Asparagus0098

AA? If you mean your friend then I'm not them.

What I've learned playing rhythm games is that taking breaks is important. When I hit a wall, I just take a break from that game and come back to it later.

What have you been playing?!

I'm playing through Celeste again. I only finished the main story when I played it before. I intend to finish chapter 8 and go through as much of the B/C sides as I can this time.

I've also been playing Stardew Valley and another game called vivid/stasis. I really like the story in vivid/stasis so far because it's Sci-Fi, one of my favorite genres. There are some things that I don't enjoy about the game, like the puzzles and the boss songs having health bars (the songs are just too difficult for the current me to beat with a health bar). Thankfully I can just skip the puzzles with a guide and the boss songs using the autoplay accessibility option.

A lot of banking apps do work on grapheneos.

https://privsec.dev/posts/android/banking-applications-compatibility-with-grapheneos/

Containers within a pod can use localhost to access each other. Containers outside of the pod needs to use the pod name to access the containers in the pod.

I looked up when pasta became the default networking backend for rootless and it seems to have been with podman 5.0. I do remember using podman 5.x versions, so I was most likely using pasta.

The reason why I seperated each app into their own network was indeed for security. The only container with access to all the networks is the reverse proxy.

I made a comment on another post a while ago, talking a bit about inter-container/pod networking.

https://sh.itjust.works/comment/17072681

Do you actually need to move the admin ui off of port 80/443 if you are just forwarding ports? I don't think you need to. That said I actually don't know much about port forwarding since I use Tailscale because of CGNAT.

My understanding of port forwarding is that you are forwarding connections to your WAN IP/port to a LAN IP/port. Since the router admin ui is available only on LAN by default, you don't need to change it's port from 80/443.

You don't need 2 reverse proxies as others have said. What I did is just add a DNS rewrite entry in my adguardhome instance to point my domain.tld to the LAN IP of my reverse proxy.

I use some generic names.

• Phone: phone
• Current Laptop: fedora
• Old laptop: laptop
• Router: openwrt

Yeah obsidian's pretty nice. I use the daily notes feature built into it for my journal.

collapsed inline media

I ran a podman quadlet setup as a test some time ago. My setup was a little like this:

• Create a pod if the app uses multiple containers
• Create a seperate network for each app (an app is either a single container or multiple containers grouped in a pod)
• Add the reverse proxy container to all networks
• I don't expose any ports to the host unless necessary

If you create a new network in podman you can access other containers and pods in the same network with their name like so container_name:port or pod_name:port. This functionality is disabled in the default network by default. This works at least in the newer versions last I tried, so I have no idea about older podman versions.

For auto-updates just add this in your .container file under [Container] section:

[Container]
AutoUpdate=registry

Now there's two main ways you can choose to update:

1. Enable podman-auto-update.timer to enable periodic updates similar to watchtower
2. Run podman auto-update manually

# Check for updates
podman auto-update --dry-run

# Update containers
podman auto-update

If you run adguard home it's pretty easy. Just add a DNS rewrite to your local IP.

collapsed inline media