Stepsister. Or people will think you’re weird.

Explore Proxmox Backup Serve. You can set up replications of backup sets to an offsite location using Remotes, and this takes advantage of the dedup capability in PBS on the initial backups.

I have also used ZFS for my underlying storage of the backups, and that gets repped to zfs.rent, but it would be a more difficult recovery since I’d have to set up another PBS server and hook the zpools on to it, but not really difficult.

I also have a pair of USB harddrives that I swap on to the PBS server and it runs a separate backup to the USB drives (with the offline one failing, of course). I then swap the drives out weekly and restart the PBS server to initialize the correct datastore for the next weeks backup. I could do that online manually at the CLI, but it’s just as easy to let zfs.mount take care of it at reboot.

There’s a series of books written years ago that explore a group of people that go back in time to before the flooding, and during their wars/fighting, they open the Gibraltar strait and the flood begins. It was a series that really stuck with me, well written.

Saga of Pliocene Exile by Julian May.

https://a.lemmy.world/lemmy.world/comment/14653584

Every application you expose to the internet, even via a reverse proxy, increases the chances you’ll get popped. Set up Tailscale or another VPN for every device that accesses these applications. If you absolutely need real SSL certs because you can’t just use private certs, you can turn on forwarding to a proxy like Nginx Proxy Manager for long enough to pull a cert, but otherwise you should just reference the internal address of that proxy from devices over the VPN or locally in the network. Tailscale has very good documents on how to set up a secure network using VPN. You can also use DNS-only certs instead of opening the firewall.

If you have to, set up a local DNS like Technitium or even Pihole with custom entries to give you internal name resolution for your registered domain/host names.

If you absolutely, positively need to expose an application, at least use Basic Auth on that hostname. It drastically reduces the attack surface before it gets to the application.

That reverse proxy thing Yunohost has going is a bad habit to get selfhosters into.

Read the Led by Donkeys tweet about all the shit he’s been up to recently in Europe. He’s gone full retard for white supremacists.

While they fuck over the rest of the world.

Error: 0x80080005

So easy to google.

Hitler had his faults, but spouting the baby talk shit this jackass does every day wasn’t one of them.

What I hate is when they want you to store “secret” information like your mother’s maiden name/ first pet name for later verifications. You know these are stored in plain text of course. My own damn government does this stupid shit, and they’ve had several hacks of PII including gun registrations because as far as I can tell, nobody competent works in government IT.

Just get a virtual DID number from something like Voip.ms or virtualphone. There may be other providers out there that use crypto for payment for added privacy, but if all you want to do is be able to keep your real phone # off the grid, these work.

The last few of Cory Doctorow’s books explore things like gift societies and, maybe not “communism” but more cooperative cultures that can result from ubiquitous interconnectedness. Walkaway is one of them.