Ah, yes, I suppose that’s true. My apologies.

Can you explain the “rotating containers back end”? I’m trying to understand what that adds to security.

It’s not a very constructive community though

You need guidance in your presentation style, you have managed to completely alienate your potential users in one single post.

No one owes you anything. No one asked you to spend time and money on a project. Calling folks “ungrateful” while trying to attract them to your project is weird.

I use wanderer.

It works fairly well to document and organize my hikes.

I read the entire article,and you seem a bit prickly about caldav, but that is of course your prerogative.

I do wonder if your users are asking for caldav because their use-case make caldav a valuable translation for the rest of their digital lives… Maybe it would be helpful to understand what parts of caldav are interesting to users and what they might actually be asking for.

Notes from the last release mentions that the docker repo is unmaintained.

Ohhhhh, I’d forgotten about this. Good one.

Incus and ansible

Unbound is just an alternative to bind. Pihole does not handle full-fledged DNS functions like zone transfers and start of authority records.

Fascinating. How does this help op?

It unfortunately means that if you misconfigure a key then your packets get silently ignored by the other party

After ipsec troubleshooting phase 1 & 2, WG is still a blessing.

No worries. But you’re talking about zone transfers?

What do you mean by “recognition”?

We would need more info to help confirm, but watching ids traffic will show you lots of misconfigurations as well as actually suspicious traffic, so this might be a POS device doing stupid stuff.

Is suricata listening on an internal subnet interface? If you are listening on a public interface, your job sorting through the trash traffic will be difficult because determining source is nearly pointless and your external interface should not know anything about the internal subnet.

I think wallabag is the self-hosted go-to for this, but I’m not sure of the extensions for it.

I used to use pocket because it allowed me to sync to my Kobo reader. Kobo have struck a deal with Instapaper and it works in a similar way.

The official instapaper plugin doesn’t do what In My Pocket does, unfortunately.

Yes. Proxmox isn’t doing anything magic another Linux machine (or windows for that matter ) can’t do. A router, for instance, is a good example of this.

Sorry, that was presumptuous of me. ‘TCP stack’ just means each container can have its own IP and services. Each docker, and in fact each Linux host can have as many interfaces as you like.

I imagine you would get a conflict when you try to go to 192.168.1.2:8000 or even localhost:8000.

You’re free to run a service on port 8000 on one IP and still run the same port 8000 on another ip on the same subnet. However, two services can’t listen on the port at the same ip address.

mkvmake pulls the Forced flag from its source, so it’s likely that your DVDs have a set flag for certain subs. You can use mediainfo to check this on your mkv files.

Mkv is simply a container format, which means you can probably unset the forced flag with mkvmake directly without having to unpack all the streams and remux them.

Handbrake is amazing, but it does have a LOT of controls, so there’s only so much hand-holding it can do when you start looking behind the curtain of how av files work.

You will still have to make sure that port numbers don’t conflict

I’m sure I read you’re comment wrong, but you are aware that each docker container has its own tcp stack, right?

Thank you!