Proxmox is my number one choice. It’s based on Debian, and has an excellent, extremely straightforward web UI for managing virtual machines and LXC containers.

It’s perfectly reasonable from the perspective of corporate scum: take away a standard feature, then sell it back as an extra. As far as I know, the modem still had UPnP for applications that rely on it.

No, I got it from the horse’s mouth: my WAN address was publicly routable all along, the ISP just disabled those NAT-related features remotely.

I finally got my ISP to enable bridge mode on my modem.

I also learned that I didn’t lose port forwarding and related services because I had been moved behind CGNAT or transitioned to IPv6 – they simply no longer offer port forwarding to residential customers. Ruminate on the implications of that statement so I’m not the only one with blood pressure in the high hundreds.

Even in the open source community, the libre-ness of a product is just one of many factors. The fitness for a purpose, the initial difficulty of the setup, the continuous difficulty of operation and maintenance, the pace of development (if applicable), the professional or community support structure, the projected longevity of the product or service, and the general insanity of the people involved are all important factors that can, and often do outweigh the importance of open software.

Local Unbound with Tailscale’s split DNS has been solid for me. I use it as an OPNsense service with the web GUI, but the standalone YAML config looks simple enough.

I’ve never used Linkwarden, but the /data folder is often used by Docker containers to store the application’s data, so it’s likely an internal path. You’ll have to create a volume that exposes the internal /data path to the host filesystem, then whatever is written into that directory will be made available to both the container and the host system. Any file or directory in the container can be exposed this way.

I usually put my data volumes in /srv (where my large RAID array is mounted) and config volumes in /config, into a subdirectory named after the service, and with the minimal necessary privileges to run the container and the service. You could, for example, create volumes like this:

/srv/linkwarden/postgres_data:/var/lib/postgresql/data
/srv/linkwarden/linkwarden_data:/data/data
/srv/linkwarden/meili_data:/meili_data

The volume path (left side of the colon) can be anything. The right side is where the services expect their files to appear inside the container.

The Lemmy backend, the default web frontend, the Jerboa app, and the lemmy.ml instance are all owned by the same person.

I don’t know which label is the most accurate, but he supports Putin’s war, which lands him in the “shitbag” category. Being technically not fascist does not negate supporting the military invasion of a sovereign country, the ethnic cleansing of its people, and the rape, murder, and torture committed by the invaders.

You are literally on Lemmy. The project owner’s views are well-known.

on limewire

Not only has this made me realize how fucking old I am, but I also got curious about how Limewire is doing, and…

In September 2025, LimeWire acquired the Fyre Festival brand, including its intellectual property, trademarks, online domains, and social media assets, from Billy McFarland via an auction held on eBay.

…according to Wikipedia. At this point, my 2025 bingo card would serve better as kindling.

You make a new normal, non-root user specifically to run Radicale processes. The user should have write access only to Radicale’s directories, nothing else.

Same deal with Apache and the www-data user.

The most straight-forward method would be to buy a standalone switch. I have a TP-LINK TL-SG108 8-port gigabit switch and it seems to retain the ARP table indefinitely.

My previous solution was an ESP32 board with an SSH server and a relay, wired parallel with the power switch, that would be closed by an output pin on command.

How much experience do you have with networking, exactly?

The DNS record points to a private IPv4 address (10.0.0.41), which cannot be accessed from the internet for multiple reasons; first of which is that it’s almost certainly behind a NAT gateway.

Your internet provider has given you a single publicly routable IPv4 address and assigned it to the WAN interface on your modem or router. If you want to access a host on the LAN, you’ll first have to configure port mapping or port forwarding on the router. Then you’ll have to open holes in your firewall and accept the fact that every bad actor will try to break into that host unless you know how to set up network security.

Linux has two different kinds of “used” memory. One is memory allocated for/by running processes that cannot be reclaimed or reallocated to another process. This memory is unavailable. The other kind is memory used for caching (ZFS, write-back cache, etc) that can be reclaimed and allocated for other things as needed. Memory that is not allocated in any way is free. Memory that is either free or allocated to cache is available.

It looks like htop only shows unavailable memory as “used”, while proxmox shows the sum of unavailable and cached memory. Proxmox “uses” 11 GB, but it’s not running out of memory because most of it is “available”.

Proxmox is a great starting point. I use it in my home server and at work. It’s built on Debian, with a web interface to manage your virtual machines and containers, the virtual network (trivial unless you need advanced features), virtual disks, and installer images. There are advanced options like clustering and high availability, but you really don’t have to interact with those unless you need them.

New developments: just a few hours before I post this comment, The Register posted an article about AI crawler traffic. https://www.theregister.com/2025/08/21/ai_crawler_traffic/

Anubis’ developer was interviewed and they posted the responses on their website: https://xeiaso.net/notes/2025/el-reg-responses/

In particular:

Fastly’s claims that 80% of bot traffic is now AI crawlers

In some cases for open source projects, we’ve seen upwards of 95% of traffic being AI crawlers. For one, deploying Anubis almost instantly caused server load to crater by so much that it made them think they accidentally took their site offline. One of my customers had their power bills drop by a significant fraction after deploying Anubis. It’s nuts.

So, yeah. If we believe Xe, OOP’s article is complete hogwash.

That’s why the developer is working on a better detection mechanism. https://xeiaso.net/blog/2025/avoiding-becoming-peg-dependency/

With how much authority you wrote with before, I thought you’d be able to grasp the concept. I’m sorry I assumed better.

THEN (and this is the part you don’t seem to understand) the client process has to waste time solving the challenge, which is, by the way, orders of magnitudes lighter on the server than serving the actual meaningful content, or cancel the request. If a new request is sent during that time, it will still have to waste time solving the challenge. The scraper will get through eventually, but the challenge delays the response and reduces the load on the server because while the scrapers are busy computing, it doesn’t have to serve meaningful content to them.