That article is for lay-persons and really an awareness article I surmise. If you’re technical you are likely already aware of the security concerns with jacascript.
notfromhere
Malicious javascript seeks to bypass security controls. It’s one of the reasons NoScript is a thing. It could be a malware loaded from an ad. Biggest reason for adblockers imo.
Check out this link for learning about this stuff.
https://heimdalsecurity.com/blog/javascript-malware-explained/
Word of caution, if you have been browsing successfully until now, it could be a malicious javascript app or malware loaded from that website that is attempting to scan your network or do other things. In other words if this is a new firewall request above and beyond the standard one librewolf needs to function, proceed with cation.
No judgement here. I think it’s a worthy goal just not one I am particularly interested in at this point. Maybe if the automation was a bit easier and the mobile device management was easier I might join you.
My experience is it’s really a lot of work and with the prevalence of letsencrypt, there is not a lot of automated setups for this use case (at least that I have been able to find). It is kind of a pain in the ass to run your own CA, especially if you plan to not use wildcard and to rotate certs often. If you use tailscale, they offer https certs with a subdomain given to you:
[server-name].[tailnet-name].ts.net
That’s honestly what I’m moving towards.
Another vote for wiki.js. It has tons of authentication options and integrations. The mobile web interface is a tad clunky but usable.
I rip with makemkv then use handbrake for slimming down to hevc/aac. I have too many discs and not enough storage to keep the raw rips. Newer handbrake supports nvidia transcoding for hevc, getting some great quality, but I wish it would support audio tracks and subtitles better… for multilingual subtitles I have a custom ffmpeg script that does a decent enough job.
Also cropping can be a pain in the ass with both ffmpeg and handbrake, much less so on the latter.
I am genuinely baffled at that being possible. How can others do this?
Yea that looks pretty amazing. Thanks for sharing!
Single node k3s is possible and can do what you’re asking but has some overhead (hence your acknowledgment of overkill). One thing i think it gets right and would help here is the reverse proxy service. It’s essentially a single entity with configuration of all of your endpoints in it. It’s managed programmatically so additions or changes are not needed to he done by hand. It sounds like you need a reverse proxy to terminate the TLS then ingress objects defined to route to individual containers/pods. If you try for multiple reverse proxies you will have a bad time managing all of that overhead. I strongly recommend going for a single reverse proxy setup unless you can automate the multiple proxies setup.
And here I am running a bare metal k3s cluster fully managed by custom ansible playbooks with my templatized custom manifests. I definitely learned a lot going that way. This project looks like it has just about everything covered except high availability or redundancy, but maybe I missed it in the readme. Good work but definitely not for me.
I really enjoyed MDK/MDK2 as a kid. I don’t know any modern platformers to comment on quality now vs then.