• 0 Posts
  • 16 Comments
Joined 2 years ago
Cake day: August 19th, 2023
  • icedterminal@lemmy.worldtoSelfhosted@lemmy.worldHow to host vaultwarden internallyEnglish
    3·
    3 months ago

    Some self hosted services refuse to work if you use a self signed certificate with your public facing IP. They only allow self signed certificates when using one of the handful of private addresses.

    Some apps on mobile devices for the service you use won’t work unless a trusted certificate is used. A self signed certificate behind the scenes creates an error that isn’t handled and you can’t connect.

    You lose the ability to have a proxy in front to handle abuse so your server is spared the headache. You need a domain to do this.

  • icedterminal@lemmy.worldtoData Is Beautiful@lemmy.mlHow expensive The iPhone 15 is around the worldEnglish
    2·
    2 years ago

    This information reflects the current contract terms Verizon offers to everyone.

    iPhone is $899 + tax. Verizon pays Apple what you pay for the iPhone. You sign a contract for 36 months that states you’ll pay Verizon a monthly installment without interest.

    As for the “free” phone, it really can be free. Based on their own internal metrics is what makes you eligible. Accounts the system has flagged for fear of losing (retention), good standing (no missed payments), long time customers (loyalty), new customers, or when there is an abundance of stock and a new model is set to release. The catch is that you’re on the hook for the price of the phone if you upgrade early or want to cancel your line. The average rep is not letting you upgrade because the system says no. A manager can override but if they do, you lose the credit. Your next bill will include the price of the phone. They’re still making money off you in the long term whether or not the phone is free. It’s calculated business.

  • icedterminal@lemmy.worldtoSelfhosted@lemmy.worldHow to share services with non-techincal friends and familyEnglish
    32·
    2 years ago

    Once you agree to letting friends and family access your hosted services, you become the tech support for any problems. Whether that be your fault, user error, etc. You should absolutely limit who you give access to. In my case, only three people can and that’s immediate family. No friends, no extended family. I don’t wanna deal with all that mess when I deal with it at work. Don’t over extend yourself by being nice.

    Using Cloudflare is against the ToS when used for services like Jellyfin. Your account can be limited, closed, or find yourself getting a several hundred dollar bill for data usage because you’ve breached the terms of service. Additionally, streaming content on free accounts incurs higher latency which I’ve confirmed myself Argo smart routing massively reduces. https://github.com/jellyfin/jellyfin/issues/9295 - Don’t abuse what’s free or you may lose it.

    Google shouldn’t be indexing your domains anyway. If it’s flagged your domain, it’s been indexed and scanned. Alternatively, it could indicate you have a weak point somewhere on your server and you’ve been breached. Google’s scan picked up whatever it was. Though I doubt this is the case and just a false positive. Double check your robots.txt files and disallow everything. Most index bots respect this. You can use a community sourced bot blocker. https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker

    I’ve been running my own self hosted services for almost a decade. Though I have a background in IT directly doing this kind of stuff daily at work. As long as you have a strong firewall, modern TLS, relevant security headers, automatic tools like fail2ban, and have a strong grasp on permissions, you should be fine. Before I moved everything to non-root docker, it was given its own service user and SELinux policy. Using direct DNS isn’t so much of a problem. You shouldn’t have any issues. Feel free to reach out if you have any questions.