• 0 Posts
  • 128 Comments
Joined 2 years ago
cake
Cake day: June 30th, 2023

help-circle
  • DNS and domains are just human-friendly IP addresses.

    You only have 1 public IP address.
    So, to access different services you need to use different ports.
    Or run a service on a single port in front of the other services that can understand the connections and forward the connections to the actual services - known as a reverse proxy. In the case of http/https, there are plenty of reverse proxies that can direct requests based on all sorts of parameters, subdomains being one of them.

    If you are just starting out, I’d recommend a docker compose stack and Nginx Proxy Manager.
    Learning containers & docker makes everything easier.
    NPM is a very easy to use reverse proxy with a nice GUI, so you don’t have to configure CertBot/ACME or learn the specific config language of Nginx.

    If you are unsure of domains and all that, you can try it out for free.
    Your computer has a hosts file (/etc/hosts on Linux, I think it’s in system32 on windows). This allows you to tell the computer “for the domain example.com use the IP 10.0.0.200” or whatever you want. You need a hosts file entry for each subdomain.
    What this means is that you can run up a docker compose stack on your computer and point a bunch of sub domains to 127.0.0.1, use self-signed certs, and play around with nginx proxy manager and docker.
    No money spent, no records published, no traffic leaving your computer.
    Zero risk.

    There are loads of tutorials out there on NPM and docker compose stacks. Probably some close to your specific requirements.





  • Just buy from the EU.

    Yes, but…
    The same could happen the the EU, as with any foreign power.
    It’s unlikely as the EU is fundamentally built differently. But it could, no doubt a country that wanted to push through their adjenda by exploiting loopholes that haven’t been discovered/exploited because of “decorum” could still happen.

    Buy source-provided.
    So, you get everything you need to maintain the platform with the purchase cost.
    If you want updates and improvements, they have additional cost.
    Like so many software licencing models. 1 year of updates - except it’s source provided.
    It’s more expensive, but you get what you pay for.
    Renew your licence every year for another year.
    Stop paying? You get to use the EJ69 fighter jet platform as it was in 2019 for as long as you can manufacture parts for it.

    Or you could buy the cloud-hosted fighter jets. And risk the off-switch. But it’s less upfront cost, higher long-term cost





  • accessed from the internet

    Accessed only by you and close family/friends who you are also hosting services for?
    Or accessed by anyone?

    “Accessed by anyone” carries more risk.

    “Accessed by users you host for”, the risks can be eliminated (well, other than risks from those users) by using a VPN. As in, only the people authorised to be on the VPN can access the services.
    Wireguard is the go-to these days.
    Tailscale is much easier and free for 3 users and 100 nodes.

    If it absolutely has to be “accessed by anyone” I would look into a “reverse proxy over VPN/tunnel” or just straight tunnel style approach like chisel (or crowbar, or corkscrew), rathole, frp, or cloudflare tunnels.

    Basically, don’t point a domain at your home public IP and don’t forward ports on your home router/firewall





  • Killing Donny wouldn’t change much, tho.
    America has shown it wants Donald or a Donald substitute.

    Project 2025 is now Americas playbook.

    Other countries changing military suppliers isn’t going to change back to america for 10-15 years (hell, maybe even longer, I dunno what the service life of a jet platform is).
    The risk that has surfaced of “America has an off switch” - even just the potential risk of rumors of an off switch - means all those military assets are useless when America elects unhinged leaders that are willing to subvert democratic process in order to run their playbook.
    And America has shown it is willing to do that. Even prefers to do that