Oh lol, I thought I recognized the username. Nice work on OpenRGB! I used it for a couple years, but now my desktop has since been converted into a server chassis, so I've killed off all of the lighting.
Still runs great on my girlfriend's desktop though!
And even then, a properly configured SSHD instance wouldn't really benefit from a firewall, unless you wanted to block all countries besides your own or something.
Every computer has a bunch of ports (1-65535 if I recall correctly), each of which is a unique entity to which a single service can bind. In layman's terms, a port is a door that one service is able to answer when someone knocks. By convention, some ports have a specific associated service (80 = HTTP, 443 = HTTPS, 22 = SSH), but there are a lot that you can just use as you deem appropriate.
If you want a service (e.g. a web server) to be accessible, you have to run a service that binds to a known port (e.g. 80), and a client has to reach out to your server on that same port. A firewall sits between your service(s) and any potential clients, much like those steel security screen doors. If that's closed, nobody gets through on that port, even if a service is bound to that port and is listening for a connection.
As a general rule of thumb, you want your firewall to block as much traffic as possible without breaking something (I.e. blocking one of your public-facing services). If you don't run any services on your computer (web services, media servers, etc.), you can probably get away with blocking all inbound traffic. without any discernable impact.
As I understand it, the social credit score was never actually put into place. It was mentioned once as an idea, and people took that as a commitment to implement it.
It's always fun to see how people respond when they discover that some users on this site don't automatically conform to the community-mandated opinions.
Oh man, this guy doesn't want to crucify Elon like the rest of us. Let's dig through his profile like a teenage girl trying to learn about her high school crush.
It's expensive because of the concentration of wealth, not the quality of the area. There's a ton of crime, homelessness, car break ins, etc.
People often leave their car doors unlocked or their windows down to prevent their windows from being broken, but instead they find random people sleeping in their cars.
On the plus side, the weather there is quite nice.
I'm actually almost completely unfamiliar with Nginx, short of a few hours of tinkering. NginxProxyManager is a direct competitor to Caddy, with a graphical interface, SSL cert creation and auto-renew, etc. I'm not going to say to switch from Caddy, since there's probably no major benefit, but it's much nicer than trying to figure out Nginx reverse proxies by hand.
I think the problem is that normal consumers wouldn't ever buy a tape drive, so the only options still being produced are enterprise grade. The tapes are still pretty cheap, but the drives are absurd.
I'm going to cast another vote for a reverse proxy, such as NginxProxyManager. It's really easy to set everything up, and they're usually very easy to run in Docker/Podman.
One thing to note: if you end up with a domain with mandatory HSTS, you'll have to use DNS-based certificate generation rather than HTTP based, since unencrypted HTTP is blocked (chicken/egg problem to get HTTPS working). It's not hard, but you have to be aware of that limitation.
Oh lol, I thought I recognized the username. Nice work on OpenRGB! I used it for a couple years, but now my desktop has since been converted into a server chassis, so I've killed off all of the lighting.
Still runs great on my girlfriend's desktop though!