SGG

Upside: not fired.

Downside: have to do work.

Upside: make money

Downside: not enough money

If you have docker containers and other stuff all on that USB drive I’d really reccomend getting it all off that USB (not just logging) and onto a proper drive of some kind. USB thumb sticks are not reliable long term storage, you will wake up to find the drive failing one day and good chance you lose everything on it with little to no warning.

My guess is log files are being written to it? Might want to install a proper drive internally and redirect log storage. With less activity the USB drive should not heat up anywhere near as much.

It does not whip the llamas ass.

Games need to live closer to the bleeding edge than a lot of other software.

Also, for wine/proton, and the other customisations built into the deck, it makes sense to pick a starting point that is more built for customisation. By that I mean there was probably less things they needed to add or remove at the start.

As mentioned, it’s also likely there was personal bias internally. But even that can be a valid reason as they need to be familiar/comfortable with the starting distro.

Not saying that Debian cannot do it, but doing it this way probably made valve’s employees lives easier.

1. It runs in browsers
2. If you hate your co-workers, then they will also feel your pain.

Nothing too special, just had to do some fiddling to get the Apache reverse proxy working correctly. Now I believe they have a pre-made example for it, but back then they only had nginx. I stick with Apache because that’s still what I know. Might start learning nginx, but my main work isn’t in web stuff.

Mine is nice and quick in regards to the web interface and general functions. However I run it on a server at home and my upload speed isn’t the best, so if I need to pull a larger file (Files On Demand enabled) then obviously the transfer speed of the file is a bit sluggish.

Hosted on a VM with 16GB RAM, 4 cores. Using the NextcloudAIO docker deployment option, all behind an Apache reverse proxy (I have a bunch of other services on another VM that all have reverse proxy access in place as well).

In very basic terms, and why you want to do them:

Attack surface is the ports and services you are exposing to the internet. Keep this as small as possible to reduce the ways your setup can be attacked.

Network topology is the layout of your home network. Do you have multiple vlans/subnets, firewalls that restrict traffic between internal networks, a DMZ is probably a simple enough approach that is available on some home grade routers. This is so if your server gets breached it minimises the amount of damage that can be done to other devices in the network.

Oh fun.

And disabling Bluetooth on phones isn’t really a viable option these days because so many people use Bluetooth headphones because of the removal of headphone jacks/the convenience of Bluetooth earphones.

Thankfully the devices I look after are mainly iOS, windows, and macos, so patches should be available in due time.

People with old Android devices are going to be left out in the cold sadly. Thankfully my Samsung s21 is still in support.

The first year price is a “loss leader” discount. Get you in the door, then make a profit from you in future.

Namecheap have a bit of a reputation (as can be seen here with a few people warning of poor support), Spaceship seems to be a bit of a offshoot/addition they have created, partly as it doesn’t seem to be a 1-1 comparison, and partly maybe to avoid their existing reputation?

However, it’s not entirely a bad idea to separate your registrar from your DNS provider. If one goes down, you still have access to the other to make changes. I used namecheap in the past because it was cheap, and cloudflare for DNS. If you are using both for only your registrar, it probably won’t matter much at all as you are probably not changing nameservers often, if at all, once set.

If you are going to use your desktop, I would suggest putting all of the self-hosted services into a VM.

This means if you decide you do want to move it over to dedicated hardware later on, you just migrate the VM to the new host.

This is how I started out before I had a dedicated server box (refurb office PC repurposed to a hypervisor).

Then host whatever/however you want to on the VM.

A sane firewall configuration should have no/minimal impact on a desktop focused OS.

On the other hand, sometimes programs are really badly made and expect stupid things like there being no firewall.

You should have one yes, but to each their own.

I manage a bunch of windows computers and regularly make adding firewall rules part of install scripts, good example: Dreamweaver.

sudo apt-get install hackerman

Nothing, those are just links to those websites.

Losing things is one of the risks of any setup. With paid for services you are putting trust that the provider has put in place methods to prevent downtime/data loss. Self-hosting means the onus is on you. Make sure you document things, make sure you have some kind of backup in place, and update things regularly (but maybe not straight away, just in case).

Also expect to occasionally run into weird issues that you need to figure out a fix for. I am 99% sure it was for my NextCloud-AIO setup a year or so ago, but there was an update to it that broke the setup if you had created the containers previousy at a certian time. You needed to run a particular command inside one of the containers to fix it up.

There was also the time where I migrated things off a physical server to a VM, but missed the script that was doing my certbot DNS challenge renewal. I had not documented things back then and a few months later all my services stopped working, that took a bit to re-do.

I do make sure to keep backups of my VM’s, and for the VPS I run I pay a bit extra for vultr to keep backups/snapshots there. Along with actual documentation of how I did the setup, I’ve got things stable for the most part.

Here’s my Heimdall homepage to give an example of different services I run, as well as some links to other websites. Blanked out a few things for privacy and eyepatch reasons (not sure if that’s allowed here).

I use vaultwarden (open source implementation of bitwarden server). Yes it’s a seperate service to manage, but it’s a dedicated password/secrets manager that can do otp codes.

I’ve been running the docker container for a few years now and it’s been rock solid.

Next day: Find out the fix causes a new edge-case error, start all over again.

I’ve been using Trilium (https://github.com/zadam/trilium). There are desktop clients, no mobile clients. However the web interface works well enough for me that I don’t mind. The notes update in near-realtime when you make edits through the web app on multiple machines (assuming internet connectivity of course).

If you’re already self-hosting NextCloud you might want to look NextCloud Notes as well.

If you move to office 365, it is possible to create an email transport rule to handle this. Effectively any non existent address gets sent to the mailbox your specify.

Yes, they aren’t the cheapest option, and it gets meme’d that it should be called office 364,363, etc, but it is a solid service.