Illiterate Domine

There are many ways to setups full disk encryption on Linux, but the most common all involve LUKS. Providing a password at mount (during boot, for a root partition or perhaps later for a “data” volume) is a but more secure and more frequently done, but you can also use things like smart cards (like a Yubikey) or a keyfile (basically a file as the password rather than typed in) to decrypt.

So, to actually answer your question, if you dont want to type passwords and are okay with the security implementations of storing the key with/near the system, putting a keyfile on removable storage that normally stays plugged in but can be removed to secure your disks is a common compromise. Here’s an approachable article about it.

Search terms: “luks”, " keyfile", “evil maid”

Most self-hosters are probably using dns services through their registrar, but you don’t have to. A registrar with poor api support might still be a good choice, if that was the only negative.

Well, I’m back and can confirm the sneaky DNS resolver. I have two roku devices and they both were making requests to 8.8.8.8.

Thanks for this post! TIL.

Interesting. I set an adblocking dns via DHCP and, as far as I know, the Roku respects it. Ads are blocked and I can see it failing to delivery telemetry in my dns logs (most persistent thing on the network).

I set a rule to catch outside dns to see if anything, the roku included, has been misbehaving.

Not extensively, the keyboard is at work right now, but I’ve fired up a few things to try it out. It’s a well-built mechanical keyboard and performs like you’d expect in that regard. Ortholinear key placement takes a bit of getting used to, but it doesn’t take long to build that new muscle memory. By the time you’re typing comfortably on it, gaming would likely be fine.

I have an Ergodox EZ from ZSA and have been really impressed with both the keyboard and the company. I got mine with Silent Reds but later swapped out for some clickier Zilent switches. Switches are easy to swap, so you have a lot of options there.

When I got mine, there was an issue with it losing connection (I think the USB port solders had broken) and ZSA support was really easy to work with.

There are a few browser plugins that do this sort of thing for mastodon. I imagine some dev work would be needed to adapt them for the Threadiverse, but the concept is certainly out there.

Little clusters of nucs has become a really common way to run small Kubernetes clusters at home. I recently rebuilt mine (still using a bulky, power hungry box like you’re tossing) and have been very happy with it. Everything is really stable, containers that misbehave are automatically destroyed and replaced, and updates are breeze because everything lives in code/git.

Sure, but their algorithm in their app will be steering their users to content across the fediverse chosen specifically to engage enrage those users. Even if the broader fediverse isn’t being fed directly by their algorithm, the worst of the Threads user base will be showing up in our communities and comment sections.

Technically, no, but you may want to. All of these services are federated and interact with one another. Mastodon users can interact with pixelfed posts and lemmy communities and anything else in the Fediverse. In reality, though, these services, and their clients, are built for specific types of content. If you’re spending much time at all on those other Federated communities, the “round peg, square hole” nature of using a Reddit-like app to use a Twitter-like service (as an example) may start to chafe.