Yep, hence my comment…

You should see the fear on people’s faces when I suggest they restore a backup - esp. on Production.

My advice (to combat their fear) is to take an offline backup that has some kind of checksum and then immediately restore it.

That gets them past the initial fear and then we progress onto other backup strategies… if needed.

To be fair, they seem to have tied-in the lower brickwork, so when you slam the door the whole front wall shouldn’t fall out.

But, maybe there’s loft space in that garage studio apartment that they could sub-let and recoup some costs

Backups… fine

When’s the World “test you can restore” day?

Ok, didn’t think about “unlimited” actually being slower - thanks for the insight.

I’m running a pfSense f/w at the edge, so split horizon DNS and haproxy are already sorted… I’ll check out wireguard - should be straight forward

Thanks

I’m considering going this route - just to hide my (static) home IP.

What’s the rough sizing I’d need for a VPS? I’m guessing the smallest possible, but with the best / unlimited data usage?

🤯 I can generally follow the gist of that, but, wow, how the hell do these people work this stuff out

Why not… or try another brick in the wall

Ah, yeah, you’ve just reminded me, I must move my stuff off proxmox when I get a chance.

I tried that proxmox backup thing when I first set it up, good god what a complex mess… backup & recovery needs to be as simple and as smooth as possible.

Pretty much everytime I try to do fancy stuff with the bootloader I get pretty close to nuking systems. Worst was my 1st UEFI system where I was trying to get rEFInd to show multiple OS to boot from… eventually gave up and went back to the warm embrace of GRUB

Ah, have you found the land of IoT? Bricks everywhere, you’d love it.

Ah yes, reminds me of messing with my 1st pfSense firewall… I learned how good their recovery process was that evening

Nah, if you’re installing something user friendly (ie Linux Mint just for an example) it’ll work 1st time, guaranteed - or your money back.

But… you’ll only really learn once you’ve fubar’d something… just like falling off riding a bike

Yep, it’s something that more people need to consider to keep their free (as in the source code is not a prisoner) software going

It looks like jellyfin costs ~$500/MONTH just for their hosting fees: https://opencollective.com/jellyfin

If everyone using jellyfin contributed $1/month, I bet that would be covered

(No, I’m not affiliated with them)

What’s the general thoughts on running a TOR node?

I think an exit node would probably get my (domestic) ISP asking some questions and / or my static IP getting blocklisted quickly

Yep, BOINC has regularly warmed my home office over many a winter… until I shutdown that machine.

Maybe I should try again…

The five vulnerabilities, none of which have been assigned CVSS ratings

I presume they’re all in the high 9’s then

At least patched systems will should block the driver now

Didn’t even know it was a thing, thanks for sharing

Harsh (to yourself), but fair

Without repeating my other comment. This approach saved my life many times

Until you block ICMP one day and then wonder why the server keeps rebooting…

(Been there. Done it)