SplatterGasp

joined 1 year ago
[–] SplatterGasp@sh.itjust.works 1 points 1 year ago (2 children)

I can only partially answer this. Humans cannot sense moisture on the skin, only temperature and tactile (e.g. something on the skin, or moving along the skin like a droplet)

Something that cannot transfer heat would, I assume, feel not like putting a hand in water, but rather something....else?

[–] SplatterGasp@sh.itjust.works 1 points 1 year ago (1 children)

I've had to find a solution similar to what you are looking for. My need was due to being double NAT'ed where I had no control over the internet facing router/NAT.

Personally, my solution was to use Oracle Clouds free tier service to host and NGINX reverse proxy as Oracle also offers free static IPs to there compute instances. From there I used Tailscale to join the instance to a Proxmox container running Docker on my server running services I wanted exposed to the internet (Emby, and a few 'Arrr apps). I've found it to be remarkably stable (much more than I expected).

An alternative method is to use Cloudflare tunnels, which are very easy to get setup. It in essence is the same principle as above but using Cloudflare's 'reverse proxy as a service' type product. I was not able to use this for my needs as Cloudflare do not allow media streaming.

If you do choose the first option, I would recommend isolating the server running the exposed services to its own network that cannot touch your day-to-day network. I also recommend configuring ACLs in Tailscale to restrict traffic to specific ports from specific hosts to minimise any risk of having exposed services. Oh, and automatic updates to the OS and services is ideal.

I saw you are using basic HTTP auth, whilst it is secure enough it does have some issues with making connections more difficult, particularly if you are using any of your services API's (it is also not the best user experience IMO). I would recommend setting up oAuth/SSO if yunohost supports it.

Lastly, as other users have said, even if you don't use either suggestion, put a reverse proxy on it. NGINX Proxy Manager is a nice friendly solution with a web GUI if you are not too familiar with proxy configs

[–] SplatterGasp@sh.itjust.works 6 points 1 year ago (1 children)

I gotta be honest, UX / UI is not my area.

I'm sorry, but I don't believe you. It looks fantastic! Really great job!

Are you saying you don't want to mix the best of inflammatory political posts with more inflammatory political post but in less words?