I’ve had good experiences with Rustdesk. The client is open-source and the no-cost server components (ID and Relay servers) are self-hostable. The remote server works on X11 and Windows. I use this script to run XFCE+Rustdesk in a headless session:

export SERVERNUM=69
export SCREEN_SIZE='-screen 0 2560x1440x24'
export DISPLAY=":${SERVERNUM}"
export XDG_SESSION_TYPE=x11

xvfb-run --server-num="${SERVERNUM}" --server-args "${SCREEN_SIZE}" startxfce4 & disown
sleep 1
flatpak run com.rustdesk.RustDesk & disown

Sunshine + Moonlight is also a good choice. I have Sunshine installed on a box at home and use Tailscale to connect to it from the Moonlight client. At 1440p 60 FPS it has no visible compression artifacts and responsive enough for gaming.

tl;dr: yes, credentials are cached locally. https://github.com/dani-garcia/vaultwarden/discussions/4676

The major downside to the single file storage used by Keepass is that it’s easy to accidentally create a conflict between files on different devices if they’re not synced immediately. Conflicting files have to be merged manually or data might be lost. I’ve run into this several times with Keepass + Nextcloud. In comparison, a central master database with local cache can resolve conflicts between individual records.

deleted by creator

Is this what normies feel like when Linux users tell them to just use Linux? I have some apologies to make.

Interface configuration and DNS resolution are managed by different systems. Their file structures are different. It’s been like this for many decades, and changing it is just not worth breaking existing systems.

Mount the network share (fstab or mount.cifs), and pass the login using the username= and password= mount options. Then point the volume at the mount point’s path.

https://www.mattnieto.com/how-to-mount-an-smb-share-to-a-docker-container-step-by-step/

It’s possible that, when the ISP revokes the public address and assigns a new one, the DNS record isn’t updated immediately and still points to the old address. Then every new request would be sent to the old, invalid address.

And this is where I start shilling for Tailscale. It’s a Wireguard-based mesh VPN that is designed to work from behind firewalls, NAT, and CGNAT. It has its own internal split DNS provider, and probably some mechanism to handle public address changes that is transparent to the tunnelled traffic. You can use it to share the server with only the devices that have the client installed, or expose the server to the internet.

I’ve got it set up on my OPNSense firewall as a subnet router that advertises the subnet where my servers are, and often stream from Jellyfin over it. There’s some overhead, but it’s never been disruptive.

What sounds like gatekeeping is often a strongly worded emphasis on having the prerequisite knowledge to not just host your services, but do it in a way that is secure, resilient, and responsible. If you don’t know how to set up a network, set up a resilient storage, manage your backups, set up HTTPS and other encryption solutions, manage user authentication and privileges, and expose your services securely, you should not be self-hosting. You should be learning how to self-host responsibly. That applies to everything from Debian to Synology.

Friends don’t let friends expose their networks like Nintendo advises.

At work, we use PiSignage for a large overhead screen. It’s based on Debian and uses a fullscreen Firefox running in the labwc compositor. The developer advertises a management server (cloud or self-hosted) to manage multiple connected devices, but it’s completely optional (superfluous in my opinion) and the standalone web UI is perfectly usable.

I used it for a while, and it’s a decent solution. Similar to Tailscale’s subnet router, but it always uses a relay and doesn’t do all the UDP black magic. I think it uses TCP to create the tunnel, which might introduce some network latency compared to Tailscale or bare Wireguard.

Install Termux, then use either the dig or nslookup command to query the DNS name, and check which DNS server is queried. If it’s the private server’s address, you might be having connectivity issues. If it’s 100.100.100.100, the resolver is still trying to query Tailscale’s MagicDNS.

private dns setting of android

Probably. If that setting is enabled, Android (including Graphene) defaults to 8.8.8.8 if the higher-priority DNS servers (manual or received from DHCP) don’t support DNS-over-TLS or DNS-over-HTTPS.

I’ve never used Linkwarden, but the /data folder is often used by Docker containers to store the application’s data, so it’s likely an internal path. You’ll have to create a volume that exposes the internal /data path to the host filesystem, then whatever is written into that directory will be made available to both the container and the host system. Any file or directory in the container can be exposed this way.

I usually put my data volumes in /srv (where my large RAID array is mounted) and config volumes in /config, into a subdirectory named after the service, and with the minimal necessary privileges to run the container and the service. You could, for example, create volumes like this:

/srv/linkwarden/postgres_data:/var/lib/postgresql/data
/srv/linkwarden/linkwarden_data:/data/data
/srv/linkwarden/meili_data:/meili_data

The volume path (left side of the colon) can be anything. The right side is where the services expect their files to appear inside the container.

on limewire

Not only has this made me realize how fucking old I am, but I also got curious about how Limewire is doing, and…

In September 2025, LimeWire acquired the Fyre Festival brand, including its intellectual property, trademarks, online domains, and social media assets, from Billy McFarland via an auction held on eBay.

At this point, my 2025 bingo card would serve better as kindling.

The most straight-forward method would be to buy a standalone switch. I have a TP-LINK TL-SG108 8-port gigabit switch and it seems to retain the ARP table indefinitely.

My previous solution was an ESP32 board with an SSH server and a relay, wired parallel with the power switch, that would be closed by an output pin on command.

How much experience do you have with networking, exactly?

The DNS record points to a private IPv4 address (10.0.0.41), which cannot be accessed from the internet for multiple reasons; first of which is that it’s almost certainly behind a NAT gateway.

Your internet provider has given you a single publicly routable IPv4 address and assigned it to the WAN interface on your modem or router. If you want to access a host on the LAN, you’ll first have to configure port mapping or port forwarding on the router. Then you’ll have to open holes in your firewall and accept the fact that every bad actor will try to break into that host unless you know how to set up network security.

You can go with Debian (or Devuan), easily. My home server is running Proxmox on metal (Debian-based itself), virtualized OPNSense, and multiple Debian containers on an i3-4150 and previously 4GB RAM (now mis-matched 10GB).

Bro is also concerned about attacks on exposed well-known ports, in which case bro can use Tailscale Funnel to expose a service without exposing a port. Besides, bro can make up bro’s own mind.

Consider Tailscale. It’s a mesh VPN based on Wireguard that uses a hosted service to manage keys and devices. It works without having to expose any ports on the firewall, and can expose a service through a relay server.

Some people will say that you shouldn’t trust it because company bad, but you should give it a try and make up your own mind. If you’re feeling adventurous, you can install Headscale on a VPS to serve as a control server.

Yes, that will be enough. You can also use a single port on the NIC and the one on the motherboard if it can handle the ethernet speed you want.

This is my network setup on Proxmox:

vmbr0 is a bridge that has a single port going to the modem. The OPNSense VM’s first virtual interface is connected to this and configured as a WAN interface. Nothing else connects to this bridge as it is exposed to the internet.

vmbr1 also has a single port that goes to the physical switch. OPNSense’s second interface connects to it as a LAN port, as well as every other VM and container running on the server.