To avoid this, you will need an IPv4 address on your client, or an IPv6 address on your server.

This confuses me because I have an IPv4 address on the client, and that IPv4 is what the server is seeing make the connection…

/edit

I think I get it.

The client actually only has IPv6. The IPv4 address I’m seeing in the log and whatismyipaddress.com is the address of my mobile providers NAT.

Thanks. I still haven’t totally wrapped my head around IPv6. Stubbornly happy with IPv4 tbh, but it seems the rest of the world is moving on, understandably.

Perhaps there can be a place for it, I just mean it should not be an automatically and consistently part of peoples feeds. Creators should have a place for it that’s easy to find/access for those that want/seek it. Just don’t shove it in people’s faces without their explicit prior consent.

I don’t think the general/greater population of lemmy came here to find porn…

That’s fair; I don’t mean to minimize or dismiss the situation in either location, just that Minnesota was what specifically was on my mind when I wrote the comment.

NSFW does not equal exclusively porn.

I’m not looking to block out gore or triggering topics, particularly news stories such as what’s come out of Portland Minnesota lately. Hell some of my own posts are NSFW, but I’ve never posted porn.

Disabling/blocking all NSFW entirely is not an acceptable solution when it’s only porn I’m trying to not be flooded with.

At its peak, before instance blocking was a thing: 4/5 posts under the ‘All’ feed were porn. I posted a picture quite a while back (I’m not gonna go dig it out, but it’s in my comment history), from before we could block an instance, with just a massive list of communities in my block list almost entirely from lemmynsfw. It was way over the top.

Now I can just block an instance or community that dedicates itself to porn and all is well. I still don’t think that content belongs on a platform like this. If people want porn, they can go to the MANY sites that serve porn; it shouldn’t be combined with your daily scrolling through news, current events, and funny cat videos*. But we have tools to work around it; so, moving on.

* heavily paraphrasing for general everyday content that an average person may share with friends/family.

Edit: I have no idea why I said Portland… I meant Minnesota, referring to Renee Good and Alex Pretti.

I still have hundreds of communities from lemmynsfw in my blocklist from before instance based blocking was implemented. Pretty sure lemmynsfw is 95% responsible for that feature needing to be implemented.

If you have a static IP address, you can just use A records for each subdomain you want to use and not really worry about it.

If you do not have a static IP address, you may want to use one single A record, usually your base domain (example.com), then CNAME records for each of your subdomains.

A CNAME record is used to point one name at another name, in this case your base domain. This way, when your IP address changes, you only have to change the one A record and all the CNAME records will point at that new IP as well.

Example:

A example.com 1.2.3.4

CNAME sub1.example.com example.com

CNAME sub2.example.com example.com

You’d then use a tool like ACME.sh to automatically update that single A record when your IP changes.

Back in my day, (shakes cane), Teamspeak and Ventrillo were the big voice chat platforms/tools. Both have text chat and channels/rooms; but their focus is voice chat for gaming.

Bit old, but pretty much everything Source Engine is self-hostable isn’t it? Most of them even come with a pre-configured SRCDS (SouRCe Dedicated Server) you can download and run right from the steam launcher.

I know I ran a GarrysMod server for quite a while; piling a shit ton of mods on it. Plus any source game you’ve got installed, Garrys Mod can and will use the resources/assets from.

:/ shit.

I’m pretty sure I saw this a few months ago and moved to the beatkind/watchtower fork, but it’s not been updated in 6mo either. (Devs only been active in private repos; so they’re still around, just not actively working on watchtower)

Guess I’ll find another solution. Hell, I might just put my own script on crontab. Looping through folders running docker compose down/pull/up isn’t too hard really.

My wife got very upset. Apparently she likes the ads.

Set static IPs for her devices, then whitelist that device IP past the block lists by adding it to a group, then regex allow domain: ‘*’ for that group.

A bit of redundancy is key.

I have my primary DNS, pihole, running on an RPI that’s dedicated to it; as well as a second backup version running in a docker container on my main server machine.

Nebula-Sync keeps the two synchronized with eachother, so if a change is made on one, it automatically syncs to the other. (things like local dns records or changes to blocklists).

If either one goes down (dead sd cards, me playing with things, power surges, whatever); the other picks up the slack until I fix the broken one, which is usually little more than re-install, then manually sync them using piholes ‘teleporter’ settings. Worse case, restore a backup (That you’re definitely taking. Regularly. Right?)

Both piholes use Cloudflared (here’s their guide *edit: I see I’ll have to find a new method for this… Just going to pin the containers to tag ‘2025.11.1’ for now) to translate ALL dns traffic into DOH traffic, encrypting it and using the provider of my choice, instead of my ISP or any other plain DNS. The router hands out both local DNS IPs with DHCP because Port 53 outbound (regular dns) is blocked at the router, so all LAN devices MUST use the local DNS or their own DOH config. Plain DNS won’t make it out.

DNS adblocking isn’t perfect, but it’s a really nice tool to have. Then having an internal DNS to resolve names for local-only services is super handy. Most of my subdomains are only used internally, so pihole handles those DNS records, while external DNS only has the records for publicly accessible things.

I have the same issue with Immich on android. It pretty much never uploads files until I manually open the app; then the app refuses to acknowledge it has uploaded those new files until it’s closed and re-opened :( (power saving is set to un-restricted in android, and background data usage is allowed. I’ve been through troubleshooting very thoroughly, it just doesn’t work)

FolderSync has been the only reliable (non-root) backup solution I’ve used. It’s set to monitor my image folders for changes and upload any new files as soon as they’re created; this works ~85% of the time. Then, It’s also set with a few schedules to check for changes every 3hrs, backing up everything on the phone the app can access; this catches anything the on-change/on-creation file detection misses, while also backing up more data than just my images. I have yet to see that fail after ~3 years.

That will solve part of the problem, preventing downloads before an item has even released; but there’s still lots of potential to grab unwanted torrents and leave the arrs asking for intervention when they can’t import it.

Ideally the indexers would be filtering out this junk before users can even grab them, but failing that I think we’ve got a decent solution. Check out the edited OP

Check out the edited OP.

I’m taking a look at this. It looks like it’s the malware blocker portion that I’m interested in, but if I enable it and ‘delete known malware’, it just complains every minute that there are no blocklists enabled. (though the documents say it’s supposed to fetch one from a pages.dev url that has almost no content)

Do you have a specific malware blocklist configured? Enabling the specific service blocklists demands a url for one.

I can host/build a list over time for these to use if that’s what I’ve gotta do; just wondering if there’s a public collaboration on one already on the go.

/edit: found it

https://raw.githubusercontent.com/Cleanuparr/Cleanuparr/refs/heads/main/blacklist

That’s what I’d already done as per the OP, but it leaves Sonarr/Radarr wanting manual intervention for the ‘complete’ download that doesn’t have any files to import.

I just did some digging and found I do have some good quality content from them, but they were all grabbed via NZBGeek.

Every torrent I’ve gotten with that label has been garbage/malware.

This comment prompted me to look a little deeper at this. I looked at the history for each show where I’ve had failed downloads from those groups.

For SuccessfulCrab; any time a release has come from a torrent tracker (I only have free public torrent trackers) it’s been garbage. I have however had a number of perfectly fine downloads with that group label, whenever retrieved from NZBgeek. I’ve narrowed that filter to block the string ‘SuccessfulCrab’ on all torrent trackers, but allow NBZs. Perhaps there’s an impersonator trying to smear them or something, idk.

ELiTE on the other hand, I’ve only got history of grabbing their torrents and every one of them was trash. That’s going to stay blocked everywhere.

The block potentially dangerous setting is interesting, but what exactly is it looking for? The torrent client is already set to not download file types I don’t want, so will it recognize and remove torrents that are empty? (everything’s marked ‘do not download’) I’m having a hard time finding documentation for that.

Awesome. Thanks you two, I appreciate the help. :)

Awesome. Thanks you two, I appreciate the help. :)