shadshack

I know there may be some which are better for various reasons, but look into nginx proxy manager to get those resources behind some URLs with SSL. I like it because it's got a pretty easy to use web interface, but I know similar things can be accomplished with traefik and like a 3 line per service yaml file. I use NPM and a pihole for DNS to point to the NPM server, and it's great for me, including automatic cert rotation with LetsEncrypt.

If you're looking to actually do Fail2ban, look into crowdsec first. It's a similar concept but instead of creating your own block lists by people hammering against your system until they're banned, it uses community-populated lists to pre-ban known bad actors.

I know a lot of people shit on it from a decentralization perspective, but I use Cloudflare to expose all my services. Then anyone who hits my sites has to go through Cloudflare's detections first. I have all my services behind a reverse proxy (nginx proxy manager) running locally, and that's the only though exposed to the Internet through my router, also that ONLY allows connections at all from Cloudflare IPs or my local network. My home IP is obfuscated, my services can only be accessed using the ports I define, and things are happy. I also block as much as possible on my router, and have automatic updates on all my server VMs/LXCs.

You could also set up a Cloudflare tunnel to go to the reverse proxy and avoid needing to expose anything to the direct Internet.

Just turn off caching for any media servers domains/subdomains if you go with Cloudflare, or else it will try to cache any media on their servers and it's technically a ToS violation so people get their accounts banned. It's a simple setup to disable cache though.

I haven't really used adguard or nextdns before so I can't compare apples to apples. I can say that Rethink is a FOSS local-VPN-based adblocker that doesn't need root. I used to use a different VPN based one before that I forgot the name of, but because it was a VPN I couldn't also connect to my home Wireguard VPN at the same time, so I was swapping VPNs all the time. I like it because I can be connected to my home VPN, and then if that connection fails it automatically uses the on-device DNS blocklists, which can be customized which lists to use. It can also set different DNS rules / bypass filtering on a per-app basis instead of being forced to being system wide. It's been useful to allowlist certain domains for specific apps only to let them work.

Using RethinkDNS for on-device blocking, but also let it make a wireguard tunnel to my house so I can make use of my PiHole at home.

I do prefer instrumental music, but for completely different reasons. Mostly for me it's because I get earworms extremely easily, and can have a song stuck in my head for days at a time. 99% of the time it's the lyrics that are stuck, so it's a much lower chance to get an instrumental song stuck in my head.

What about without line of sight? If I get one of these is it going to work while it's sitting on my desk, or am I going to have to mount some antennas on the roof to actually make it usable? The maps only show like three other people in my city with one, so I'm not sure how useful this will actually be for me.

I used to work retail and was helping a college aged guy pick out some new headphones. He was deciding between some Beats and some Bose headphones. I literally asked him "do you want something that sounds good or looks good" and was amazed he actually said "looks good". So I reluctantly sold him the Beats.

I had to scroll really far to find this, but my LG was so good I bought another when I moved. My wife thought all dishwashers just sucked until she saw how well the LGs can do.

I've got this little blue plastic cup I've had for almost 30 years. Use it for my toothbrush. Got it when I was a kid and it's the only toothbrush holder I've ever had since.

You a Saiyan

LG? Mine does the same. Also my washing machine plays the same tune.

Great! I'll use Button Mapper to remap that button to open Plex (or Jellyfin if I end up committing to switching to it).