This is 100% the way to go. I spun up a new server for a public-facing site on my VPS and I wondered if I really needed fail2ban. Within ten minutes of setting it up it had already blocked four people.

Don’t open port 22 if you can help it. Use it on your local network and VPN in if you need to use it offsite.

I had to delete the directory and make sure the file existed and was named what it should be named, but then it worked. But yeah, should be a file.

Not sure if you can see this since beehaw defederated us, but just add/edit the following in your settings.yml file in the searxng folder. The following redirects only reddit & twitter:

enabled_plugins:
   - 'Hostname replace'

hostname_replace:
#   '(.*\.)?youtube\.com$': 'invidious.example.com'
#   '(.*\.)?youtu\.be$': 'invidious.example.com'
#   '(.*\.)?youtube-noocookie\.com$': 'yotter.example.com'
   '(.*\.)?reddit\.com$': 'teddit.net'
   '(.*\.)?redd\.it$': 'teddit.net'
   '(www\.)?twitter\.com$': 'nitter.net'
#   # to remove matching host names from result list, set value to false
#   'spam\.example\.com': false
   '(.*\.)?pinterest\.com': false
   '(.*\.)?instagram\.com': false

It would have to be a domain you actually own

Here’s a script to do it with several different DNS providers: https://github.com/acmesh-official/acme.sh I personally set the renew as a weekly cronjob and never have to think about it.

I use a reverse proxy so I can just use a hostname and not need a port. I run Jellyfin that way no problem, function-wise.

Additionally, not having a domain won’t necessarily protect you since you do have people out there scanning for ports and when they see 8096, they’re going to immediately know it’s a Jellyfin/Emby server and any vulnerabilities associated with those. If you use a reverse proxy, they only see 443 which is…pretty much every other site on the internet. That’s security through obscurity, I know, but it will help mitigate some of the easier attacks.

I’ll say that everything I have to have a port open for (mostly game servers) gets targeted by the internet at large despite the fact that I’ve published the address and port absolutely nowhere online and only shared it with close friends. I almost never get anyone trying to log in to my other services.

I have almost this exact setup (paperless-ngx on a LUKS encrypted drive, but mine is running on a VM in Proxmox) and I feel pretty good about the security. That being said, I only have it running on my home network and use a WireGuard VPN if I need to access it remotely. I can’t say I would feel as comfortable if I just had it open to the internet. Like, it’s probably ok, but then you’re relying on Paperless being your first and last line of defense.

Ghost is self-hostable, easy-to-use, and looks beautiful. (Good) themes are usually a one-time payment, and they definitely have photoblog ones.

I use both Ghost and Wordpress for my sites and, while it’s not as infinitely customizable as Wordpress, Ghost is also not as needlessly complex, vulnerable, or time-intensive.

I found I was using Wallabag as a bookmark manager so I installed Linkding and use it constantly, now. Different strokes, I guess.

Oh totally. It wasn’t a knock at the software at all. In fact. I’m surprised by how well this works as a drop-in replacement for Reddit for me and both Lemmy and Kbin are solid.

The reason I asked was that, with my single-user Mastodon instance, likes/boosts and comments are nearly always incomplete on my server just because of the way federation works. I was just wondering if that was something smaller instances had to deal with in perpetuity or if it was just a one-off issue that happened at the start.

The OP commented below saying that comments appeared to be loading instantaneously after that initial hiccup.

haha better than the 12GB and rising of my single-user Mastodon instance. And this is with deleting my media cache every night.

Do the comments ever load reliably? For me that would be a dealbreaker…

How is your RAM/storage usage? I’m interested in setting up my own instance (no communities, just a username that will always be here) but don’t want to upgrade my VPS again. I already had to do that spinning up a Mastodon server.

SearXNG has come a long way. I self-host, and I consistently get more reliable results than when I use Google, and you can set it to replace something like twitter.com with nitter.net or reddit.com with teddit.net, so you can still visit those sites automatically on mobile (not sure, but that might be a self-host only thing).

Going to chime in and agree with others that it’s just that the servers are lagging at the moment (especially the main Lemmy instance). Several, for me, said “subscribe pending” initially yesterday, but I logged on this morning and found that I was subscribed.

My wife and son loved Wobbly Life. I’ve seen it described as GTA for people who aren’t old enough to play GTA. The couch co-op is solid and they only ever played with controllers.

I opened this thread to see if anyone recommended Valheim, because what you said is exactly what my group does. We’re all dads with jobs and we play when we can, but we schedule 2-3 hour video call sessions to fight the bosses.

When it comes to Valheim, you need the help, too. Those bosses can be brutal.

Dwarf Fortress has consumed far too many hours as of late. It is wonderful without the actively hostile UI.

Despite the tankie stuff I prefer the interface of Lemmy, though I have accounts on both. Love that they federate. Things are happening.