clmbmb

yeah.. this is stupid!

Even if they do, I would run away from any service/app that would open to them. And so should everyone!

I haven't had battery usage issues with it for years! Just checked now and it's below 0.4% - it doesn't even show up in the main app list in the battery settings.

It's not slow as in slow to respond. it's slow when restarting... sometimes it takes 3-4 minutes until it's up and I don't have time for that ;-) Also, it's a good "reason" for me to learn traefik.

Thanks for the great explanation.

So, currently, as I said, I'm using nginx proxy manager and do this:

• reverse proxy to all my services inside the internal network on http: *arr stuff, rss reader, jellyfin and some other minor things. All of them use name.local.home notation. I'm using a local DNS for this, of course.
• reverse proxy to just two services externally on https under wildcard certificates - both are non-standard names and the names are not related to the services themselves. For both these services I use Authelia with 2FA, so even if an attacker guesses the subdomain name, they'll have to bypass that. As far as I can see in my logs, there are no attempts to breach my services. This is what I want to replicate and I'm planning on testing it.

On the other hand, You gave me a good idea about using *.lab.domain.com getting resolved by the local DNS and the main *.domain.com by my public DNS. I'll give this a try too in the near future. Another plan for me is to start using Authentik, as I saw it's a bit better than Authelia in some areas, even though it may be overkill for a little project - I'll have to see.

it’s probably not what you want

What do you mean?

If they're used to Windows, then KDE Plasma would be the better option IMO. If you feel it's too slow on an old laptop, then you can try Cinnamon or XFCE.

For docker, you have to create /etc/docker/daemon.json and set:

{
  "data-root": "/docker"
}

You can move your /var/lib/docker while the daemon is stopped. I had no issues when I did the move.

~~I don't know how to change this for podman.~~

LE: https://ahelpme.com/software/podman/change-the-location-of-container-storage-in-podman-with-selinux-enabled/

Like western paintings depicted Jesus as a white man with (sometimes) blond hair.

Slackware in 1998, installed from DOS with a series of diskettes. Then Debian, Red Hat Linux (not Enterprise!)... and so on.

No. That doesn't eliminate the need to use a phone number! It's just 'hidden'.

What are you, a communist giving bibles away for free?