- 0 Followers
- 0 Following
- 2 Posts
Ah, in that case you will probably need to go into the container to do the backup. I avoid mounted volumes.
As your user account, just run something like:
podman volume export VOLUME >backup.tar
Or from another machine, say you want to do a remote backup from your server:
ssh user@host podman volume export VOLUME | zstd -o backup.tar.zstd
I think you have to go into desktop mode to find the setting to disable shader pre-caching but it’s 100% better with it disabled!
Most VPNs don’t allow port forwarding, and if they do it’s a random port that changes frequently. So you’d need a method to tell people the new port. Also, you typically want to use SSL so you’ll have to use self signed certs. Though interestingly LetsEncrypt recently started testing certs for IP addresses:
We've Issued Our First IP Address Certificate
Since Let’s Encrypt started issuing certificates in 2015, people have repeatedly requested the ability to get certificates for IP addresses, an option that only a few certificate authorities have offered. Until now, they’ve had to look elsewhere, because we haven’t provided that feature. Today, we’ve issued our first certificate for an IP address, as we announced we would in January. As with other new certificate features on our engineering roadmap, we’ll now start gradually rolling out this option to more and more of our subscribers.
You can. I recommend making sure you have logging in place so you know what’s going on. This could include not just service logs but firewall logs as well. You might want to rate limit the connection attempts for SSH and WireGuard and consider Fail2Ban or something similar.
Yes, that’s one way to do it. Another way is to pick some amount you can afford to save and buy bitcoin every month or so. Hold it for a few years and always spend your oldest coins first. For example $20 from 2020 buys $200 worth of stuff now.
What does running pfsense in a virtual machine really give you? Consider setting up the ubuntu server as a router directly. The most important part is making sure you configure the firewall correctly (iptables or nftables). dnsmasq can handle dhcp requests and hostapd can provide wireless. Be careful that all services are listening only on appropriate network interfaces before you connect it to the internet.