If your reverse proxy only acknowledges jellyfin exists if the hostname is correct, you won’t get discovered by an IP scanner.

Mine’s on jellyfin.[domain].com and you get a completely different page if you hit it by IP address.

If it does get found, there’s also a fail2ban to rate-limit someone brute-forcing a login.

I’ve always exposed my home IP to the internet. Haven’t had an issue in the last 15 years. I’m running about 10 public-facing services including NTP and SMTP.

Firefox has a fingerprint resistance setting that sets the clock to UTC. It messes up a lot of sites. There’s 10 million people in my timezone so I just leave it.

The second best option is LineageOS, so purchasing a Pixel is still hedging that bet.

I would say it prevents the downloading and execution of such a script. DNS adblock would probably help too.

I had a hisense TV and I once blocked all of the VIDAA domains in DNS and did a factory reset. The UI didn’t pull in all the crap that it puts on the homescreen.

I should probably try it long-term and see if it’s usable for everything else.

Done! I’ve been selfhosting for over 20 years now.

My Chromecast will ignore my network DNS and use 8.8.8.8.

Google’s services will also ignore the system CA certs and use their own, so it’s really difficult to inspect what it’s transmitting.

My current server is just my previous desktop PC hardware. $0 when you repurpose while upgrading your desktop.

It’s the “Plex Remote Watch Pass”. A new charge for something that used to be free. https://www.plex.tv/plans/

They won’t even get to the login screen.

All my relatives seem to have Hisense VIDAA TVs. There’s a plex app on the store. Jellyfin would require an external device like a Chromecast or HTPC to use it.

But now telling then it’s $3/month to watch my pirated movies? No bueno.

And on topic, I develop a commercial app and there is no way I am dropping a rating or review on it.

I have a job, and the office is 35km away. I get a locker in my office.

I have two backup drives, and every month or so, I will rotate them by taking one into the office and bringing the other home. I do this immediately after running a backup.

The drives are LUKS encrypted btrfs. Btrfs allows snapshots and compression. LUKS enables me to securely password protect the drive. My backup job is just a btrfs snapshot followed by an rsync command.

I don’t trust cloud backups. There was an event at work where Google Cloud accidentally deleted an entire company just as I was about to start a project there.

I have ONE password written down on paper, laminated, and hidden in a spot where only the wife and I know. Can you guess what it’s for?

Almost all of selfhosting is editing config files, setting permissions and starting/stopping services.

Setting it up so you can administer a server by desktop is probably as hard as learning how to edit config files from a terminal. Maybe harder.

It’s “com.android.calculator2” which suggests it’s the AOSP calculator or a close fork of it.

I have no issues with it. It calculates. That’s all I need it to do.

That, and “public safety”.

I’ve got 3 subnets on an L2 switch. You will have clashes over DHCP if you have both broadcasting on the same L2 switch without VLANs.

My guest wifi is on a vlan, but the switch is L2 and it’s fine. The router has separate physical ports for each subnet. The “guest” subnet is only accessible over Wifi, and the access points are configured so that the guest VLAN is mapped to a separate SSID.

My third subnet has no VLAN. It’s IPv6-only and all devices have a static IP address. It’s only used for security cameras. I did this so they don’t transmit on the same physical cables as my primary subnet. It is otherwise insecure, as I can join the subnet by simply assigning myself a static address in the same range.

Note: There is a bug in Windows where it will join an IPv6 subnet on a different VLAN. I had to tweak my DHCPv6 / radvd so that Windows would ignore it. Yes, Windows is this dumb.

I think the August 2001 backup is a good restore point.

2024 Suzuki Swift.

You even need to dial in the date and time manually because there’s no GPS either.

https://www.manualslib.com/manual/3476295/Suzuki-Swift-2024.html?page=548#manual

I didn’t tell ChatGPT who I am. I have a separate email address for it and everything.

Just keep in back of mind how everything is being linked and profiled behind the scenes. Without anything else, all they have to link you to other things is an IP address and an email. IP addresses aren’t terribly reliable these days. There may be supercookie/fingerprinting mischief going on though.

Even if a relative has shared their DNA, it can be used to make some fairly safe assumptions about yours.

My car’s computer doesn’t transmit. It doesn’t log anything more than engine fault codes. That’s how I like it.