31 branches? uh… okay.

It’s in their docs. https://docs.nextcloud.com/server/latest/admin_manual/installation/index.html

Follow the pages one by one, (ie install php modules etc, edit settings, install apache2, edit settings, etc etc). Follow the recommendations (eg. PHP8.2, don’t try to use bleeding edge).

You’ll be running in no time, and have a properly updatable system using apt, and the nextcloud ./occ command.

I would recommend using Debian 12 over Ubuntu variants. There are other guides, like this: https://www.digitalocean.com/community/tutorial-collections/how-to-install-and-configure-nextcloud But you may have to “convert” some of the Ubuntu specific stuff to Debian, but actually there is probably no difference (php module naming convention maybe? Is that still a problem today?)

I find Joplin perfect for my needs. Markdown, embedding images, links etc. I sync to my selfhosted nextcloud.

I like tags, I would like them to add a “directory tree” type of view to help sort “folders” (the thing they call “notebooks”) but only because I am more used to just filesystem type structured filing. But the notebooks and tagging idea works for me too.

I strictly use it for notes/note keeping, in particular “HOWTO’s” and specific topic notes. So I dont even do a great deal of markdown in my notes, but I love the ability to add screen captures etc to them for clarity.

And being on nextcloud, I can access those notes anywhere on any device, PC, Android, Raspberry Pi!! Joplin has an app for all of them

No, you total bell end.

I support and do everything in Linux, and I can. But I cannot play games I want to play. I have to use windows to play what I want to play, because companies that make games do not support Linux.

How fucking retarded are you?

Never mind, you are probably just another aimbot using n00b in some old game that still runs on Linux, that no one cares about anymore.

Kernel Level Anti-Cheat. If you don’t understand that, then you don’t know if Linux is good or bad for “gaming”.

Basically everything you want to play on Linux, that is not supported by the anti-cheat kernel is screwed.

“Steam offers all these game to play on Linux” - yes, but I played them all 20 years ago.

Try playing something like Genshin Impact. You cannot, the anticheat is Windows only. (PS and consoles, it relies on anticheat mech’s from the HW). They don’t offer a Linux version - so you are screwed.

Does it have EAC or Battleeye? You are shit out of luck.

The Linux Desktop is ready for primetime, but not for gaming. You need a windows boot for gaming, unless you are playing Half-Life…

I know this is not useful for most use cases, but if you login to the desktop on the ‘remote Wayland’, locally first then RD will work as expected. So if you can change the behaviour of the remote desktop to stay unlocked (IE its in a secure place where others cannot just access the device), then and RD will work with Wayland.

I use NoMachine (since I manage all sorts of devices, and its nice that there is a client and server for everything including phones/arm) and it works for me because many of the machines are actually VM’s and I can keep the desktops unlocked and logged in. NoMachines solution for Wayland - is to disable it and use X11 !!

But I wish many of the RD developers would just embrace Wayland and add/rewrite code to support it (If it is in their scope, I don’t know) It might not be, since I am aware of Waypipe and Pipewire, but I’d assume that RD devs would still need to include support for that.

Heimdall

https://youtu.be/GXnnMAxPzMc

Resources is a nice aio flatpak for system monitoring.

https://support.lenovo.com/au/en/solutions/ht036206-types-of-password-for-thinkpad

Reset forgotten supervisor password

If you forget your supervisor password, Lenovo cannot reset your password. You must take your computer to a Lenovo Service Provider to have the system board replaced.

Thats not how it works.

You have a LAN and hopefully you have a firewall that shields your LAN from WAN. Your fw is probably handing out DHCP lease IP (like 192.168.x.y)

When you “bridge” your VM looks like an independant device on you LAN. Nothing at this point has allowed it to the public. Your dhcp can even give it an IP (but its probably better to set a static ip). In bridge mode, a "fake mac is spoofed alongside you nic’s real mac, and only for said VM)

At that point the VM id accessible likr any other device on the LAN.

if you then want to use vpn, just connect to your LAN however that works(vpn to computer or vpn to firewall/vpn server) and access.

if you want to access from WAN without vpn, then you need to understand reverse proxying and youll need a full proper firewall\gateway device at the front of your network (like OPNsense).

deleted by creator

You’ll also find Rust in the Linux Kernel. Of course you have to turn EAC ripper off, that is a Microsoft program and won’t run in Linux natively.

It dropped today! I would not recommend rolling out to production immediately without testing first. There are some known issues that do need thought.

I’d also like to make those who use opnsense aware that there is a community that specifically targets it. Of course we are here in Selfhosted to help, and wouldn’t stop.

I replied to a nginx plugin question years ago on Reddit. Simple fact is, the plugin is really just designed to host a simple-ish webpage. https://www.reddit.com/r/OPNsenseFirewall/comments/klauwb/setting_up_a_web_server_on_my_opnsense_box_with/

I recommend you serve whatever you want to serving on vm’s/whatever on your internal network, and then use HAProxy (Built-in) to do the forwarding via opnsense. HAProxy is a High Availability and Performance proxy and load balancer, it does what nginx proxy manager does and more.

Your second, third and fourth points eliminate many distros such as Ubuntu. And many of the distros out there are based on Debian.

Debian isn’t really stale. It is currently running kernel 6.1.10 which is not a long way from 6.1.39 (longterm, and that only came out 2 days ago). Stable gets constant updates. Testing is also generally very stable. The only thing that stops testing moving into stable is what are considered Release Critical bug count. All documented here: https://www.debian.org/doc/manuals/debian-faq/ftparchives#testing

Also while Debian 12 is LTS, it won’t stop 13 from coming out and it doesn’t stop you from upgrading to 13 (although you may lose LTS if they decide that 13 will not be LTS).

Debian is about as open as you can get, certainly does not infringe on your 2, 3 and 4th points.

Only other thing is what you are doing with your Linux, this might make a difference (you say daily driver, but doing what? Just office stuff, or heavy video editing, etc)

Mine is ~300w @ 230v most of the day. It varies only on what is being used.

when power fails and i have to switch to generator, the servers stay about the same but I can add about 250w to that for my PC, modem(nbn) etc . (which is why i know this info!)

This is a different problem. But when you configure a competent DHCP server, you tell it to give out a bunch of information to the client, not just an IP address. It should tell it IP, subnet, gateway, DNS server IP and default domain name. (in opnsense most of this is default so you dont have to actually configure it - hit the (i) button and it will tell you. Example for domain name: “The default is to use the domain name of this system as the default domain name provided by DHCP. You may specify an alternate domain name here.”)

Then on top of that google devices are notorious for ignoring DNS (ahem chromecast, etc) and want to use 8.8.8.8. This is because google does all sorts of non-DNS buggery on those devices, for example checking and pushing updates). Chrome on you PC could well be doing this as well, but it shouldnt it should be honouring your NICs config. However I don’t for a second doubt that Chrome is preferring DoH to somewhere like 8.8.8.8 first.

You will need to create a rule to enforce your local DNS server and block all other outgoing attempts.

To do this create a NAT rule port forward -> set the interface to LAN ,set the destination to LAN net and INVERT. Then destination port to DNS. Finally redirect target to your DNS server (127.0.0.1 for your opnsense) and DNS port (53).

This NAT rule says any DNS NOT headed to the LAN network must be redirected to the DNS server in your LAN.

Holy crap. Burn it with fire and make the switch.

A few weeks ago, I purchased a TP-Link AX53 for $200 AUD. Not the absolute bleeding edge for speed, but its WIFI6 does WPA3, mobile devices typically get 1Gb/s. More than enough for most use cases (Yes, you can get much faster but expect $$$$$)

Well yes. Normally you would put opnsense on 192.168.1.1/24 and then the wifi device on say 192.168.1.10/24. Then you allow opnsense to do the DHCP and disable DHCP on the wifi (they like to offer these services which can be nice for really simple setups).

What you are realistically running into is a DHCP war, and google will probably win over opnsense for wifi devices.

If what you actually want is to separate the devices to different subnets, then you really need to create a LAN / WAN and WIFI interfaces. And plug the wifi devices in the the WIFI interface (another network port on your opnsense box).

Then doing this, you can create a firewall rule(s) that allows data LAN <-> WIFI etc however you please. (or not even, maybe only WIFI <-> WAN and not let wifi devices access your LAN net).

Alternatively if you have a smart enough switch you could isolate with VLANs. But for a simple network, this isnt really necessary.