• 0 Posts
  • 19 Comments
Joined 1 year ago
cake
Cake day: June 12th, 2023

help-circle




  • I don’t know how I feel about this personally. On the one hand, I feel like this is a privacy win for those who want it: no watch history means no algorithmic recommendations and (presumably) less data collection for those users. On the other hand, I personally really enjoy the recommendations that YouTube makes for me. Maybe it is the wide variety of content that I watch, but I’m honestly very pleased with the recommendations that YouTube provides. That being said, I feel like the opt-in to algorithmic recommendations is a good thing overall, however I am personally going to leave my watch history enabled.











  • Cloudflare tunnels or a reverse proxy with Cloudflare DNS would be much easier to manage IMO. What you’re doing will work but it seems like you have a lot of moving parts in your setup which can lead to errors creeping in.

    With both proposed setups you should be able to pass non web-based traffic to their respective backends. In nginx that would look something like the following:

    server {
            listen 443 ssl http2;
            server_name service.yoursite.tld;
    
            location / {
                    proxy_set_header X-Real-IP $remote_addr;
                    proxy_set_header Host $host:$proxy_port;
                    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                    proxy_pass http://<IP of your service>:<port>;
            }
    }
    

    With Cloudflare tunnels you can setup a VM as your tunnel termination point and configure ingress rules to pass traffic where it needs to go, similar to this:

    tunnel: <Tunnel UUID>
    credentials-file: /root/.cloudflared/<Tunnel credentials>.json
    
    ingress:
      - hostname: service1.yourdomain.tld
        service: http://192.168.0.10:80
      - hostname: service2.yourdomain.tld
        service: ssh://192.168.0.20:22
      - service: http_status:404 # This is a catch-all rule to handle unmatched ingress traffic
    

    One thing you can do for your public IP is use something like inadyn to update cloudflare with your public IP when it changes. Inadyn is super lightweight and will make sure, +/- 5 minutes, that your public IP is up-to-date with Cloudflare.




  • Cloudflare free tier + a reverse proxy will set you straight. You can add subdomains for your services as A records in Cloudflare off of your root domain, i.e. lemmy.yourdomain.tld, personalsite.yourdomain.tld, images.yourdomain.tld.

    When doing this, enable the Cloudflare DNS proxy which will route DNS requests to your origin service through Cloudflares’s CDN. This essentially “hides” your public IP as anyone doing a nslookup lemmy.yourdomain.tld will get Cloudflares’s IPs back as a response.

    Once you’ve done this, you can break everything back out to it’s respective backend via a reverse proxy. For example, lemmy.yourdomain.tld gets passed to 192.168.0.10, personalsite.yourdomain.tld gets passed to 192.168.0.20, etc.


  • I like it so far. The web interface is pretty solid and Jerboa is serviceable, though missing some features that I would call crucial to the experience. I can’t fault the developers at all though, as it’s like two dude to my knowledge. The reddit API thing convinced me to run my own instance for friends.

    I’m hopeful lemmy takes off and sees a larger adoption as well, I think that putting the internet back in the hands of individuals is super important as there has been way too much aggregation of services for like the past decade IMO.