains.