If you are using the exact rules mentioned in my post, only the ports of your machine will be forwarded, not your entire local network. If you want to forward ports of more than one machine, look at the github link in the sources, it contains a detailed documentation of how to achieve that. Since, I do not know a lot about iptables, I may not be the best person to guide you, in this case. However, feel free to DM me, I'll might be able to help.
nutbutter
joined 1 year ago
Yes, it is fairly easy. You just have to forward the http headers. I am using HAProxy, and you can look at my configuration file in the blog. If you're using something like Nginx Proxy, look up how to forward http heards. Some applications, like Nextcloud, require extra steps, but they also provide their own documentation.
I am not sure, actually. Look at the sources, and you'll find the original GitHub link from where I took it. I am not very well versed with iptables.
I wrote a small blog about bypassing CGNAT using TLS-passthrough. Cloudflare uses TLS-termination, which means they can see all the data being passed through, which defeats the purpose of privacy.
I've tried hosting an nginx server. It is fun, but I wouldn't rely on it for production use cases.
I've also seen some people run docker on their android devices.
Try olamovies (dot) top. They have a lot of OpenMatte versions of many films as well. You might find IMAX too.
Proton VPN works for me.
But we should not have to pay another company to watch the content owned by a company we are already paying.
I was using Protonmail, and their other services, and was a paying customer for over a year. But I stopped because of their poor Linux support, and not being able to receive email notifications on my de-googled phone. I made a shift to mailbox.org and am liking it. Yes, I have to manage my own PGP keys, but the experience is much better, in my opinion. Their storage even supports WebDAV. I can encrypt the whole inbox and the files stored in their drive with my own key.
Thank you for these suggestions. But I have a few questions.
How can I do the 2nd and 3rd point if I am using docker/podman containers?
Why is ClamAV useless?
Joplin can be a multi-user solution as well. I use Joplin with Nextcloud. If you don't want to share notes just use Joplin and every user can use the same nextcloud instance, but different user accounts, to save their notes. If you want to share all the notes, all the users can synchronise with the same Nextcloud user. You can make different notebooks for different users. All the users, however, can see and edit notes. Joplin cannot be a solution if you want to share some notes. It is either all, or none.
Logseq can be another solution, with the same technique. However, you can use git to synchronise different databases, where one database is used in shared notes and personal databases for non-shared notes. I host my own Gitea (will soon shift to forgejo) to synchronise my Logseq databases.
AFAIK, Piped always proxies the videos through a server.
I am more familiar with Invidious. Find an Invidious server that lets you enable proxying. Some examples are yewtu.be, invidious.protokolla.fi and inv.nadeko.net. Then find an RSS app that lets you download the content, as well as supports cookies. Use the invidious server's cookies in your RSS app to proxy the content you download. Invidious servers can provide RSS feeds for individual channels, as well as your complete subscription feed.
And if possible donate a dollar or two, regularly, to the invidious server that you use, since it takes up a lot of bandwidth and motivates the hoster to keep up what they are doing.
I am not sure what you mean.
The issue is, when using Cloudflare, they will terminate your TLS, then encrypt the data again with their own certificate, which is send to the visitor. When visitor interacts, their data is decrypted on Cloudflare's servers, which they encrypt again eith our original certificate and send it back to us.
Sure, hackers or sniffers might not be able to look at the sensitive data, but Cloudflare can. But do they, or do they not, is upto you, if you trust them or not.