I’ve tried many distros, Bazitte is by far the best for gaming without having to tinker. Fedora is not a good option imo because nvidia drivers are a pain in the ass.

I’d recommend he dual boot. Bazitte strictly for gaming due to it’s lack of traditional package management. And arch, Debian, or Fedora for coding.

I personally use PopOS for work stuff as well.

Last time I checked, you need to make a github pull request with the relevant info about your instance and after a certain buffer period they will add your instance to the list. Check the github page. There should be instructions.

I recently went down that same rabbit hole.

I ended up buying Bitwig Producer and I’m running it in an Arch install.

I tried a number of different distros which all caused different headaches. Arch ended up being the best fit for my Linux audio needs and was way easier to set up than Lubuntu, Debian, PopOS.

With the right setup, latency is better than I was getting in Ableton on Windows and Mac. I can even record live audio without any perceivable latency.

Bitwig made me realize how convoluted and stupid Ableton’s UI is. The team behind Bitwig holds good values, so I felt they deserved my money. However I have seen torrents available for it. I suggest you try a 30 day trial first that way you can check if you even like Bitwig before going through the hassle of getting a pirated version working.

My current pain point is Serum in Wine has GUI rendering issues making it unusable. Luckily Vital for Linux works perfectly.

Fabfilter plugins work with some minor tweaks.

My Waves license is on an ilok, which I know doesn’t work in Wine. So eventually I’ll pirate the cracked version and try that.

So far I’m really happy with the setup. Another benefit of Linux audio over Windows or Mac is the routing abilities. I can route any program as an input, allowing me to stream YouTube or Spotify into Bitwig so I can play live music over the songs without having to download them first or rig up some weird aux cable nonsense.

That’s pretty annoying.

I had a similar experience today with two other services. The bot detection systems these sites are using is completely broken.

I’ve had my tuta account for a while so never had that issue with them. But I don’t appreciate the way they handled your issue. I wouldn’t use tuta if I was treated like that.

Buy IP PoE cameras like Amcrest or Reolink, hard wire them to a detected hub that is either disconnected from the internet, or firewalled to only allow direct access over your own personal VPN.

AI is the poetic culmination of where society has been heading for decades.

A photocopy of a photocopy.

AI is literally an acceleration of Jean Baudrillard’s theories on modern culture.

Not that I think that excuses it. If anything it’s more depressing.

Take it one step further and host your repo somewhere other than github. Codeberg, perhaps?

I use Minica and it’s insanely simple to use. Terminal based though.

https://github.com/jsha/minica

There’s no certificate at the VPS level. It forwards everything to and from the self hosted reverse proxy.

Now that you mention it though, there may be a slight complication with pinning the reverse proxy to the domain API for cert renewals. I’ll have to check how I have mine configured but I may have given my reverse proxy a IPv6 and configured that for cert renewals.

That would mean some down time as you update the IP if your ISP rotates it.

This is fine unless you have a slightly higher threat model.

Me personally, I dislike the idea that if someone (VPS provider or LE) were to snoop inside my VPS, they would have all of my unencrypted data where TLS ends and wireguard picks it up.

I don’t do anything illegal, but I do have photos, personal files, and deeply personal journals/notes for which I enjoy the comfort of mind when kept private and secure.

My recommendation is always to have your TLS equipped reverse proxy on your own hardware. Then use a VPS as a SSL passthrough proxy that forwards requests to the locally hosted reverse proxy. You can connect the two via wireguard.

This has a few benefits. It keeps encryption end to end. It also allows you to connect to your server via your domain name even in you LAN. You can hijack your domain at the router level DNS menu to reroute to your local reverse proxy. And it keeps the TLS connection.

I believe this is the original whitepaper: https://ws.binghamton.edu/fridrich/Research/double.pdf

And here’s an implemention I found on github: https://github.com/andrewlewis/camera-id

With that repo you should be able to test ways to obfuscate the noise signal.

Most people don’t know your photos can be cross profiled and identified by the unique noise signature of your camera.

I’ve never heard of it being used in practice though. There’s a github repo somewhere if you’re interested in trying it yourself.

Partly true but Amazon has been known to make dupes of a product and sell it at a loss to drive the competitor out of business. I’m sure that threat lingers in some peoples’ minds.

They probably also promise the management team “you’ll still have creative control after we buy you”. Then turn around and replace each of them one by one

This has been such a depressing trend over the last few decades.

Fresh bright-eyed startup with a passionate creator develops some interesting and innovative product.

Gets bought out by FAANG, turns to shit and stops working properly or gets discontinued, and primarily functions as a spyware device.

This is amazing. Thank you!

This is fine if the post is something insanely low effort.

But I do worry if this ends up being too aggressive.

One of the things that made reddit so awful is how over moderated it was.

I don’t really take issue with dozens of posts by newbies asking the same basic question over and over. I used to be one and am occasionally back there again if I start a new hobby. Hopefully newcomers don’t get pushed off by overly sensitive moderation.

It would be helpful if you could provide a hypothetical example of what is considered a “low effort” post.

Join lat-team private tracker. They have everything you’d ever want.

Your first suggestion is a clever one.

I can imagine writing a small script on the host machine to listen for subdomains, forward them to pfsense to update the aliases, and possibly set them to expire after a few days for security reasons.

Surely something like this exists. How to find it…?

There’s a few apps I need to split out. Top priority is the signiant app which according to their documentation requires various AWS subdomains as well as their own. Specific subdomains are not specified and are implied to change regularly/on demand.

In an ideal world I would do my split tunneling on the device itself, but I don’t trust Windows and thus I run my VPN at the router level.

This isn’t a problem for most things, but I need to utilize my full bandwidth to transfer large files to clients in a timely manner, and a VPN becomes a massive bottleneck.

Pfsense lets you alias by domain name (I believe it regularly resolves down to an IP and uses that for filtering), but again, you need to supply the exact subdomain.

Just wondering if there’s an alternative solution to this issue. If it’s external to pfsense that’s not the end of the world.

Worst case scenario, I would set up a dedicated Linux box or maybe even a VM which could share access to the file transfer NAS and split tunnel the entire box around the VPN. Definitely less convenient.

This looks promising. I’m going to investigate further. Thanks!