I don't have traditional TV service so I'm unfamiliar with what "shit" Google is pushing through the TV app. However, if it's what I suspect (ads), a possible option would be using a local DNS server (like pi-hole or Unbound) to block Google domains on your TV.

VERB THE NOUN

I've been using Lynx Launcher for a couple of months after being ultimately unsatisfied with the FOSS options I tried. I like how it's different from a stock home screen but not too different.

Here's a screenshot of what my main screen looks like, to give an idea.

I'd rather not open ports I don't have to. I don't see why I'd have to open a port when Unbound works on my local network and I have access to my local network via Wireguard. I can access a whole slew of services through that one Wireguard port, why wouldn't Unbound work?

Thanks anyway for trying to help, bud.

I could do that, but I want to avoid opening ports on my router's firewall apart from the one necessary for Wireguard. I can access all my other stuff through Wireguard, but I can't wrap my head around why it seemingly can't access Unbound on the local host.

The reason for the VPN is to have access to my Unbound DNS on my phone from anywhere, not only my local network. If I just wanted to configure the DNS on my local network, I'd set up static IP for my network in Android's settings and input the DNS server manually. This works fine when I set it up, but like I said I want to use Unbound on my phone anywhere via Wireguard.

I'm not sure what's the second thing you want me to clarify! Sorry for the confusion, I appreciate you trying to help out :)

Android doesn't let me add an IP address under private DNS, it needs to be a domain (like dns.quad9.net rather than 9.9.9.9).

I tried adding a quick DuckDNS domain to my reverse proxy towards port 53, where Unbound is listening. It works, as in I can nslookup using the DuckDNS domain on my desktop (or on my phone when not connected to Wireguard) but if I try to set that domain as my private DNS on Android it says it can't connect, whether or not I'm on my VPN.

I tried this, as well as manually editing the DNS servers on the client side, but whether I use my host's private local IP or my host's docker interface IP it doesn't seem to work.

I think you misunderstood part of my post, because there's only one VPN tunnel, from the WG client on my phone to the WG server on my laptop.

I want my phone to use the Unbound DNS server, which is hosted locally on the same laptop that runs my Wireguard server.

EDIT: Note, I don't want to setup the DNS router-side via DCHP because I want to use Unbound to block a bunch of stuff that my roommates use, like Facebook.

When connected through wireguard can you access anything on the local network?

Everything works as expected with Wireguard otherwise, I can ssh into my server or my desktop, and access the other things hosted on my server (although these are all through Docker, which is why I suspect container isolation to be an issue).

Does this issue also happen when you're on another network and vpning back?

Yup, same issues whether I'm on the local network, the WiFi at work, or on LTE.

It uses the MIT license!

I haven't used it yet, but I want to start keeping better track of my finances and one I've seen recommended a lot and plan to try out for February is Actual Budget.

And people wonder why the average person isn’t embracing the fediverse

I find being able to choose my instance based on their moderation and federation policies much less obtuse than the black-box algorithms and shadow-banning of the mainstream corporate platforms.

IMO, the average person not embracing the fediverse has much less to do with any flaws in the fediverse (these do exist, don't get me wrong) and much more to do with inertia, the network effect, and just lack of knowledge or fucks to give about privacy and open platforms.

I read this, thought "that's gotta be something you can do in Termux", searched it, and sure enough; that's something you can do in Termux.

I can't speak for it as I've never used it (I don't have any spam call issues, fortunately) but SpamBlocker sounds like it would fit the bill. It's FOSS, available on F-Droid.

They do have online features that contact APIs, but they release a build without internet privileges if you so desire.

Let's Encrypt is run by a non-profit (Internet Security Research Group), they list their major sponsors and funders on their website.

According to their stats page, Let's Encrypt's certificates are used by around 500M domains.

More then a few made the mistake back than, too.

It's one of those ones that bother me too as a non-native speaker, they're such different words from each other when you learn them more from reading than oral exposure. The they're/their/there trio is another one where I can't fathom how people have issues distinguishing them.

Hey sorry for the late reply, I just wanted to say I really appreciate your perspective here! It's definitely made me simmer down a bit instead of jumping in head first. I'll try it out for myself and a few friends first before trying to recruit everyone I know :P

Part of why I want to do this is that I do want to learn more about all the stuff you mentioned (except Kubernetes, gosh everytime I look up documentation for it I drown in a swarm of terminology).

As who very much doesn't work in IT, computer stuff is a fun hobby for me. I can see how assuming the responsibilities for hosting an instance could make it less fun and more work, though.

None of my selfhosted stuff is available to the public internet, I run everything through Wireguard. However I do know how to get SSL certificates from Let's Encrypt because of previous messing around.

Backups is definitely something that I'm lazy about with my selfhosting that I'd need to address for a public service. I currently just manually copy over the few essential files I have to my server, my desktop and my phone. If I commit to hosting stuff for others, proper backups are definitely at the top of the priority list.

Governance is something I've already thought a lot about, since these services would be aimed at a specific minority community.

Thanks for your comment! I'm currently messing about with Hugo to build a landing page to explain decentralized, federated servers and link to services I might host in the future. I really want to do this, I don't want to just accept that the common communication platforms are controlled by American fascists.