Forgejo also has significantly more active development. Feature-wise, I believe they’re currently working on adding federation via ActivityPub as one of the main goals. I also think they have a much better designed and documented system for workers and actions at least at the time I went to spin one up. I switched to Forgejo and haven’t really looked back.

It’s better than closed source, for sure. But I’m curious, Is the NordVPN app actually conceivably useful for anything other than the NordVPN service? Or is this simply the uni-directional kind of open-source where their software gives nothing useful back to the community and they are just hoping for the part where the community identifies and fixes their bugs for them.

I suppose we’ll have to wait and see if someone will be able to hack it to add other providers, it would be neat if I could use it to manage my own self-hosted VPN endpoints too.

I block freely. My time and attention and mental and emotional bandwidth are limited resources, and to the extent possible I intend to spend them carefully.

Yes, the famous communist fascist. His name is Stalin. You’ve probably heard of him.

In a world gone mad, you have to be insane to stay sane.

Horrible idea. You’ll likely end up syncing a mess of unnecessary, incompatible and conflicting binary build files onto different platforms, you’ll end up with internal file conflicts that are impossible to properly resolve and will destroy your repo, especially if you’re still using git on top of it. Don’t do this. Git has its own synchronization mechanisms for a reason, they are extremely mature and specifically designed for maximum efficiency, safety and correctness for the task at hand, which is managing source code. Millions of people use git for source code every day. It is a solved problem.

Syncthing is literally the WRONG tool for this job. It is a great tool for many situations, but you are using it as a hammer when what you need is a saw.

You are correct, and I am still a bit sad about it, because gitea was a cuter name and logo TBH. But Forgejo is pursuing a technically superior design and socially better path at this point.

Redundancy. I have two independent firewalls, each separately routing traffic out through two totally independent multi-homed network connections (one cable, one DSL, please god somebody give me fiber someday) that both firewalls have access to. For awhile was thinking of replacing the DSL with starlink until Elon turned out to be such a pile of nazi garbage, so for now DSL remains the backup link.

To make things as transparent as possible, the firewalls manage their IPs with CARP. Obviously there’s no way to have a single public IP that ports itself magically from one ISP to another, but on the LAN side it works great and on the WAN side it at least smooths out a lot of possible failure scenarios. Some useful discussions of this setup are here.

You’re absolutely incorrect about IRC. Would you like to learn? Open IRC federation is basically never used anymore and the few networks that exist are very stable (if not completely calcified), but it is a core feature of the design, and in the old days, massive interconnected networks of IRC servers like EFnet and Undernet spanned the globe, there were even some servers that allowed open federation (EFnet is actually named for it – eris-free-net referring to the last server “eris” that supported free federation), and at some points Netsplits were a frustratingly daily occurrence. Like with any federation, abuse is the reason we can’t really have nice things anymore, but IRC absolutely supports federation. Not very well from a modern standpoint since it didn’t really keep up with the abuse arms race, but when it was first conceived it was way ahead of its time.

It does work, I have seen it working on another site. Again, I don’t have personal experience but I don’t see any reason to assume it doesn’t work. The comments including the comment closing the issue you linked describes how to get it working. When they say it is not “supported” they mean they are not providing tech support for it, but I can’t imagine it’s that hard or poorly documented.

IRC and XMPP are infinitely less painful, honestly, and both were designed around federation from the ground up, long before it was cool.

https://ghost.org/ supports ActivityPub and is open-source so can be self-hosted, I don’t know if it’s a good platform for what you’re trying to do though as I don’t have personal experience with it.

I’ve always felt like this is an area with a huge gap. I’ve got my own fragile, cobbled-together bullshit that works for me, but it’s far from ideal or reliable if I’m being honest. I do love Ansible’s general idea of relying on standard, always-ish available protocols like ssh as a universal connection method, and I think it could work well as the bulletproof lower layer when you want to use direct control over the CLI tools and configuration files, like what git provides for anything requiring version control, but ansible needs a slick management interface like github/forgejo provides on top of git, to fill in the higher level UI for when you need a wider scope to get an overview of what’s going on or to make general configuration changes without needing to get your hands dirty. Ideally it would look a lot like Proxmox itself does, just, not specific to Proxmox. Like if I want to add my Steam Deck, and I’ve got ssh enabled on it and it’s not asleep, it should be able to ansible its way in there somehow to at least get whatever basic details it can. Maybe that’s only basic system information at first, but from there I could work on customizing it. That’s what I would consider the ideal, for me at least.

Yes, all three are supported configurations. Technically all four, since “I don’t know” is apparently a completely valid and functional configuration too.

I’ll add a vote to all the people suggesting Yunohost. Yunohost is a perfect place to get your feet wet with basically no experience required. I’ve played with it myself and it does a good job of simplifying and holding your hand without oversimplifying or keeping you on a strict, tight leash. It even helps you deal with common newbie issues like dynamic IPs so you can become more reliably available on the internet, something that a lot of other guides just assume you’re going to have a static IP assigned by your ISP or VPS and handwave away the complexity of what you’ll have to do if you have a dynamic IP like most home connections. (Experienced self-hosters gradually discover that having access to a static IP somewhere, anywhere, makes life a lot easier, but don’t worry, you’ll get there too eventually, it’s not important when getting started)

You can get started by working your way through the process here.

In my opinion: Lemmy is the name of the network, Piefed is simply the best way of accessing the network. Thus, most Piefed users are still Lemmings.

I’d recommend using conductive filament if you can or even just coating it with conductive paint before it touches anything electrically sensitive might do the trick. It doesn’t have to be a great conductor, just a tiny bit of conductivity will prevent any significant static charges from building up.

People fleeing fascism are just hoping other people will be forced to fight it and win before it gets to them. No matter what happens, eventually some people will have to stand and fight it. There is nothing wrong with deciding that the time to stand and fight it has come. It is scary, yes. It has been a long time since we have had to fight fascism. We might feel like we have forgotten how. But we will learn quickly. The same technology that enables them also enables us in ways just as profound, maybe more profound. Vive la resistance!

Ugh, I hate it when tools to “simplify” an already relatively simple process actually oversimplify it to the point of making it horribly complex to work around their “simplification”. A few points I’d like to answer from your post:

• Nginx-Proxy-Manager is dumb for, as far as I can see, not allowing you to follow the standardized method of answering challenges that supports any DNS provider and instead only seems to allow its “magic simplified process” that only works with select DNS providers
• https://dns.he.net/ is a nice free DNS service that you could use for your “keep domain at bluehost but use DNS servers elsewhere” strategy, and this is a totally valid and reasonable configuration – however, it apparently won’t help with Nginx-Proxy-Manager due to above stupidity
• This leaves your only DNS hosting service option as Cloudflare, as you correctly identified. This is a fine option but you know what they say about free services especially when they’ve got big for-profit companies behind them, if you’re not paying for the product, then you ARE the product, so beware of becoming vendor-locked and enshittified when they inevitably decide to try to monetize you somehow (if they’re not already doing so behind the scenes).
• Yes you can transfer your domain to a supported provider. This is kind of a “nuclear option” to get it to work with some shitty web-UI like Nginx-Proxy-Manager just because they’re too lazy to support actual standards or play nice with manual configurations, but it’s straightforward, albeit a little bit slow process (can take several days for things to switch over)
• There is no “renewal cost” for transferring a domain other than having to pay for 1 year minimum of the new provider’s normal annual registration costs. This gets added to your existing expiry, generally speaking, or your old time gets refunded, so either way you’re not losing anything, however things can get complex if you’ve only recently registered or renewed it, for example

If you’re very happy with Bluehost and want to stay there (I have no idea if they’re any good I’m not familiar with them but I will say charging $90 for an SSL certificate seems a bit absurd) then Cloudflare is probably the path of least resistance.

If you don’t mind transferring your domain and waiting for that process, that’s also a good approach.

But personally, I would drop Nginx-Proxy-Manager like a hot potato and work your way through setting up something like Caddy instead, doing mostly the same magic that NPM does (unfortunate acronym for anyone who’s more familiar with Node Package Manager) but using a very open and flexible system, supporting plugins for different providers to support DNS challenges for example

One final option that I’m going to throw out there, is if you intend on connecting your web server to the public internet anyway, and you’re able to live without a wildcard DNS (this just means it has to create a different certificate for each subdomain you add, not a big deal when a program is already managing them for you in my opinion) then you can just forget about the DNS challenge altogether and use a regular HTTP challenge. Again, fully standards compliant. Doesn’t matter what DNS or web server you’re using. As long as it has an internet connection so it can talk to the encryption certificate server and verify that it is who it says it is, you’re good to go, no need for DNS keys and such. Frankly I find the HTTP method just as simple if not simpler in most cases. Again, they’re oversimplifying to the point of making it more complex.

I have installed sunshine and moonlight on every computer I own and I use it so often I barely remember what computer I’m actually on anymore.

Nah, we should strive for it. Imagine how much time I’d have for things like actually touching grass and socializing with real humans if I used an AI to handle all my terminally online activities. It can provide me a daily summary of all the shitposting it did and funny memes it saw and stupid trivia it learned while I do more meaningful stuff with my life.

It’s a crazy dream, I know.