On my debian server, I have trivy to scan containers and I use clamav to scan files now and again but clamav uses up a lot of ram and its not a mailserver so I’m planning on uninstalling it.

On desktops I use virus total to scan PDFs or small files and stick to foss software

This is the correct course of action. Pull out of anywhere mandating this. The users will still find a way to get it.

I wonder how long it will be until they see elected representatives as inefficient. 🙄

They should threaten to leave the UK in response.

I have something similar . I have WG on the host to access my services and gluetun in a container using openvpn for specific services.

In my case I have the host wg pass through connections to the outside via iptables rules but I’m not forwarding the connection to gluetun. I have the ip of my server as my ip.

In your case as you want a commercial vpn ip as your exit ip you would need to use iptables to pass traffic between the 2 networks .

No issues at the moment but need to update a few containers when I get the chance. I also need to set up contacts sync in radicale for the address book and integrate it with Thunderbird and davdroid.

In the near term I’ve been working on a plan to make sure my keepass db is accessible to my SO and family in the event of my demise. I recently lost a dear friend and had to gain access to his stuff for his family, luckily he didn’t have the linux partition encrypted so I got a recovery shell then remounted the disk and changed the password and could then also mount the windows partition once I logged in.

It made me think as all my stuff is encrypted and there is no way someone would guess it nor crack it so I’m writing documentation and leaving it with family members.

The documentation explains how to use keepass and who to contact for support. Im leaving the db with family members and the password with a select few people that dont have the db. My SO will have access to all the info too.

I’ll update the db periodically and give them a newer version but keep the same password

I encourage you all to consider this too.

It will only get worse with the phone and tablet generation and LLMs.

Instead you report them

I do the same with adguard home, it works fine and like you say valid https for all services.

Syncthing ?

I’m due a backup and other than that I hope nothing breaks

13 containers currently. I have thought about adding some more stuff such as bazarr and more but I need to be in the humor for it.

R.I.P

Personally I just throw my roms in directories and serve them from nginx. Its easier to just pull them down on deck that way and requires no extra effort or maintenance on my end.

Everything else is on steam.

Adguard home

The problem is the client 🤣

They must have something to hide 🤨

Connect it to your PC or laptop and do a netinstall. Configure SSHD and a static ip. Plugin the disk to your server and then connect via ssh to admin it.

You could also set your laptop or PC to boot from the attached disk in the bios to test the services you want to start are starting

Happy to help 😉

Syncthing can do direct sync if you give the ip address to each node and you can disable relay servers .