I know this is really not a good reliability/security decision that I've made but I only separate out the boot partition and I have one big root partition. It's not gotten me into trouble yet because the ext4, xfs, and zfs filesystems are very mature and reliable. My production systems are just my own homelab stuff with nothing critical. The reason I do this is because I've never been good about guesstimating what my partition size needs are and inevitably I cause problems for myself later on down the line by underestimating. I thought that LVM was supposed to help make resizing partitions easy but I don't know enough about LVM since I've never really used it.
There are plenty of really well written articles out there for a simple google search. If you're looking for a good one in particular, there's blog.obtusenet.com which details how to build a secure email server with OpenBSD. However, your problem won't be with being able to receive mail but send it such that it won't go to others' junk email folders. Even if you take every precaution like DKIM, SPF, and DMARC, all it takes is some asshole using a server with an IP address on the same subnet and some email providers will just send everything being sent from the subnet to spam. It's just not worth it anymore to be your own email provider. This a point of contention with me because internet services are supposed to be decentralized and there is entirely too much power given to the two largest email providing entities, Microsoft and Google. But that's a different discussion altogether.
No, of course it is not specific to Hugo. Solid point on OpenVPN because I forgot it can use TCP. However, does OpenVPN's negotiation look like a TLS handshake from a browser to a client? Again, deep packet inspection is my enemy here.
How well does Nebula handle symmetric NAT? I've got a rather complicated problem in that I am currently using WireGuard tunnels to solve. I have a rented VPS in the cloud that is my WireGuard/reverse proxy server. I use a tunnel between it and my home network to carry traffic to/from the reverse proxy. The same tunnel allows me to access my home network. I have routing on my VPS to allow me to connect my laptop to it via a second a WireGuard tunnel. It works well but obviously has issues with scalability. My family has asked me to provide some services for them as my anti-public cloud philosophy has worn off on them. I warned them that if I provide the service it will be a best effort one with no guarantees and they said okay.
So I would also like to be able to help maintain their systems from my home. I am hoping to use Nebula to build an overlay network and connect all three of their locations. The nice thing about Nebula is the automeshing capability which makes it scale well.
My server in my home costs me a lot less than 30/month to operate. Since this is a hobby for me I don't assign a monetary value to the time I spend working on it. I built the server with second hand components that I got at a swap meet for less than 700 dollars. Now knock on wood things have been running smoothly and I do a lot with this server. It doesn't just power Lemmy and Mastodon, but it also does my Jellyfin and NAS. It's probably overspec'd for my needs but that means I can use it for a long while.
To be honest, the homelab for me is not completely a cost/benefit analysis. Sure, I'd save money if I calculated my time spent. But for me this is a hobby so I don't put a monetary value on my time spent. Everything I am doing is learning so I am actually getting value from it. The hardware I obtained second hand from a local swap meet. My utilities have gone up much less than the cost of renting a VPS.
I see maintenance as a part of the joy and learning of the hobby, much as a gardener enjoys the hard work of moving heavy bags of soil around. It's all very much up to the individual. Some hobbyists have a deeper passion for it than others and that is perfectly okay.
The only limiting factor is really that if I am, say, in a public place that bans SSH access or SFTP access. I am starting to see more of this as deep packet inspection becomes available to the masses now. I could be composing my blog post on my laptop but be unable to otherwise publish it if I am on such a network that combines deep packet inspection with locking down ports.
Are you honestly shocked? They're trying to get in while Threads is overwhelmed by new signups. Hopefully Meta will do the right thing and kick them off but they probably won't.
I don't see this as a "bug" of Lemmy but a feature. What if mods get heavy handed because they feel 'insulted' and ban somebody simply out of spite. This gives the ability of somebody to form their own community of the same name on a different server without stifling speech. I sincerely hope that this does not get 'fixed.'
This is why the decentralized approach is great. If mods get their heads too power swollen, one can form their own community and even on their own server if they wish. The approach lessens the potential for abuse.
Actually, I kind of like this aspect. I digress ... yes, there will just never be one !politics because this is the feature of the fediverse. The idea is that, should you get banned from a community for politely expressing even slight disagreement, there could be a community on a different instance for you to join or you could form your own . Sometimes mods can be heavy handed and the decentralized approach to Lemmy helps to lessen speech being stifled. Some people get some mod power and it goes to their head.
Unfortunately, no. Since the bird site started charging exorbitant amounts for access to its API, many of the smaller apps that used to work with it don't work anymore. You're honestly best staying off of twitter altogether. Don't give the Musk anything to monetize you.
There's no denying that life for the everyday Chinese citizen is fairly decent. I'm thinking of the unfortunate people in work and re-education camps. I'm no fan of authoritarianism of any kind.
Thank you for rescuing her. I'll bet she rescued you too. 😻