Yeah, I use Caddy for that, as I only use DNS-01 for local-only services.

I have been using BunkerWeb for the past 4 years and have been mostly happy with it. Its default settings are sometimes a bit agressive but you can change those globally or service per service.

This is anecdotal experience, but last time I left Wireguard on for an entire day and it accounted for 5% of battery usage that day.

I believe you swapped DoT (TLS, port 853) and DoH (HTTPS) in your message. I have yet to be in a network that restricts port 853, but if I could I would rather use DoH on Android.

Oh nice, that’s a clever solution and indeed easy to host.

Are they really hosting it themselves or are they just proxying request to their “partner”?

Holy molly, I wasn’t expecting this! Well, I guess I’ll try that out once Electric Eel’s released

TrueNAS SCALE expects you to deploy Kubernetes clusters, it is unfortunately not meant for running plain Docker. You can jump through hoops to get it working but I personally gave up and ended up running a VM on top of TrueNAS just to run Docker on it.

I don’t know about Unraid though and OpenMediaVault felt a bit unpolished the last time I used it and I can’t attest for its ZFS support.

If I understand correctly, it’s just a fancy donation?

I’m surprised Datadog is that much of a money maker to be able to afford GitLab

I really like Readeck, it is very polished and the fact that it copies links content is very useful when saving Medium blog posts (and generally to make sure that I don’t lose the content if the linked page is ever removed)

If you use a third-party’s DNS server (such as Cloudflare, Quad9 or Google) as your upstream DNS server, you only have to update PiHole.

If you have set up your own upstream DNS server using a DNS resolver like unbound or Bind9, update it as well as your PiHole.

I struggle to find if it uses DNSSEC or even a change log. If it does, contact the maintainer and disable DNSSEC (if you can) until a fix is released.

They maintain their own resolver, so they have to patch it if not done already.

It’s the latter. Unless you run your own DNS resolver, most people are safe

I’m not familiar with off-the-shelf DNS filtering on mobile, but since running a DNS resolver on-device would be impractical, I think they must be using a DNS server that they maintain. Which means that unless I’m wrong, the vulnerability lies on their end, you should be fine.

Exactly, I don’t get the “Mastodon as a poor man’s RSS agregator” trend

You’re probably looking for something that supports OPDS to automatically download e-books to your e-reader.

First search result is Komga

TrueNAS SCALE as host with an Ubuntu LTS VM running Docker containers.

Original I went with only containers running on top of SCALE but both iX and TrueCharts made it harder to run plain Docker Compose on TrueNAS.

What a weird choice for a storage-oriented device, I would have gone for a SBC with SATA ports or a PCIe port.