There have been multiple accounts created with the sole purpose of posting advertisement posts or replies containing unsolicited advertising.

Accounts which solely post advertisements, or persistently post them may be terminated.

@TCB13@lemmy.world cover
@TCB13@lemmy.world avatar

TCB13

@[email protected]

This profile is from a federated server and may be incomplete. Browse more on the original instance.

TCB13 , to linux in Wine Staging 9.11 Released With A Patch For A 17 Year Old Bug Report
@TCB13@lemmy.world avatar

You know that ReactOS development has been speeding up lately don’t you? Either way it’s kinda of stuck in NT5 because they threw out the most competent people of the project.

However… it still runs a ton of stuff better than Wine :)

TCB13 , to linux in Wine Staging 9.11 Released With A Patch For A 17 Year Old Bug Report
@TCB13@lemmy.world avatar

Yeah, it seems impressive until you actually try to use it and find out that their “silver” is not even close to something you can work with.

Adobe products even when they say Silver you’ll get artifacts when moving objects, resizing the window sometimes ends up on a full screen black square and whatnot.

Office 2016 kind of works, poor rendering but works, the thing is that if I only needed Office 2016 features I would survive mostly fine with LibreOffice. I indeed need features from 2019 that wont run properly.

TCB13 , to linux in Wine Staging 9.11 Released With A Patch For A 17 Year Old Bug Report
@TCB13@lemmy.world avatar

Oh well…

One day ReactOS will be able to run those just fine while Wine will still not deliver anything usable.

https://lemmy.world/pictrs/image/16c7e2fc-accd-4198-86cf-d7616d4d0252.png

TCB13 , to selfhosted in How do I do a bare-metal install (Debian) without a monitor+keyboard?
@TCB13@lemmy.world avatar

github.com/philpagel/debian-headless

It is possible but I wouldn’t do it. Too much effort for too little result.

Just plug your main monitor / keyboard into the server, run the setup and don’t install a DE. Afterwards login, enable SSH, unplug the monitor and do whatever you need over SSH.

Let’s face it, you’ll have to do this procedure once every xyz years, there’s no point in complicating this stuff. Also depending on your motherboard you may or may not be able to boot into the installer without a screen / keyboard attached. Another option is to install the OS in another computer and the move the hard drive to the target server - this is all fine until you run into UEFI security or another detail and it doesn’t boot your OS.

TCB13 , to selfhosted in Nephele WebDAV Server now supports deduplicated file storage.
@TCB13@lemmy.world avatar

Actually you seem to have reinvented Syncthing’s versioning feature… or this.

Still great work.

TCB13 , to selfhosted in Alternatives to CloudFlare?
@TCB13@lemmy.world avatar

You aren’t wrong but the things you’re mentioned are always an issue, even if he was running the entire website on a VPS.

VPS happily tries to forward 1Gbits, fully saturating your home ISP line. Now you’re knocked offline.

Yeah, but at the same time any VPS provider worth it will have some kind os firewalling in place and block a DDoS like that one. People usually don’t ever notice this but big providers actually have those measures in place and do block DDoS attacks without their customers ever noticing. If they didn’t hackers would just overrun a few IPs and take all the bandwidth the provider has and take their all their customers down that way.

I’m not saying anyone should actually rely only on the VPS provider ability to block such things but it’s still there.

The OP should obviously take a good read at nftables rate limiting options and fail2ban. This should be implemented both at the VPS and his home server to help mitigate potential DDoS attacks.

Say someone abuses a remote code execution bug from the application you’re hosting in order to create a reverse shell to get into your system, this complex stack introduced doesn’t protect that.

It doesn’t and it was never supposed to mitigate that as the OP only asked for a way to reverse proxy / hide is real IP.

TCB13 , (edited ) to selfhosted in Alternatives to CloudFlare?
@TCB13@lemmy.world avatar

@foremanguy92_ ,

Step 1: get a cheap VPS, or even a free one (www.oracle.com/cloud/free/)

Step 2: If you’ve a static IP at home great, if you don’t get a dynamic DNS from freedns.afraid.org or www.duckdns.org

Step 3: Install nginx on the VPS and configure it as reverse proxy to your home address. Something like this:


<span style="color:#323232;">server {
</span><span style="color:#323232;">    listen 80;
</span><span style="color:#323232;">    server_name example.org; # your real domain name you want people to use to access your website
</span><span style="color:#323232;">    location / {
</span><span style="color:#323232;">        proxy_pass http://home-dynamic-dns.freeprovider... # replace with your home server IP or Dynamic DNS.
</span><span style="color:#323232;">        proxy_set_header Host $host;
</span><span style="color:#323232;">        proxy_set_header X-Real-IP $remote_addr;
</span><span style="color:#323232;">        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
</span><span style="color:#323232;">        proxy_redirect off;
</span><span style="color:#323232;">    }
</span><span style="color:#323232;">}
</span>

Step 4: Point your A record of example.org to your VPS.

Step 5: there’s a potential security issue with this option: nginx.org/en/docs/…/ngx_http_realip_module.html#s… and to get around this you can do the following on the home server nginx config:


<span style="color:#323232;">http {
</span><span style="color:#323232;">(...)
</span><span style="color:#323232;">        real_ip_header    X-Real-IP;
</span><span style="color:#323232;">        set_real_ip_from  x.x.x.x; # Replace with the VPS IP address.
</span><span style="color:#323232;">}
</span>

This will make sure only the VPS is allowed to override the real IP of the client.

Step 6: Once your setup works you may increase your security by using SSL / disabling plain HTTP setup letsencrypt in both servers to get valid SSL certificates for real domain and the dynamic DNS one.

Proceed to disable plain text / HTTP traffic. To do this simply remove the entire server { listen 80 section on both servers. You should replace them with server { listen 443 ssl; so it listens only for HTTPs traffic.

Step 7: set your home router to allow incoming traffic in port 443 and forward it into the home server;

Step 8: set the home server’s firewall to only accept traffic coming from outside the LAN subnet on port 443 and if it comes from the VPS IP. Drop everything else.

Another alternative to this it to setup a Wireguard tunnel between your home server and the VPS and have the reverse proxy send the traffic through that tunnel (change proxy_pass to the IP of the home server inside the tunnel like proxy_pass http://10.0.0.2). This has two advantages: 1) you don’t need to setup SSL at your home server as all the traffic will flow encrypted over the tunnel and 2) will not require to open a local port for incoming traffic on the home network… however it also has two drawbacks: you’ll need a better VPS because WG requires extra processing power and 2) your home server will have to keep the tunnel connected and working however it will fail. Frankly I wouldn’t bother to setup the tunnel as your home server will only accept traffic from the VPS IP so you won’t gain much there in terms of security.

TCB13 , to selfhosted in Fully Virtualized Gaming Server?
@TCB13@lemmy.world avatar

Most likely everything Steam + VAC or Denuvo. There’s a lot of discussion on that topic around the web.

TCB13 , to selfhosted in Fully Virtualized Gaming Server?
@TCB13@lemmy.world avatar

The technology has “been there” for a while, it’s trivial do setup what you’re asking for, the issue is that games have anti cheat engines that will get triggered by the virtualization and ban you.

TCB13 , to selfhosted in Nextcloud or Syncthing - which one do you suggest?
@TCB13@lemmy.world avatar

If you’ve a large number of small files and you care about your data then use Syncthing. I personally sync all my data to a ARM SBC (like a Raspberry Pi) and have all my devices configured to sync to and from that device. Works flawlessly.

I also use iOS and for that I’ve WebDAV setup on the SBC that provides me with seamless iOS integration. I also have FileBrowser running on the SBC pointed at the same data so I can have a nice WebUI to manage all files.

TCB13 , to selfhosted in Need suggestions for VPS
@TCB13@lemmy.world avatar

Now that you say that once I had Microsoft refusing to receive email sent by a DO IP but I filled some form and the block was lifted in a few hours.

TCB13 , to selfhosted in Need suggestions for VPS
@TCB13@lemmy.world avatar

Can you share details into that?

TCB13 , to linux in Which are your preferred laptops?
@TCB13@lemmy.world avatar

Maybe that’s a specific Ubuntu thing?

TCB13 , to linux in Which are your preferred laptops?
@TCB13@lemmy.world avatar

HP EliteBook 840 G5 or another EliteBook model. Even on Debian everything works fine after a clean install (including special keys), they never die and have a pleasant design.

TCB13 , to linux in Which are your preferred laptops?
@TCB13@lemmy.world avatar

Did you ever try an EliteBook? Even on Debian everything works fine after a clean install (including special keys), they never die and have a pleasant design.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • lifeLocal
  • goranko
  • All magazines
    •