It was waitlist for a while, not sure if it still is but I got my welcome email like a week later.

Sounds likely, I haven’t used port forwarding with my VPN since Mullvad stopped supporting it, so when I recently shared my own torrent I paid for 1 month of a seedbox just to make sure it seeds well and the seedbox uploaded ~50GB while my local setup on a VPN without port forwarding only uploaded 1.8GB (and it hardly showed any peers as if nobody was trying to download). So it seems peers had a much easier time connecting to the seedbox.

I have since setup port forwarding in gluetun for my local torrent client. I just wish there was more support for it because gluetun only has built in support for port forwarding for 2 providers (I guess automated requesting a forwarded port), and even then you still have to make your own script to automatically set the port in the torrent client when it’s assigned / changed. It’s possible that some providers do it more like Mullvad where you get assigned a port via the website that is tied to the VPN credentials, so you just have to plug the assigned port into the torrent client settings (that’s how it worked with Mullvad so I could just enter the port once and forget about it) but I haven’t checked other providers to see.

Partially yes, the tricky thing is that when using network_mode: "service:tailscale" (presumably on the caddy container since that’s what needs to receive traffic from the tailscale network), you won’t be able to attach the caddy container to any networks since it’s using the tailscale network stack. This means that in order for caddy to reach your containers, you will need to add the tailscale container itself to the relevant networks. Any attached containers will be connected as well.

(Not sure if I misread the first time or if you edited but the way you say it is right, add the tailscale container to the proxy network so that caddy will also be added and can reach the containers)

Here’s the super condensed version of what matters for connecting traefik/caddy to a VPN like wireguard/tailscale.

• I left out all WG config since presumably you know how to configure tailscale
• Left out acme / letsencrypt stuff since that would be different on caddy anyway
• You may need to configure caddy to trust the tailscale tunnel IP of the machine on the other end that will be reverse proxying over the tunnel.
• Traefik I guess requires you to specify the docker network to use to reach stuff, I just put anything that should be accessible into “ingress” as you can see. I’m not sure if my setup supports using a different proxy network per app but maybe caddy allows that.

My traefik compose:

services:
  wireguard:
    container_name: wireguard
    networks:
      - ingress

  traefik:
    network_mode: "service:wireguard"
    depends_on:
      - wireguard
    command:
      - "--entryPoints.web.proxyProtocol.trustedIPs=10.13.13.1" # Trust remote tunnel IP, the WG container is 10.13.13.2
      - "--entrypoints.websecure.address=:443"
      - "--entryPoints.websecure.proxyProtocol.trustedIPs=10.13.13.1"
      - "--entrypoints.web.http.redirections.entrypoint.to=websecure"
      - "--entrypoints.web.http.redirections.entrypoint.scheme=https"
      - "--entrypoints.web.http.redirections.entrypoint.priority=100"
      - "--providers.docker.exposedByDefault=false"
      - "--providers.docker.network=ingress"

networks:
  ingress:
    external: true

And then in a service’s docker-compose:

services:
  ui:
    image: myapp
    read_only: true
    restart: always
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.myapp.rule=Host(`xxxx.xxxx.xxxx`)"
      - "traefik.http.services.myapp.loadbalancer.server.port=80"
      - "traefik.http.routers.myapp.entrypoints=websecure"
      - "traefik.http.routers.myapp.tls.certresolver=mytlschallenge"
    networks:
      - ingress

networks:
  ingress:
    external: true

(edited to fix formatting on mobile)

I’ve done something similar but I’m not sure how helpful my example would be because I use wireguard instead of tailscale and traefik instead of caddy.

The principle is the same though, iirc I have my traefik container set to network_mode: “service:wireguard” so that the traefik container uses the wireguard container’s network stack. That way the traefik container also sees the wireguard interface and can receive traffic going to the wireguard IP. Then at the other end of the wireguard tunnel I can use haproxy to pass traffic to the wireguard IP through the tunnel and it automatically hits traefik.

So realized that the season pack from deadorbit uses subs from opensubtitles which seems to be missing on screen text translations and title-cards, so I remuxed in the subs OP linked - which appears to have been edited to include title-cards and on screen text - to replace the ones in the deadorbit pack. Here’s a base64-ed link to a paste with the magnet for that if anyone wants it since I already went through the work for my own collection - it’s 1080p web-dl x264 8 bit AC3 5.1

aHR0cHM6Ly9ub3RlYmluLmRlLz84MjYzYTQyYjhhYmZkNDhiI0V3cHA2ZmZOZnQ5REpzVmg0YWNndG9NZ2lOa2dENXlLalNzVHI1RktiZkJt

Edit: since torrents can be slow to start, here’s a direct download link on mega, if you download that way consider grabbing the torrent from the first link and pointing your torrent client to the downloaded files. And of course feel free to repost and reshare everything:

aHR0cHM6Ly9tZWdhLm56L2ZvbGRlci8xSVFHMVQ3SyN4UkYyM25WZ0xVZXpTd3NpSnRBVXNB

Thanks for the reminder to grab the subs for this, sonarr downloaded the ollonborre release a while back and I couldn’t find subs.

Looks like there’s now a season pack on 1337x from deadorbit with muxed eng subs, and all in DD5.1 too.

I believe 4K is already basically there. I have a 50" 4K (2160p) that I sit 9 feet away from and based on the Nvidia PPD calculator, that makes for 168ppd, and according to that page 150ppd is around the upper limit of human vision. Apple’s “retina” displays target around 50-60ppd (varies based on assumed viewing distance), which is what most people seem to consider “average eye visual acuity”. Imo 4K / 150ppd is more than enough.

Seems Pierre has struck down the steam deck update rumor:

“There is and will be no Z2 Steam Deck. Guessing the slide was meant to say the series is meant for products like that, not announcing anything specific.”

I’m pretty sure this will be a lot of work. Even assuming you didn’t rename any files and all the torrents are in a single folder, you still need to re-search for every torrent file and add them to a torrent client that should automatically find the files in the target location and check them to see that it’s already downloaded. I’m not sure if all torrent clients do this so I would advise testing it first - when re-adding a torrent with existing files I usually add it paused and then force re-check to be safe.

In theory it should be possible to make a program that does this - automatically indexes and crawls torrent sites and DHT, fetches torrent meta info, then scans your HD for matching files to seed. This feature is a proposed one for the DHT crawler “bit magnet” so I’m hopeful that one day there will be a program that can do that.

If the battery inverter in the Anker box doesn’t pass through grid power then I think you would use an automatic transfer switch that switches between mains and battery inverter depending on which is powered. I had dreams of offsetting my homelab power with solar + battery + inverter.

If the machine doesn’t boot then you can use this to access the bios and boot a recovery environment of your choice remotely using pxeboot.

Immich has a setting that does automatic photo backup over WiFi, I use the android app as a Google photos replacement. You can choose however many folders on your phone as you want (I just do camera roll) and enable only backup over WiFi and it backs up all the photos in original quality. I self-host the server on my Synology with a reverse proxy (can’t forward ports at my current place due to cgnat) so I can access it from anywhere.

I believe the app is cross platform so the iPhone version should be identical to the android one.

I once had someone open an issue in my side project repo who asked about a major release bump and whether it meant there were any breaking changes or major changes and I was just like idk I just thought I added enough and felt like bumping the major version ¯⁠\⁠_⁠(⁠ツ⁠)⁠_⁠/⁠¯

Woah federation would be huge!

Someday I would love to be able to share and receive shared photos / albums to and from users on different servers. Especially if it lets me sync the original files so that I can keep a copy in case their server goes down. It would also be neat if you could enable activitypub so that your account could show up as a fediverse user that people can follow for public or approved follower only posts, pixelfed compatibility would be super cool.

Unironically why I switched my parents to Linux - they don’t touch any important settings so usually the only problems are when they get a new popup / prompt they’ve never seen, which ofc happens a lot more on windows especially when they decide to push some new thing or decide that they want to convince people to enable something new or change a setting that they want people to use.

I also love that if they call me I can just ssh in over tailscale and do whatever needs doing.

Seconding immich - I host it for my family which makes sharing vacation photos easy since they all have accounts on my instance that can be shared to / from.

Keep in mind that if you set up raid using zfs or btrfs (idk how it works with other systems but that’s what I’ve used) then you also get scrubs which detect and fix bit rot and unrecoverable read errors. Without that or a similar system, those errors will go undetected and your backup system will backup those corrupted files as well.

Personally one of the main reasons I used zfs and now btrfs with redundancy is to protect irreplaceable files (family memories and stuff) from those kinds of errors, as I used to just keep stuff on a hard drive until I discovered loads of my irreplaceable vacation photos to be corrupted, including the backups which backed up the corruption.

If your files can be reacquired, then I don’t think it’s a big deal. But if they aren’t, then I think having scrubs or integrity checks with redundancy so that issues can be repaired, as well as backups with snapshots to prevent errors or mistakes from messing up your backups, is a necessity. But it just depends on how much you value your files.

Ah, I didn’t gather that you were implying that they were doing a partial enforcement so I was confused.

They don’t appear to be labeling in both the display name and bio, just the bio, so aren’t they breaking the rule?

From my perspective, plenty of people are pointing it out. One of the authors of activitypub Christine Lemmer-Webber talked about it in depth in a blog post: https://dustycloud.org/blog/how-decentralized-is-bluesky/