Dust0741 @ Dust0741 @lemmy.world

Posts

42

Comments

142

Joined

2 yr. ago

I have gluetun+socks5 containea running, then in an app, I put in localip:port into a proxy field. Then that app will use that connection for internet. Browsers on desktop also support proxies. So if you want a specific browser to always use the VPN, this is a very simple way to do that.

https://source.android.com/docs/security/features/private-space

Its not bad using the official wireguard app. Its definitely noticable. On the android battery screen it'll show around 5% after a full day of use and it on always

For an external VPN like mullvad, I run my own proxy. Again it's only available from my VPN or inside my network.

It uses socks5 and gluetun docket containers and in apps that support proxies, I can add my proxy to it and it'll route that traffic through the paid VPN.

Or, a work profile (see shelter) or androids new private spaces. If you have private spaces, it uses a seperate network. So if you have a VPN installed outside the private space, it won't work on apps inside the space. So, what you could do is have a paid VPN inside private spaces, and use it and a web browser or whatever there, and use your server's VPN outside the private space.

Lmk if you want any of my docker composes

I keep it running always. Partly to access stuff at home, and party to get the ad-blocking from pihole.

Do not expose stuff unless you fully understand the security risks

Correct. But also public access should be considered advanced

awesome! i got the same one. still waiting to buy drives, as 2x 16tb drives is a tad expensive. soon ill swap my old $40 to my fancy new one. im using plain ol debian with docker. barebones but simple and secure. youll have to update us on using OMV

I have setup the same thing as a temp measure, but i believe that something like Authelia or Keycloak should replace and be better than Cloudflare's email OTP.

thank you so much. everything is back.

i have docker containers using that folder. could that be it?

should I use -fl

uh....didn't work

    
skynet@skynet:~$ sudo umount -f /home/skynet
umount: /home/skynet: target is busy.

  

umount: /home/skynet: target is busy.

running mount prints a lot, but at the bottom it has: shady@192.168.50.16:/home/shady/skynet on /home/skynet type fuse.sshfs (rw,nosuid,nodev,relatime,user_id=0,group_id=0,default_permissions,allow_other)

some sources online say that rebooting will revert it....do I risk it?

True. I would like to add another authentication.

I guess my question is how trustworthy is built-in authentication? I'm not really talking about vulnerabilities, but that's a part of this, but how much trust can I put into a small projects login page being secure?

USB C to AUX adapters work for me.

Having a secure and up to date device should likely be more important

Yes. Many security updates come from upstream AOSP and then are put into GOS.

So when a device has stopped getting AOSP updates, it is unreasonable for GOS to continue support it. They can and I believe they have applied more critical security patches to just barely EOL devices, but this isn't promised or expected.

https://endoflife.date/pixel This is for googles support. GOS may support a specific device a little longer than google but does not promise to and recomends getting a newer device.

Pixel 8a looks real good right now.

Oh yea I forgot about matrix. Maybe setting up a bridge would work. Thanks for the reminder I'll look into this