If you're able to move and see a Dr you're doing better than most.
I was suicidal for other reasons and found my way out of the hole I dug myself in. I honestly hope you can too. It sounds like you're a passionate person and you can place that passion somewhere that does good for the world.
Honest question and I'm being 100% sincere. Did he genocide them last time he was elected? Can you send me more info on what he's planning to do this election?
Or is it mostly just enabling his voters to hate lgtb people?
I still use a reverse proxy, but to get into my network you need to be on VPN. It's more secure for me I guess.
I use traefik forward auth, even inside my network on VPN, for an extra layer of security for some apps.
My opinion is that port 443 getting accidentally misconfigured by me is just too likely a scenario. With wireguard on my router I also am able to restrict traffic to ONLY my webserver and DNS servers for my devices.
So I guess that's another positive of wireguard, you can use your own DNS servers for all your phones all the time and always have ad blocking with pihole or something similar, even on mobile.
By using VPN I don't have to worry about accidentally exposing a website with a copy paste error or something over my reverse proxy. I can also easily restrict who has access to my VPN and do routing rules from my router per device or subnet (for people who aren't in my family I have a separate subnet I assign with more strict firewall rules)
Just close 443 and use VPN with ACME DNS challenges for your certs. That'll help make it even more secure, nothing is fool proof though and a VPN is a good first step
Just had an example of this working for me. Parsec only publishes a .deb file, and the flatpak is out of date / unmaintained. They don't have Nvidia decoding anywhere but Ubuntu. But with distrobox / boxbuddy I can get a fully-featured parsec install that runs on a distrobox. Works perfectly, and even has an application in my host application menu. It's bad ass
Bazzite is awesome so far for me