I host my own vpn from home, which keeps me behind my pihole(s) and able to access my private services without exposing them to WAN.
Also secures my mobile traffic from snooping/modifying while on public networks.
🇨🇦
I host my own vpn from home, which keeps me behind my pihole(s) and able to access my private services without exposing them to WAN.
Also secures my mobile traffic from snooping/modifying while on public networks.
Find a problem they are experiencing and introduce them to a solution they can self-host to fix it. Expand from there.
I began my self-hosting journey 7ish years ago with media piracy and a desire to watch/access my files wherever I was. Learned of Plex, then Emby, Reverse Proxies, Domains, SSL, and on and on…
Today I’m running 24+ docker containers and some miscellaneous stuff, across 3 systems; that’s always accessible via my domain/vpn.
what does not work:
- i can not ping server.local (- for testing i have to stop the systemd-resolved.service to run the dnsmasq server, or else there are port collisions, but that should not be the problem i guess. I am happy to hear your solution :))
- i can also not use ssh to log in to server.local, ip address works
Have you added “server.local” as a DNS record in your dnsmasq container, pointing to your servers LAN IP? Sounds like dnsmasq isn’t resolving that name, which would lead to both of these ‘failures’.
Oh damn, I hadn’t noticed. My setup is still functioning just fine.
There is an alternative though: Orbital-Sync
I haven’t actually used it, so I can’t say much about it; but I’ll probably look into replacing gravity-sync with that.
https://docs.pi-hole.net/guides/dns/cloudflared/
I use this to translate DNS to DoH, and use cloudflare, and quad9 upstream.
environment:
- TUNNEL_DNS_UPSTREAM=https://1.1.1.1/dns-query,https://1.0.0.1/dns-query,https://9.9.9.9/dns-query,https://149.112.112.9/dns-query
Haven’t really noticed any DNS based lag.
Why not both?
My primary DNS is pihole on a rpi dedicated to the task; but I run a second instance of pihole via my main docker stack for redundancy. Should one or the other be unavailable, there’s a second one to pick up the slack.
I just provide both DNS IPs to LAN clients via DHCP.
Gravity Sync is a great tool to keep both piholes settings/records/lists in sync.
Same, though I’m using acme.sh and DNS-01. (had to go look at the script that triggers it to remember, lol)
I check the log file my update script writes every few months just to be sure nothings screwy, but I’ve had 0 issues in 7 years of using LE now.
A paid cert isn’t worth it.
I can’t speak for OP; but I’m interested in exploring the entire toolbox, not just ‘the official family’/what the one set of developers make.
Even that’s an incomplete list though, for example:
https://docs.pi-hole.net/guides/dns/cloudflared/
I use pihole+cloudflared to translate all DNS requests on my LAN to DoH requests. Regular DNS isn’t permitted to leave my network. (port 53 outbound is blocked)
Can’t redirect/modify/monitor DoH requests like you can plain DNS.
If they are like me, they have probably already found ways to watch porn, monitor their crush’s computer, read their email, and get into their webcam.
I got into quite a bit of similar mischief as a (pre)teen; but I didn’t do any of it on equipment that I knew was monitored (at least, monitored and signed out to me…)
And again; I think that’s a bit of a separate issue. These devices shouldn’t be equipped with cameras, let alone have the camera monitored/accessible.
The actual activity happening on the device; running applications, what’s on screen/in storage, even it’s location (with informed notice of said tracking) sure. but there’s no need to monitor/access the camera regardless of how or where the device is used.
A simple piece of tape fixes this problem. (plus education to teach students why, ofc)
kids take these computers home
I feel like that is the bigger problem. These aren’t private/personal devices; students shouldn’t be treating them as personal devices. Especially knowing it’s a monitored device.
Properly educating students on the use of these devices is the solution. Not telling schools to turn a blind eye to the use of their own equipment.
Yeah, when i was in school; there were no devices issued to students. We had ‘computer labs’. Ie; a room full of computers for student use. There was always one computer for the teachers to use that had a remote-desktop interface monitoring every screen in the room live. They could always see what you were doing, lockout your keyboard/mouse, blank your display.
This really doesn’t seem any different.
I could understand outrage if students were require to install this on their own hardware; but school issued devices are under the schools monitoring and control. Always have been.
And for a much much smaller paycheck.
All corporate gives af about.
But still far to much of a hassle for the general public. Hell, half the people I know refuse to figure out a regular e-transfer/cash app. There’s no way they’ll even consider bitcoin; or really any other currency.
They can revoke Starlinks license to operate within the country; then issue arrest warrants for its operators.
The US has an extradition treaty with Brazil.
deleted by creator
Supposedly Starlink is maintaining service for existing accounts, even if they can’t bill them ATM.
Somehow I don’t think that’ll last all that long.
Yes, birth rates are falling because nobody has time to fuck. That’s definitely the problem…