It’s mostly so that I can have SSL handled by nginx (and not per-service), and also for ease of hosting multiple services accessible via subdomains. So every service is its own subdomain.
Additionally, my internal network (as in, my physical LAN) does not have any port forwarding enabled — everything is over WireGuard to my VPS.
My method:
VPS with reverse proxy to my public facing services. This holds SSL certs, and communicates with home network through WireGuard link configured on my router.
Local computer with reverse proxy for all services. This also has SSL certs, and handles the same services as the VPS, so I can have local/LAN speeds. Additionally, it serves as a reverse proxy for all my private services, such as my router/switches/access point config pages, Jellyfin, etc.
No complaints, it mostly just works. I also have my router override DNS entries for my FQDN to resolve locally, so I use the same URL for accessing public services on my LAN.
Getting TLS certs will be complicated
I just use Let’s Encrypt with a wildcard domain — same certs for public and private facing domains. I’m sure this isn’t best practice, but it’s mostly just for me so I’m not too worried :)
Yeah I don’t expose Jellyfin over the Internet, so it doesn’t matter for me, and wouldn’t work at all over WAN (unless VPN’d to home network).
Also, it’s all reverse proxied, and there’s nothing preventing having two Jellyfin hostnames, e.g., jf-local.mydomain.com and jf-public.mydomain.com.
Another fun trick you can play is to use a private IP on your public DNS records. This is useful for Jellyfin on Chromecast for instance — it uses 8.8.8.8 for DNS lookup (and ignores your router settings), so it wants a fully qualified domain name. But it has no problem accessing local hosts, so long as it’s from 8.8.8.8’s record.
I have set up local DNS entries (with Pi-Hole) to point to my srrver, but I don’t know if it possible to get certs for that, since it is not a real domain.
So long as your certs are for your fully qualified domain there’s no problem. I do this, as do many people — mydoman.com is fully qualified, but on my own network I override the DNS to the local address. Not a problem at all — DNS is tied to the hostname, not the IP.
…and I don’t see it motivating people to go vote.
But it can do the opposite perhaps — “motivate” people to stay home who would otherwise vote R. Not that, in general, we should be celebrating voter apathy, but I think that some of these endorsements could dishearten folks enough that they end up abstaining.
So we need to freeze our farts and thaw them out when we need them. Got it.
Or go full CW, and just transmit source code in binary as dits and dahs. (So long as you document what you’re doing it should be legal, though I’m not sure if you should use the CE portion of he band since it’s nonstandard…)
Any chance you have a DMZ set up on your router?
On your router, are there any settings specific to any host (other than the server maybe)? For example, a static IP or a port forwarded rule.
Do you have a VPN on the phones? Can you traceroute from your phone to the server and post that? (I like PingTools for Android.) You should have 1 hop (you -> server, nothing in between).
Can you verify that you are on the same wifi including same wifi channel? Phone on 5GHz but Linux box on 2.4GHz, for example.
Some mobile clients make it easy to accidentally downvote. I sometimes see that I accidentally downvoted a comment from time to time.
PingTools has been useful for me (though I mostly just use it for iperf).
I think it’s a reference to the vice presidential debate with Pence in 2020: https://www.cbsnews.com/news/kamala-harris-mr-vice-president-pence-interruptions/
Could be wrong though.
Oh go fsck yourself (maybe that works better written…).
It’s also, in my opinion, the most verb-able of all *NIX commands.
Are they “forks” or are they “built on top of”?
https://en.m.wikipedia.org/wiki/Doctor_(title)
As a noun yeah it’s more common in the western world to refer to medical doctors. But its origin is that of teachers, not medical practitioners.
Wrong. I breathed in some helium once and it made my voice all high pitched which threatened my fragile masculinity. Very toxic.
(/s…)
Never worked much with cryogenics, but the one thing I learned was to never get in an elevator with (large quantities of) liquid nitrogen — if the elevator stops it can displace the oxygen and that’s…kinda bad.
Microwaves aren’t resonant or anything fancy — they’re just dielectric heating.
Add to that photo editing (as much as GIMP is great…). I would guess DAW and video editing would fall under that category, too…and good luck finding many AAA open source games.