I keep thinking about doing something similar as I have an EV, solar, and batteries and Home Assistant to pull it all together but I just can't seem to make the maths work on sites like Octoprice. No matter how much I tweak things it always comes out more expensive than Intelligent Go.
I do at least have an automation setup to make the most of the 2 hours of free energy tomorrow. Better than nothing!
First one, on the 3DO. Small selection of exotics and sports cars, realistic (for the time) point-to-point road races with no music to obscure the engine noise, and an annoyingly/amusingly sarcastic rival racer that was obviously just one of the devs.
Each car had its own showcase video followed by a detailed specs sheet with a very enthusiastic voiceover explaining why you should be excited to drive this car. Even the courses had the voiceover treatment.
It truly was a love letter to cars and driving that has never been equalled, and is very telling that it's the only one to have had Road & Track branding. Every subsequent NFS game has been so in name only.
These are really cool, thank you. Added Spook and used it to clean up some broken entities.
- Sure but there's no reason to openly advertise that yours has open services behind it.
- Absolutely. There are countries that I'm never going to travel there so why would I need to allow access to my stuff from there? If you think it's nonsense then don't use it, but you do you and I'll do me.
- See point 3.
We all need to decide for ourselves what we're comfortable with and what we're not and then implement appropriate measures to suit. I'm not sure why you're arguing with me over how I setup my own services for my own use.
Yes and no? It's not quite as black and white as that though. Yes, they can technically decrypt anything that's been encrypted with a cert that they've issued. But they can't see through any additional encryption layers applied to that traffic (eg. encrypted password vault blobs) or see any traffic on your LAN that's not specifically passing through the tunnel to or from the outside.
Cloudflare is a massive CDN provider, trusted to do exactly this sort of thing with the private data of equally massive companies, and they're compliant with GDPR and other such regulations. Ultimately, the likelihood that they give the slightest jot about what passes through your tunnel as an individual user is minute, but whether you're comfortable with them handling your data is something only you can decide.
There's a decent question and answer about the same thing here: https://community.cloudflare.com/t/what-data-does-cloudflare-actually-see/28660
Admittedly I'm paranoid, but I'd be looking to:
- Isolate your personal data from any web facing servers as much as possible. I break my own rule here with Immich, but I also...
- Use a Cloudflare tunnel instead of opening ports on your router directly. This gets your IP address out of public record.
- Use Cloudflare's WAF features to limit ingress to trusted countries at a minimum.
- If you can get your head around it, lock things down more with features like Cloudflare device authentication.
- Especially if you don't do step 4: Integrate Crowdsec into your Nginx setup to block probes, known bot IPs, and common attack vectors.
All of the above is free, but past step 2 can be difficult to setup. The peace of mind once it is, however, is worth it to me.
Check out Grip: Combat Racing for a modern take on Rollcage. I haven't played it since early access, though, so I've no idea if it's any good.
Dolby Atmos at no extra cost, except the headset is 10 bucks more than the old version. Seems to me like Dolby Atmos support actually costs 10 bucks.
I do that a lot on my phone but keep forgetting it's a thing on desktop for some reason.
Better than using what? All I see is a bunch of stars.
It's quite normal as chip manufacturing improves and die sizes shrink. Smaller dies need less power and therefore run cooler, it's a win-win. It's also how the various slim models of consoles suddenly appear a few years after the regular version came out.
Presumably streamed via xcloud, which previously needed a separate app.
Nah that one attaches to the twisty rod thing that you get on normal blinds. I need something more like this but I can't find a non-Aliexpress version. Not that it matters cos I'd need 5 of them and that puts the idea out of my price range for the foreseeable future.
Normal to get a 50% discount for paying quickly and without appeal. Last I checked you couldn't pay with Nectar points, though.
Yeah that's normal in Britain for council and government fines (as opposed to often unenforceable private parking charges). The shitty part is that if you try to dispute it they don't put the timer on hold so you essentially play double or nothing on how strong you think your case is. Lose and you have to pay the full thing. Not bitter at all.
TIL they're called plantation blinds! The slats swivel open and closed as opposed to the entire thing raising and lowering but I assume that's what you meant. No external rod or handle, all of the slats are linked inside the frame somehow.
Edit: Actually knowing what they are has helped my search massively. Looks like there's options on Aliexpress, albeit not particularly cheap. Thanks!
Any solution for controlling dumb shutters?
We have a bunch of shutters in our living room that don't have any kind of remote control, nor a rod to operate them - you just move any of the individual slats and the rest follow suit.
Is there anything out there that could make these smart? I'm really struggling to find the right terms to search for.
Update: Turns out they are plantation blinds which has helped me to find the sort of thing I'm after. Cheers, Emperor!
Recommendations for running VMs on a headless server?
Quick overview of my setup: Synology NAS running a whole bunch of Docker containers and a couple of full blown VMs, and an N100 based mini PC running Ubuntu Server for those containers that benefit from hardware acceleration.
On the NAS I have a Linux Mint VM that I use for various desktoppy things, but performance via RDP or NoMachine and so on is just bad. I think it's ultimately due to the lack of acceleration, so I'd like to try running it from the mini PC instead but I'm struggling to find hypervisor options.
VirtualBox can be done headless, apparently, but the package installed via Apt wants to install X/Wayland and the entire desktop experience. LXC looks like it might be a viable option with its web frontend but it appears to be conflicting with Docker atm and won't run the setup.
Another option is to redo the machine with UnRaid or TrueNAS Scale but as they're designed to be full fledged NAS OSes I don't love that idea.
So what would you do? Does anyone have a similar setup with advice?
Thanks all!
Edit: Thanks for everyone's comments. I still can't get LXC to work, which is a shame because it has a nice web frontend, so I'll give KVM a go as my next option. Failing that I might well backup my Docker volumes, blat the whole thing and see what Proxmox can do.
Edit 2: Webtop looks to be exactly what I was looking for. Thanks again for everyone's help and suggestions.
Just how secure are the various reverse proxy options?
Specifically from the standpoint of protecting against common and not-so-common exploits.
I understand the concept of a reverse proxy and how works on the surface level, but do any of the common recommendations (npm, caddy, traefik) actually do anything worthwhile to protect against exploit probes and/or active attacks?
Npm has a "block common exploits" option but I can't find anything about what that actually does, caddy has a module to add crowdsec support which looks like it could be promising but I haven't wrapped my head around it yet, and traefik looks like a massive pain to get going in the first place!
Meanwhile Bunkerweb actually looks like it's been built with robust protections out of the box, but seems like it's just as complicated as traefik to setup, and DNS based Let's Encrypt requires a pro subscription so that's a no-go for me anyway.
Would love to hear people's thoughts on the matter and what you're doing to adequately secure your setup.
Edit: Thanks for all of your informative replies, everyone. I read them all and replied to as many as I could! In the end I've managed to get npm working with crowdsec, and once I get cloudflare to include the source IP with the requests I think I'll be happy enough with that solution.
What's the potential record they kept mentioning during yesterday's game?
Some sort of goals against streak, no more than 2 or possibly 3?Also unclear as to whether that's a franchise or NHL record?
Trying not to get too excited...
... Due to past performance post mid-season, but look at those standings! Even if Boston or New York catch up in points we'll still be on top.
Anyway, just sending some hockey love from a UK Jets fan.
How safe is self-hosting a public website behind Cloudflare?
I work in tech and am constantly finding solutions to problems, often on other people's tech blogs, that I think "I should write that down somewhere" and, well, I want to actually start doing that, but I don't want to pay someone else to host it.
I have a Synology NAS, a sweet domain name, and familiarity with both Docker and Cloudflare tunnels. Would I be opening myself up to a world of hurt if I hosted a publicly available website on my NAS using [insert simple blogging platform], in a Docker container and behind some sort of Cloudflare protection?
In theory that's enough levels of protection and isolation but I don't know enough about it to not be paranoid about everything getting popped and providing access to the wider NAS as a whole.
Update: Thanks for the replies, everyone, they've been really helpful and somewhat reassuring. I think I'm going to have a look at Github and Cloudflare's pages as my first port of call for my needs.
Request: Hide pinned posts
Hey there, my local instance has had two admin posts pinned for the last 6 months-ish and they show right at the top of my Subscribed, Local, and All views. I can't imagine they're going to get un-pinned any time soon, so it would be great to get a feature where we can hide them.
Thanks for the consideration!