Hey there! Following up on this, i got your application started however, it seems that this is more for folks who actually know PHP an HTML and less for folks like myself who just find Docker applications (Invidious, Homepage, RedLib) spin them up and rig them to work with one another so i don’t think this will work for me personally at the moment in time regardless seems like a great tool nonetheless!

Thanks again!

Is there any special configuration needed for it? Env variables, network interface, volumes & config files, etc?

I plan to set this up in a docker-compose file later this afternoon once I get some free time.

Ah bless!

I’ve been using Firefox extensions to make up my CSP’s and so far it’s been an absolute nightmare! Thank you for this tool!

Debian - I’ve put Debian with KDE on the mini PC server.

Save your resources on the mini pc by getting rid of KDE, desktops can take quite a lot of resources to run!

If you aren’t familiar with the BASH shell it’s essentially the heart of every Linux/GNU based operating systems, no need for a clunky GUi on a server.

Key commands:

• cd == Change Directory

• sudo == Root privileges

• mkdir == Make directory

• rm -f == Remove file/directory with force

• touch == Make a new file

• nano == Text/File editor

• cat == Read file contents and print to shell

Commands don’t need to be complicated! For example nano /home/SomeUser/Downloads/SomeRandom.txt will open the text editor to SomeRandom.txt in the /Downloads directory of SomeUser

Hope this helps:

(It’s an Asus RT-AX86U Pro - so fairly chunky in terms of spec)

I have your exact router make and model! I self host my own server with a domain on my home network and make use of the built in DDNS feature.

My domain registrar is Cloudflare so I have to use a custom script for DDNS, if you’re in the same boat I can provide the script.

I would suggest looking into Asus WRT Merlin Firmware, the custom firmware enables more functionality to your router.

Docker containers for

1. Ghost
2. Nginx Proxy Manager

When hosting a reverse proxy like Nginx, Traefik, SWAG, Pangolin, etc keep in mind you 80:80 and 443:443 ports need to be exposed to the host machine then you will forward those ports on your router. This will allow your reverse proxy to communicate with Lets Encrypt generating and verifying your SSL certificates.

First have a look at the report header Content-Security-Policy-Report-Only add things you know about, as that will allow you to log what you need to have setup. Then once you have a list of things you know you need, add them and what the logs again. adding in things as you see and verify them.

Thank you for this! I feel as if I got the idea however, failed on the execution. I added this to my routers.yml -

        contentSecurityPolicyReportOnly: "child-src; connect-src; default-src; font-src; frame-src; img-src; manifest-src; media-src; object-src; script-src; script-src-elem; script-src-attr; style-src; style-src-elem; style-src-attr; worker-src; report-to csp-report"

To my understanding the report-to directive at the end adds a endpoint called /csp-report yet in my testing it doesn’t appear to exist and just leads to 403, I’m likely doing something totally wrong but I appreciate you pointing me in the right direction!

Also dont just add things in without checking that its in your code, you dont want to add hack-me.com by mistake.

That’s fair, I’m certainly no wiz at programming and this is just self-hosted docker applications that I’ve jerry-rigged to work with one another.

Pro-tip: buy it on steam, open it so that Steam recognizes play time, write heinous review, issue refund.

Not the first time for the very neutral state

According to a Swiss parliamentary investigation, “Swiss intelligence service were aware of and benefited from the Zug-based firm Crypto AG’s involvement in the US-led spying”.

If your concern is that the CIA owns Crypto AG you should take into consideration what their focus is on, are they focused on child predators and gangs or people torrenting movies and music?

Crypto AG and Proton have clashed in the past resulting in this article from Proton;

https://proton.me/blog/is-protonmail-trustworthy

Transparency: You know who runs the company, where they run it from, how they run it, what data they have, how they interact with law enforcement, and much more.

Business model: Their business model (how they make money) is simply having paid users that pay for the service. If they were to breach that trust, then they would no longer be able to sustain themselves.

Competence: They have a team of highly competent people. Most people in their management level have Ph. Ds and they are trusted by many users with heightened security needs. These users includeHKMaps.live, Bellingcat etc.

Verified By Third Parties: Proton is still in the process of getting all their apps audited and open sourced. Currently, the ProtonMail iOS app, OpenPGP.js, GoOpenPGP and all the ProtonVPN apps have been audited by Cure53 or SEC Consult and the reports publically available with the source code on github with android and bridge on the way. Furthermore, they have been checked over by the EU and given a 2 million euros of funding that can be used on anything to further their mission with no other obligations.

Legal guarantees: Proton is based in Switzerland, a country with strong privacy protections, and outside the 14 eyes surveillance network. Under Swiss law, they are only permitted to reveal user data if served with a binding legal order from the Swiss government. Sharing data without a legal order is a criminal offense under Article 271 of the Swiss Criminal Code.

Track record: ProtonMail’s creation by scientists who met at CERN (the European Organization for Nuclear Research) is well documented, including on the CERN website. The scientific background of their leadership team can be easily verified by looking at their academic careers and scientific publications.

More info

On a related note, we have also had people ask us about Proton Mail’s official position regarding the ongoing Palestinian-Israeli conflict and whether working with an Israeli company means we are taking sides in this conflict. The answer is NO. As a Swiss company, we adhere to a policy of strict neutrality

In the header of this article you seemed to have glossed over:

UPDATE April 3, 2020: The information in this article is outdated. As of last year, we no longer have any contract with Radware.

Ehm… you guys know that behind all major VPN companies there’s the isræli government right?

Okay. proceeds to check article

Kape Technologies

This is why you research the VPN provider prior to making your purchase, read their privacy policies, their EULA, their TOS, the companies history.

If it reads like the Bible skip over it.

ProtonVPN, iVPN and Mullvad have no association with this article whatsoever.

That’s fair, I’ve updated my grub to reflect the changes you linked earlier, I’ll give the machine a good ol fashioned reboot once I get home.

Thanks again.

1. Do they BOTH disconnect at the same time?
2. Is this connected over USB?

Yup they disconnect at the same time, it uses USB for data transfer however, the dock does have its own power supply.

If you don’t have another way to connect these drives to your machine, then do this: https://danielbrennand.com/blog/proxmox-fix-usb-disconnect/#troubleshooting

I’ll give this a shot when I get home, I have an 2.5” SSD that is connected to a regular USB 3.0 port that isn’t shutting off like the HDD’s so I’m skeptical to think that a power saving feature is causing this.

Thank you!

Back up your important files while you still have them and get new ones ASAP; preferably some form of SSD

Unfortunately I’m going to have to until pay day for me to replace the drives, and I currently don’t have 6tb to back up to, I was thinking of getting a 10tb western digital NAS drive as it is significantly cheaper than a 10tb SSD.

Granted an SSD would be ideal if I can find one relatively ”cheap” that still has a NAND chip for caching.

Well that’s worrisome, I suppose this is where I start looking for replacements. Thank you!

A dev with some sense.

I mean, you’re not wrong. The dev does have some sense, not a lot, not a little, just some a very broad some.

Fuck Linux.

Bonus points if you can route your personal VPN server through your VPN provider, the flow looks a little like this:

Client <—> Personal VPN server <—> VPN Provider

For the folks saying install Linux keep in mind you can indirectly be captured by this feature.

For example if you’re playing an online video game you’ll be captured or your chat messages in your messaging app.

Probably force an insecure or outdated protocol and market it as “top of the line”.

Not a single soul asked for it, waste of company resources.