They’re competitors.

If you’re already using systemd, do not switch to Docker. Use Podman instead. Docker runs all your services under the Docker service. Podman can both run the same containers as systemctl services.

Normally this is bad advice, but if you already have CGNAT you’d be going from double NAT to triple NAT and it probably won’t make anything worse. At least it shouldn’t make things worse for IPv4. If you have 5G internet with CGNAT there’s no excuse for your ISP not giving you proper IPv6. Putting a second router between will complicate your IPv6 setup.

There are some tricks you can do for IPv4 in the precense of hostile DHCP servers. Serious OSes should allow you to configure a second IP address on the same physical interface, so you could have a dynamic 192.168.0.x assigned by the ISP’s DHCP server and a static 192.168.1.y assigned statically by you, and then you should be able to set up an additional route table entry to access 192.168.1.0/24 using the source address 192.168.1.y. As long as the ethernet/wifi switching between devices doesn’t filter ARP packets based on IP subnet, you should be able to communicate between your machines using fixed IPs on the second subnet.

That sounds kind of like CWE-836.

That’s complicated to do correctly. Normally, for the server to verify the user has the correct password, it needs to know or receive the password, at which point it could decrypt all the user’s files. They’d need to implement something like SRP.

I don’t know the details. My modem that I purchased exposes a management interface to the cable operator. I have a read-only view of the connection status and can’t change anything meaningful. In the US if you buy the modem you loan it the ISP for free while you’re a customer, as opposed to the ISP loaning you a modem for a monthly fee.

Supporting PPP does not make something a modem. It’s a hardware capability that the device does not have.

Asus TUF-AX4200 is a router/AP, not a modem/router.

Openwrt/ddwrt are used for routers.

In the US you usually need to use your ISP’s modem. Even if you buy the modem, it needs to be one that the ISP supports and the ISP will have more control of the device than you do. Even if it were running openwrt or ddwrt, you would not have access to use it.

I have an Arris modem and it works fine now, but for months there was a bug where it would randomly crash. I don’t know when the bug was fixed, but firmware updates are controlled by the ISP so I had to just reboot it when it would crash. In other words, even if you have good modem hardware, whether it works correctly is up to your ISP.

You don’t actually need DDNS. If your provider has an API you can update your addresses using the API. https://kb.porkbun.com/article/190-getting-started-with-the-porkbun-api

The Android version of VLC can play DVDs with menus, which is weird because the desktop version can’t out of the box for legal reasons.

If it’s implemented correctly, a smart card or phone unlock does not need internet connectivity to work.

How do people get to so many Docker containers before moving to Kubernetes? I only have 76 containers across 68 pods and that’s far too much for me to manage in Docker.

Try using ICE instead of proxying all your traffic through a VPS. If you’re just using the VPS for session establishment you won’t be using a lot of bandwidth and won’t get blocked or go over quota. Try searching for things like “wireguard mesh stun”.

YouTube has RSS feeds you can access without scraping, but it’s per channel so if you follow a lot of channels you’ll be following a lot of RSS feeds.

Lemmy also has RSS feeds for each community.

Are you looking for a reader instead? A reader aggregates the feeds and displays them. Usually it keeps track of which items you’ve already read.

Nobody cares about your home services unless they can use them to send spam or mine bitcoin. Owncloud is a funny name because it seems to imply it’s for personal use: your own cloud. I didn’t know until I found myself in one, but apparently a lot of schools use Owncloud.

phpinfo is just a bad idea. It’s a built in facility that dumps everything without knowing whether it’s sensitive or not, right into the current page, making it trivial to add this vulnerability to your own application or library that an unsuspecting developer will include into their application. There’s not even a single security warning in the documentation. Here’s practically the same problem from 21 years ago: https://nvd.nist.gov/vuln/detail/CVE-2002-1725

It might work if you put them on the same Docker network? I use Kubernetes and it definitely has this feature.

Is it the server telling the server that the client’s port is unreachable or is it the client telling the server that the port is unreachable? Do you see the packets traveling over the Wireguard interface? Do you see the response if you use Wireguard from the client?

The request traced out is incorrect. WG Client IP initiates a DNS request to Server IP, and then WG Client Addr receives a response from WG Server Addr. The DNS response should come from the same IP that the request was sent to. The client may be rejecting a response coming from an unexpected source. If you’re doing masquerading instead of plain routing, you need to make sure that you’re doing NAT in both directions.

It sounds like maybe you have Nginx set up but you’re not using it. Nginx is normally listening on one port.

Try vlc http/dvdnav://192.168.44.1:8080/interstellar.iso.

If that doesn’t work, you probably also need to install CSS decryption support (ie libdvdcss2). Apparently the Android version of VLC comes with this built-in.