Walking alone around the river bank, with a kitchen knife on my belt. I was “adventuring”.

I personally use my home lab to test and learn, and I try to mimic a corporate environment. I have multiple instances of DNS, proxy, etc and I have a “prod” and a separate “staging” k8s environment. I try as much as possible, without going nuts about it, to update and try new changes that might be breaking in the staging cluster.

Grew up in a very religious home, in a very religious country (orthodox christian). I don’t think I ever truly “believed”, but I didn’t want to upset my family, so I got married in church and baptized my kids. I am an atheist, and don’t practice any religion now.

I don’t think I’ve ever encountered what you say… I use WG it to access a network, not a device. I have a few dozen devices, physical and virtual, why should I set up wg on all of them? Tailscale, maybe, it’s a different story, but I prefer to “self host” and not rely on a 3rd party provider. Wireguard was relatively easy to set up too, a few years ago… and in the meantime, if I need to add a new client, it’s a two minute job.

Right, but I have wireguard on my opnsense. So when I want to reach https://jellyfin.example.com/ , if I am at home, it goes phone -> DNS -> proxy -> jellyfin (on the same network). If I am connected to the VPN, it goes from phone -> internet -> opnsense public ip -> wireguard subnet -> local subnet -> DNS -> proxy -> jellyfin. I see some unneeded extra steps here… Am I wrong?

Oh, I get that, but it just doesn’t make any sense to me to be physically next to the server, and connect to it via VPN…

My network is not publicly accessible. I can only access the internal services while connected to my VPN or when I’m physically at home. I connect to WG to use the local DNS (pihole) or to access the selfhosted stuff. I don’t need to be connected while I’m at home… In a way, I am always using the home DNS.

Maybe I’m misunderstanding what you’re saying…

I can stay connected, still works, but I don’t think I need the extra hoops.

I also have a different subnet for WG. Not sure I understand what you’re saying…

Same, wireguard with the 'WG Tunnel" app, which adds conditional Auto-Connect. If not on home wifi, connect to the tunnel.

I’ve been daily driving Hyprland for 4 years now. Before that it was DWM, and before that Gnome. I was never a KDE fan, don’t know why… I never disliked it, I just preferred Gnome.

Heck yeah :)

So, like… Sleep Token?

No joke though, this is incredible: https://youtu.be/JJpFTUP6fIo

In my day to day playlist I have mostly brutal metal and jazz, with some '90s British trip-hop, Romanian traditional music & hip hop fusion, a bit of manouche, 2000s alternative and '90s grunge here and there…

That’s when I work or work out.

The Diablo or Witcher OSTs are for when I read or do my taxes.

It was rather recent for me, a couple months ago. I have trouble sleeping in general, but during a really stressful period at work, I had no sleep for about 49h, then 2h of sleep, then no sleep again for about 17h. I was pretty messed up.

Take five, Brubeck.

Any tips on filtering? I mean, I still care about some important international political topics, I just don’t care much for trump, JD, musk etc. Also, Democrat and Republican might be present in other topics not about the US political system, right? Are there wildcards/regex/something else I could use? Some best practice guides?

OpenSudoku. With extra puzzles :)

60k stars for a free open source self hosted project? I’d say that’s a really healthy number. Jellyfin has 37k.

I did have backups, it was an easy fix. I had a pihole -up on a crontab for years, probably not the best idea :)

FW rule accept :53 from pihole only, deny :53 from all. I had some devices with hardcored DNS settings (8.8.8.8).

Pihole 6 broke my DNS (dnsmasq), and since I had a fw rule in opnsense to only use pihole’s DNS, and deny public DNS access, it was an early rise for me :)