semi-related: would it count as piracy, if you reconstruct the 3d model from the 2d promo-images?

.azw3

didn’t they switch to epub last year?

so… netflix with extra storage?

raspi with vlc, mulvad and qbittorrent installed.

deleted by creator

but if for whatever reason your OS got borked and it took you more than a certain amount of hours to recover, you’d switch to Windows.

do you also count the time spent on arcane windows issues?

[something] is sometimes a relaxing process

Yeah, no.

what is the bare minimum of security measures you can do?

I guess just the normal things with p2p stuff: make sure no ports are exposed except for the essentials, update software, use SSL wherever possible.

When you don’t use VPN, people will see your actual IP adress and will launch the same kind of attacks, they also launch on servers [1] to try to hijack your system and add them to their bot net.

[1] port scans, login-attemps, applying known exploits. If this doesn’t sound scary, you should try operating a server that is exposed on the internet and then look at the number of login attemps.

yt-dl has a speedlimit. yt-dlp has not.

I recommend to use relevativ paths in the compose files. e.g.

  - '/home/${USER}/server/configs/heimdall:/config'

becomes

  - './configs/heimdall:/config'

you may want to add “:ro” to configs while you are at it.

also I like to put my service in /srv/ instead of home.

also I don’t see anything about https/ssl. I recommend adding a section for letsencrypt.

when services rely on each other, it’s a good idea to put them into the same compose file. (on 2nd thought: I am not sure if you already do that? To me it is not clear, if you use 1 big compose file for everything or many small ones. I would prefer to have 1 big one)

you can use “depends_on” to link services together.

you should be consistent with conventions between configurations. And you should remove config-properties that serve no purpose.:

• you don’t need to specifiy “container_name”, when it would be same name as the service
• PUID=1000 and PGID=1000 shouldn’t be needed, I think.
• sometimes you add explicit “:latest” to the version, and sometimes you don’t

while you are at it, you may want to consider using an .env file where you could move everything that would differ between different deployment. e.g.

• PUID
• TZ
• exposed ports, maybe

consider using podman instead of docker. The configuration is pretty much identical to docker-syntax. The main difference is, that it doesn’t require a deamon with root privileges.

you may want to consider to pin version for the containers.

pro version pinning:

• no unexpected changes, when you restart the container (e.g. because you accidentally pulled)

con version pinning:

• when you DO want to make an update, you have to spent 2 minutes to go to docker hub to find out which version you want.

the option to have two instances is nice for maintenance stuff, e.g.

• you broke your instance and want to migrate to a fresh one
• you want to try out a new workflow/plugin/fork/version without committing to it

another benifit of containers:

• you can do desaster recovery on a single service without affect the other services on the same machine
• handling incompatable lib-versions becomes trivial. (e.g. two different php versions on the same machine is usually a pain).