qjammer

joined 1 year ago
[–] [email protected] 4 points 8 months ago

You can install ufw and a frontend for it that lets you block specific processes. https://wiki.archlinux.org/title/Uncomplicated_Firewall#GUI_frontends It seems KDE already comes with a frontend in the system settings, and there's gufw for gnome/gtk.

[–] [email protected] 4 points 8 months ago

I recently bought an x86 passive cooled box from Topton, an aliexpress merchant, that was recommended by ServeTheHome, a great youtube channel/blog that reviews all kinds of networking equipment for homelabs. Since it's x86, you can pretty much install anything on it, in my case OPNSense. I recommend you watch some of their videos/read their blogs and see what fits!

[–] [email protected] 1 points 1 year ago

I read you mentioned firefox. I had a similar experience a while ago, related to this bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1704774#c13

[–] [email protected] 2 points 1 year ago

The nginx documentation for the ssl preread module has an almost identical example.

[–] [email protected] 3 points 1 year ago (2 children)

I am running a similar setup to yours. The issue is that only one server block can listen to an address+port pair. You ought to do something like this:

map $ssl_preread_server_name $proxy_backend_router {
        serviceA.example.com    upstreamA:12346;
        serviceB.example.com    upstreamB:12346;
        default $ssl_preread_server_name.invalid_proxy:443;
}


server {
        listen 443;
        ssl_preread on;
        proxy_pass $proxy_backend_router;
}
[–] [email protected] 2 points 1 year ago (3 children)

What you should be asking is whether the cables qre the bottleneck in your network or not.

Is there any link that is not negotiating 1Gbps? Do you have devices that could push 10Gbps but the cable is not allowing it? If not, then there's no need to upgrade them.

Unless, of course, if you want to do it just for fun, which is also a legitimate reason 😄