Foster Hangdaan

Don’t forget: entrepreneur, playboy, philanthropist.

• Free Software Foundation
• GNU
• Richard Stallman’s Personal Blog
• Savannah

And pretty much the rest of the FSF and GNU websites.

I’m in the same boat and also looking for a privacy-respecting platform for communicating with family and friends. So I’d also like to add items that are not yet mentioned to the list of suggestions:

• Jami
• Peer Calls - can be selfhosted; you can try it out straight away using their flagship instance located here.

I wonder sometimes if the advice against pointing DNS records to your own residential IP amounts to a big scare. Like you say, if it’s just a static page served on an up to date and minimal web server, there’s less leverage for an attacker to abuse.

That advice is a bit old-fashioned in my opinion. There are many tools nowadays that will get you a very secure setup without much effort:

• Using a reverse proxy with automatic SSL certs like Caddy.
• Sandboxing services with Podman.
• Mitigating DoS attacks by using a WAF such as Bunkerweb.

And of course, besides all these tools, the simplest way of securing public services is to keep them updated.

I’ve found that ISPs too often block port 80 and 443. Did you luck out with a decent one?

Rogers has been my ISP for several years and have no issue receiving HTTP/S traffic. The only issue, like with most providers, is that they block port 25 (SMTP). It’s the only thing keeping me from self-hosting my own email server and have to rely on a VPS.

I’m running RetroPie on a Debian laptop and I’m able to map all the buttons of my 8BitDo Pro 2 controller; no issues at all. I was also able to connect and configure an Xbox 360 controller just fine.

You might want to try getting help on the RetroPie forums if you don’t get any luck here.

I self-host everything from my home network including my website. I like to keep all my data local. 😁

It’s a simple setup: just a static site made with Lume, and served with Caddy. The attack surface is pretty small since it’s just HTML and CSS files (no JavaScript).

First of all, doesn’t Navidrome have authentication? So, I don’t see why exposing it to the public is a problem.

Second, some reverse proxies support basic auth. This way, you can password-protect some services and is useful if the service does not have its own authentication. Here as an example snippet for Caddy:

example.com {
	basic_auth {
		# Username "Bob", password "hiccup"
		Bob $2a$14$Zkx19XLiW6VYouLHR5NmfOFU0z2GTNmpkT/5qqR7hx4IjWJPDhjvG
	}
	reverse_proxy myservice:8000
}

You’ll have to look up the docs for other reverse proxies.

That would be nice but what other alternatives are there? It’s either Chrome, Edge, Firefox, Safari, or clones of these browsers.

If you need S3-compliant storage for testing and development, you can use an S3 mock server. I’ve tried the following for use in web development and CI environments, they are lightweight and configurable:

• Adobe S3Mock
• s3ninja

There is also Localstack. I found this one to be a bit more complex than the ones above and ended up not sticking with it.