Posts

Are you a security and privacy schizo who uses Arch for fun and playing games? But you still somehow have friends? And those friends play exclusively kernel-anticheat-invasive games? I hear you. Here are 3 magic commands, mon ami: sudo sbctl create-keys sudo sbctl enroll-keys --microsoft sudo sbctl sign-all Doesn’t work? Let’s unpack. Prereq First, let’s confirm you’re booting UEFI with TPM2: sudo bootctl | head You want to see something like this: ...

TL;DR You can access your homelab services from anywhere; valid HTTPS certs, no open ports on your home IP, everything locked behind WireGuard. It’s not as hard as it sounds, and once it’s running it’s basically invisible. This post walks through the full setup: AdGuard for local DNS, nginx as reverse proxy, WireGuard tunnels, and HAProxy on a cheap VPS to route remote traffic home; optionally filtered through Cloudflare. Why? The standard advice is to forward ports 80 and 443 on your home router. It works. It also puts your home IP in every request log on the internet, leaves your router’s attack surface exposed, and means one misconfigured service is everyone’s problem. We do live in a society. ...

A smart person learns from his mistakes. A wise one learns from others’ mistakes. TL;DR Hosting your own email server is not just a technical headache; it’s an embodiment of living in a low-trust society where you’re constantly guilty until proven innocent. It’s an uphill battle against spam, security threats and the never-ending struggle of trying to reach a perfect server reputation that’s constantly “just” our of reach. I mean you’ll find yourself constantly jumping through hoops, trying to prove you’re not a bad guy, all because of the actions of a fringe minority. The real price isn’t just about money – it’s about the toll it takes on your time, sanity and even your faith in humanity. Do yourself a favor and leave it to someone else. BUT HEY, if you’re feeling adventurous, here’s a quick 5-minute guide on how to host your own email server. And if you’re itching to tell me exactly what I’ve done wrong or why I’m an idiot, you’re more than welcome to leave a comment or shoot me an email at stan[at]domainyourereadingiton.com ...