There have been multiple accounts created with the sole purpose of posting advertisement posts or replies containing unsolicited advertising.

Accounts which solely post advertisements, or persistently post them may be terminated.

@TCB13@lemmy.world cover
@TCB13@lemmy.world avatar

TCB13

@[email protected]

This profile is from a federated server and may be incomplete. Browse more on the original instance.

TCB13 , (edited ) to linux in Wireguard self hosting - Some tricks I don't see mentioned in too many tutorials
@TCB13@lemmy.world avatar

Wireguard will definitely not work first try.

And… why not? OpenVPN is 10 times worse because of the mess they’ve made with push route and other options.

your clients should have AllowedIPs set to 0.0.0.0/0, ::/0 in their repecive configuration file. I found this pretty counterintuitive, b

Why would you? Those are the IPs that the client is able to access through the VPN tunnel and 0.0.0.0/0, ::/0 means all IP addresses, totally NOT counterintuitive.

You need to tell sysctl to forward IP traffic,

Yes, maybe… but not permanently at least. You can setup it on the server conf file via PostUp and PostDown:


<span style="color:#323232;">[Interface]
</span><span style="color:#323232;">PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
</span><span style="color:#323232;">PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
</span>

If required prepend sysctl -w net.ipv4.ip_forward=1; sysctl -w net.ipv6.conf.all.forwarding=1; to PostUp and remove with =0 on PostDown.

The downside of you described is that you’re enabling IP Forwarding permanently and even if the WG tunnel is down. This may pose a few security concern in some situations.

TCB13 , to linuxmemes in I'm writing this from a crappy laptop with 2GB of RAM and a dull screen.
@TCB13@lemmy.world avatar

The thing is that developers tend to keep things as simple as possible and overly optimize stuff, when you find bloatware is usually some manager that decided to have it.

TCB13 , to programmerhumor in Leaked yesterweb document
@TCB13@lemmy.world avatar

Capable developers touch whatever language is required to get a job done.

TCB13 , to programmerhumor in Leaked yesterweb document
@TCB13@lemmy.world avatar

There isn’t much of a difference between writing a theme for Guthemberg and the classic editor. In fact your current theme should work just fine in Guthemberg as it just adds the extra html for the built in blocks to your posts / pages. You aren’t required to create a block based theme and split everything into blocks, that’s kind of a myth around Guthemberg.

TCB13 , to programmerhumor in Leaked yesterweb document
@TCB13@lemmy.world avatar

That or you develop your theme with the features you need baked in. This is the irony of the Hugo people, they’re capable developers that can make themes but they can’t just create a simples Wordpress theme from the ground?

TCB13 , to programmerhumor in Leaked yesterweb document
@TCB13@lemmy.world avatar

Yeah, everyone with a decent amount of content will just pick Wordpress and move on. It works, it’s reliable, it’s well supported and will keep running for decades at least.

TCB13 , to linux in 7 Common Linux Myths You Should Stop Believing
@TCB13@lemmy.world avatar

I don’t, but a lot of people around here do… and get really offended when you point it out.

TCB13 , to linux in 7 Common Linux Myths You Should Stop Believing
@TCB13@lemmy.world avatar

Gimp can make memes

Yeah but if you’re a graphic designers and you’ve to share PSD files with others for your job then you’re going to have a very hard time with Gimp.

TCB13 , to linux in 7 Common Linux Myths You Should Stop Believing
@TCB13@lemmy.world avatar

One Common Linux Myth You Should Stop Believing: there’s a FOSS alternative to every single proprietary software out there that can be used as a replacement in all and every use case.

TCB13 , to linux in Your Experience with Linux, BSD etc
@TCB13@lemmy.world avatar

And is apt meant for “regular people”, hint: it isn’t.

TCB13 , (edited ) to linux in Your Experience with Linux, BSD etc
@TCB13@lemmy.world avatar

What’s this? A software app store? Swell! I no longer need to download stuff off from dodgy sites or numbingly installing everything manually!

In what year are you in? macOS and Windows both have App Stores. Windows has the built-in winget package manager, similar to apt that has open contributions on github and all the software in the world.

How was your experience with this Unix-like wonder? In a home user manner and/or a business use manner?

I use both Linux and Windows actively and macOS from time to time. Linux works really well it’s free and I love it and it is definitely great if your workflow is all browser-based and/or you don’t have to collaborate on a very specific industry with very proprietary tools as default that everyone expect to be used. If you’re in such industries and people expect to share complex MS Word, Excel, Adobe, Autodek etc. files then Linux isn’t for you, you’ll be in more compatibility pain than anyone should be in.

TCB13 , to linux in How easy is it to switch back to windows?
@TCB13@lemmy.world avatar

Again, I’m not saying Windows is good.

I’m saying your statement was an over exaggeration and yes Windows by default has too much crap but it can be disabled as documented.

Simply that.

TCB13 , to linux in How easy is it to switch back to windows?
@TCB13@lemmy.world avatar

I highly doubt it. Not saying that Windows is good, but my i7 8th gen with 16GB of RAM boots Windows 10 Enterprise (with the usual crap disabled) into the desktop faster than the time it takes to post. Info here and here. Frankly Debian with GNOME doesn’t boot much faster than Windows on that laptop.

TCB13 , (edited ) to selfhosted in Make my IPv6 selfhosted service available on IPv4 network.
@TCB13@lemmy.world avatar

Fair enough yeah. :)

The OP can solve that potential security issue with this option: nginx.org/en/docs/…/ngx_http_realip_module.html#s… on the local server nginx:


<span style="color:#323232;">http {
</span><span style="color:#323232;">(...)
</span><span style="color:#323232;">        real_ip_header    X-Real-IP;
</span><span style="color:#323232;">        set_real_ip_from  [2a03::aaaac::1]; # Replace with the VPS IPv6 address.
</span><span style="color:#323232;">}
</span>

This will make sure only the VPS is allowed to override the real IP.

TCB13 , (edited ) to selfhosted in Make my IPv6 selfhosted service available on IPv4 network.
@TCB13@lemmy.world avatar

how would the VPS know which traffic to pass and how.

Install nginx in your VPS and configure it as reverse proxy to your home IPv6:


<span style="color:#323232;">server {
</span><span style="color:#323232;">    listen 80; # listens only on IPv4 port 80
</span><span style="color:#323232;">    server_name example.com; # your domain name
</span><span style="color:#323232;">    location / {
</span><span style="color:#323232;">        proxy_pass http://[2a03:2880:f003:c07:face:b00c::2] # replace with your home server IPv6. Keep the brackets.
</span><span style="color:#323232;">        proxy_set_header Host $host;
</span><span style="color:#323232;">        proxy_set_header X-Real-IP $remote_addr;
</span><span style="color:#323232;">        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
</span><span style="color:#323232;">        proxy_redirect off;
</span><span style="color:#323232;">    }
</span><span style="color:#323232;">}
</span>

Point your A record to your VPS, and your AAAA to the home server.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • lifeLocal
  • goranko
  • All magazines
    •