Set a custom private DNS with your dns

Good to know!

I share your concerns with the matrix organization. Most of the other concerns on that article don’t apply to a private instance with only just less than a handful of users who anyway live together or share more than an online existence.

Conduit has been dead in development for years now. Conduwuit was the successor, then some drama got it shut down and reborn (new maintainers) as Continuwuity.

Conduit saw no up grades in years IIRC and its basically abandoned I guess.

DOH goes over port 443 using https, impossible to block (unless you want to blacklist all possible URLs that might serve DNS) so cannot be redirected at network level, like with classic DNS, and uses SSL encryption so cannot be “sniffed” and redirected.

In other words: say goodbye to ad blockers based on DNS like pihole or adguard

While it seems good for your privacy, it’s a dream for Google and such, where PiHoles and such DNS blockers will be useless…

Good to know… Well I am on matrix now, so no need to switch, but will keep in mind.

For now yes but the very specifics of DNS over https make that impossible if enforced one day.

I removed health checks because o think they don’t work properly with podman how I use it, but I might be wrong.

Anyway, glad it helped! That’s the spirit why I wrote it.

Because matrix has the bet bridges so I can centralize all other protocols on my matrix server (Continuwuity) and have whatsapp, telegram, Signal all accessible from one single app.

Actually I am behind CGNAT so when away I connect to my VPS that has a nginx pointing to a wireguard endpoint to the internal server. Wireguard is also managed by opnSense but that’s a choice, not mandatory.

When home, my VPS ip gets rerouted on port 443 (and 80, mandatory for let’s encrypt) to the internal ip of my server.

Going the split DNS way is doable but had other issues (android devices bypassing local DNS for example or DNS over HTTPS issues)

I set up my opnSense to redorect all internal traffic to the external IP on port 443 to my internal server ip.

Works fine, it’s transparent, and doesn’t mess with DNS.

I run TA with success since many months. It’s fast and responsive, so I guess it’s an issue with your setup?

The metadata bridge to jellyfin alfo works pretty nice, I have no complaints…

You can check my notes at https://wiki.gardiol.org/doku.php?id=services%3Atubearchivist

But be advised I am on rootless podman with docker compose

Absutely Endurain. Wanderer has a different focus.

You want endurain I believe.

Its under heavy development but its also quite stable and capable.

Don’t give up your Garmin watch, just don’t install the garmin app on your phone and download raw data from it like you already do.

Its the rebirth of Conduit -> Conduwuit -> Continuwuity. Built with rust, it’s a community project that is pretty stable and finally free of drama.

Super heavy, and overkill unless you need to run matrix.org itself.

Self host your matrix server, use Continuwuity not Synapse, and do not enable federation.

That’s optional and should not be enabled by default. If your distro does that, I would think about switching.

But when you need it, it’s a feature that must be there… Or debugging is impossible. Think of driver development for example.

But it needs to be enabled.

My favourite is that kernel writes in ram. Kid, do you even know how computers work at all? Where should the kernel write? On paper?

Anyway, worry about getting your pc compromised and prevent unwanted access both physical and remote, logs will help you detect unwanted access, so there is that: logs keep you safe.

Do not turn off logging. Or do turn off logging, it’s your machine after all and you are free, as in Linux, to do so if you want.

But your privacy will not be any safer.

I think you are just looking for fun or messing with people, what you say is indeed true, but irrelevant as privacy concern.

Love this!

Next time, write with Inkless pen, that would be safer!

But what if somebody reads your mind? Walk around with tinfoil hat!

(Lol)