Lol

If an employer wants to see your IQ, you probably do not want to work there regardless.

Verified by whom?

In that case I can really highly recommend it. Nixos on the server is fantastic anyways, and the only hurdle to recommending simple-nixos-mailserver is that most people are not familiar with nix… 😄

It’s a bit unconventional maybe, but I vote simple-nixos-mailserver - IF you are curious / willing to learn nix. It’s essentially just sanely configured dovecot, postfix, rspamd.

My config for those three combined is about 15 lines, and I have never had an issue with them. Slap on another 5-10 lines for Roundcube as a webmail client.

Since it’s Nix, everything is declarative, so should SOMETHING happen to the server, you can be up and running again super quickly, with the exact same setup.

We were talking about SwiftKey

Who knows?

Unless a piece of software is open source, you cannot know.

Fail2ban allows you set different actions for different infringements, as well as multiple ones. So in addition to being put in a “local” jail, the offending IP also gets added to the cloudflare rules (? Is that what its called?) via their API. It’s a premade action called “cloudflare-token-multi”

I switched a couple of months ago, from SwiftKey. Had been using that for ever, long before Microsoft bought it.

NGL, the transition was a bit rough, and the first month my error rate spiked. All good now though, plus Futo has a bunch of super useful features SK never had. Overall, very happy.

We expose about a dozen services to the open web. Haven’t bothered with something like Authentik yet, just strong passwords.

We use a solid OPNSense Firewall config with rather fine-grained permissions to allow/forbid traffic to the respective VMs, between the VMs, between VMs and the NAS, and so on.

We also have a wireguard tunnel to home for all the services that don’t need to be available on the internet publicly. That one also allows access to the management interface of the firewall.

In OPNSense, you get quite good logging capabilities, should you suspect someone is trying to gain access, you’ll be able to read it from there.

I am also considering setting up Prometheus and Grafana for all our services, which could point out some anomalies, though that would not be the main usecase.

Lastly, I also have a server at a hoster for some stuff that is not practical to host at home. The hoster provided a very rudimentary firewall, so I’m using that to only open necessary ports, and then Fail2Ban to insta-ban IPs for a week on the first offense. Have also set it up so they get banned on Cloudflare’s side, so before another malicious request ever reaches me.

Have not had any issues, ever.

• has a dick so utterly ginormous that even the slightest bit of arousal drains a sufficient amount of blood from his system to make him pass out

Vikunja seems to check all your boxes

You can even just do Ctrl+A, Ctrl+C, Ctrl+V.

It somehow feels… Wrong, but it just works.

Oof.

My employer pays a buttload of money to CircleCI - for extensive checks (build, lint, formatting, full test suite, as well as custom scripts for translation converage, docs,… for the full tech stack) on every push. Reviews start only when everything passes.

I think you have given me a new-found appreciation for the reasoning behind that decision… 😄

Lmao, what, that’s wild. How did they justify this??

I think if you want to copy a specific selection to a mouse-based, different program then it makes sense to use the mouse for precision selection.

Ahh those fuckers.

+1 from me.

The Shield is a couple years old, but it handles everything you throw at it perfectly.

• get SmartTubeNext to watch YouTube without ads, and it comes with SponsorBlock
• use Flauncher for a home screen / launcher without any ads
• Jellyfin, obviously
• Steamlink also works perfectly
• plus, the remote is amazing (though I would recommend to either disable or rebind the Netflix button)

Hmmm…^this?

I know it’s been three weeks, but thanks for telling me about this! I might actually do this, for the projects here and there which aren’t packaged into nixpkgs (yet).