Everything exposed except NFS, CUPS and Samba. They absolutely cannot be exposed.

Like, even my DNS server is public because I use DoT for AdBlock on my phone.

Nextcloud, IMAP, SMTP, Plex, SSH, NTP, WordPress, ZoneMinder are all public facing (and mostly passworded).

A fun note: All of it is dual-stacked except SSH. Fail2Ban comparatively picks up almost zero activity on IPv6.

Testdisk and photorec? It’s saved me heaps of times.

I was thinking “she should be able to” … “ask one of my friends to figure it out”.

As long as she knows what the passwords are, a tach savvy friend will figure out the rest.

My backup solution is hard to setup and maintain, but shouldn’t be terrible for someone else to recover from.

All the phones sync to nextcloud when on wifi and charging. My server has alternating encrypted backups, and one is always off-site.

If I go, my wife can plug it in and punch in the password. Hopefully that’s enough.

My wife has a laminated card which has the instructions to my KeePass vault, and an explanation of how the backup drives are encrypted.

Once the family photos are safe and she can login to all my accounts to finalize them, the server can be replaced with a WRT54G for all I care. Continuity will be impossible. Even a qualified sysadmin would probably struggle with it.

I’m on ABB and everything was fine after I called up and got CGNAT disabled and the ports unblocked.

You can unblock ports in the MyAussie phone app these days.

And you most definitely got a new IP address. Make sure you’ve updated your DNS. My IP hasn’t changed in over a year. It only ever changed when they upgraded their equipment.

I gave my wife a laminated card with explicit instructions on how to access my keepass DB and encrypted backups. The rest can die when I do.

I self-host all those things.

I just have two portable drives, and I bring one home from work at a time to run an rsync backup job.

I did… Until the police knocked on my door. They said I was lucky because they decided to ask questions first, but they technically could have siezed every computer in my house without warning. I don’t think you’d ever get convicted for something obviously done over tor, but having your stuff taken while they investigate is really inconvenient.

OK, here’s how it happened.

I was hungry, and I wanted to see the menu for my local pizza joint. I couldn’t find it anywhere.

I discovered that all their socials linked to a website that wouldn’t load. When I checked, the domain had lapsed.

Out of frustration, I purchased the domain and pulled the last snapshot of their website off archive.org. It had their full menu as a PDF.

6 months later and it’s still getting visitors from their facebook page, who are viewing the menu. They haven’t even realised.

Host all the things!

Wordpress, SMTP/IMAP, tor, bittorrent, Nextcloud, Plex, NTP, photo galleries, DoT…

I even started hosting the website for my local Italian restaurant and they haven’t even realised it yet.