Here you go friend, enjoy! ๐
tux7350
Unencrypted HTTP can mean that anyone can see your traffic as it passes through their network. Your ISP will see that traffic. If you're streaming pirated music and you're in a country that cares about those things, might not go very well. From a security stand point though, you still wouldn't want to trust the authentication on the open port. A vulnerability may exist that you don't know about. It's always better to keep them closed and add another layer or two between your home computer and the public.
Tailscale let's you tunnel into your home network without opening any ports, and it encrypts the traffic. Much safer way of doing it.
Go on.....
What kinda issues are you having? Most of my problems with Nix are solved with overlays or creating a module. Admittedly, in order to do that you still have to know how to fix your issue the usual linux way. Afterall, Nix is more of an abstraction tool IMO; good for replicating something across a ton if devices. If you don't need that, there's other distros that work much better out of the box.
Another tip, please be very careful when exposing ports to the public. With docker you're already mitigating your attack surfaces but an open port allows anyone to make a connection and there are lots of bots out there looking for open ports and vulnerabilities. A good alternative would be to setup wireguard and instead then connect through that or if you like simplicity check out Tailscale.
It took me a bit to find this video for anyone looking for it. The more I see interactions with Tim, really shows how wholesome of a person he is.
This is kinda how I've come to look at it. You cannot ask questions of fact to a machine that works in probabilities.
Ha, ya know? I think I know some people who will just regurgitate whatever input they receive
........
:(
Naw not 20 years ago, that's 2004. Here's an article from the Army talking about their introduction in 09, most Army units wouldn't have seen till 2010.
I was in the USMC so adding about 5 years till we got them tracks lol. I absolutely was taught in the school house with no confidence clip and I remember what country I was in when I got training on it in 14-15.
You wouldn't have remembered if it was 20 years ago. That clip was introduced recently, I remember where I was the first time I saw one and that would've been like 2015.
Check out my other comment but I'm pretty sure it's because of the confidence clip. There's actually an extra step where you sweep your thumb across the spoon to allow the pin to be removed from the grenade. After that yeah you probably could pull it with your teeth.... but if you fucked up and fumbled it you'd win the Darwin award.
Really the myth should be about cooking a grenade. Absolutely no way in fucking hell you'd ever trust that fuse to "actually" be 4 seconds. What if it's short and actually 3? And you wait to 2 to throw? Nooo way lmao
It shouldn't mess with your current routing but if you're running other VPNs you may run into issues.
After you join the machines to the tailnet, each machine gets a new IP address ( only visible to other machines in the tailnet), by default it's a 100.x.y.z you can check the tailnet for the device IP.
Now you can keep the port closed on your router and it will still be accessible over the usual lan ip and port. But when you want to access remotely, turn on tailscale and connect using the tailnet IP.
Another cool thing you can do with this setup is turn your home server into an exit node. By default it will only route things that are in the tailnet (100.x.y.z subnet). But if you turn your home server into an exit node you can funnel all your traffic back through the exit node. Instant free VPN back home!