I have alway been wondering who are actually drawing all these pictures.

That’s a awful lot of money to commission an artist to make all these shitposts.

More shorter!

Okay I am very confused… where are these characters from? Sorry for my ignorance.

That’s my point. Please take a look at group policy editor. You’ll be amazed how many settings are hidden from the settings app. And once it’s set there, it cannot be overridden by anything, INCLUDING UPDATES. You can even completely turn off automatic updates there and only update manually when you feel comfortable.

It’s meant to be a enterprise thing to lock down PCs. But on your own PC you are your own boss.

1. With group policy you actually really need to do it once.

2. I guess you didn’t read the next sentence of the one you quoted?

I guess a better question to ask is: WHY do you want to switch to Linux. Is there a compelling yet specific reason. Abstract things like “better privacy” is not that valid for regular folks. You can tweak enough things in windows with group policy/registry to make it just okay. Surely it’s not out of the box but you only need to do it once, and I imagine this will only take a fraction of the time you would otherwise spend troubleshooting Linux.

If there are specific Linux things you need to run, why not use your server or even WSL?

As much as I love Linux, my main gaming/video production PC will always be windows.

It’s 12V so I guess you can Frankenstein something with a car battery. But honestly this sounds more like a LTT video than something I would trust not to burn my house down.

Yep I’m looking at system76. Not sure about how valid the 14h battery life claim is though. That seems awfully optimistic on a 10-core Intel chip.

Some addition power management tools I suppose?

That’s new info for me thanks. Never knew thinkpad can excel in this department.

Very good point regarding geoip, thanks!

Yea that’s basically the reason why I can’t use a VPN.

In fact there isn’t really a problem to leave your phone connected to the selfhosted VPN all the time. If split tunneling works properly, only traffic that access your home network would actually go through the VPN, all others will just get bypassed.

But in my case, I already need to be connected to another VPN most of my day, so can’t really go this route.

Well I’m trying to discuss when unable to use a VPN so….

Limited container access is a good point. Noted.

I think the APP itself is fine, but would an API access give attackers a mean to brute force into it? Sorry no expert here.

The official wiki talks about securing password login with fail2ban. I guess this is not needed in my case, as it’s handled at the Authelia level.

Because it’s “quick start”. Least effort to get a taste of it. For actual deployment I would use compose as well.

Many project also have a example docker-compose.yml in the repository if you dig not so deep into it

There is https://www.composerize.com to convert run command to compose. Works ~80% of the time.

I honestly don’t understand why anyone would make “curl and bash” the officially installation method these days, with docker around. Unless this is the ONLY thing you install on the system, so many things can go wrong.

I wonder if this can be done with a reverse proxy. Nginx can change specific strings in the page it returns, so maybe this can be pushed a bit further?