- crowdsec
- SSH - change port, disable root login, disable password login, setup SSH keys using SK(YubiKey in my case)
- nftables - I use https://github.com/etkaar/nftm to keep things quick and simple. I like the fact if will convert DNS entries to IPs. I then just use dynamic DNS update clients on all my endpoints
- WireGuard for access to services other than SSH(in some cases port 443 will be open if its a web server or proxy)
- rsyslog to forward auth logs to my central syslog server
"HU-MAN"
Hard pass. Which ever vendor keeps making dumb appliances gets my money. I can live with basic "smart" appliances as well. The ones that connect to WiFi simply to tell when say the wash cycle is done by sending a message to your mobile. But I don't need no flipping AI crap in my house thank you.
I selfhost both Lemmy and Mastodon. Lemmy is set and forget follow the communities you etc. Mastodon does need a little bit of tweeking after being setup. I have a script the removes remote content from my server after 7 days which keeps the used space down considerably. More details about the commands used can be found here -> https://docs.joinmastodon.org/admin/tootctl/#media-remove
I feel that Nvidia drivers in Linux will always be a pain and it's straight up Nvidias fault.
I love the remarks Linus made about Nvidia.
Not sure if it's hers anymore but it was when the "Streisand effect" came to be.
I'll just leave this here....
Works fine for me. I'm going through ProtonVPN and it loads. Using a Canada server if it matters.
If you have Proton Premium point your domain to SimpleLogin and use it. Its included with Proton Premium. Its helped me root out 2 places so far that have sold my email address or were compromised and failed to disclosure.
I use https://github.com/YoRyan/mailrise
Mailrise is apprise under the hood. It's an SMTP server that converts all the emails it receives to push messages depending on the To address in the email.
One of the main reasons I run my own instances (Mastodon and Lemmy). Keep the garbage blocked and out of sight.