OMG Hypnotoad HTPC is so much better! Why didn’t I thnnk of that?

Server (big iron): Bender

Desktop (main character): Fry

Laptop (for accounting): Hermes

Netbook (small and dumb): Nibbler

Phone (held to my head): BrainSlug

HTPC (one big viewport): Leela

Well… shit. My company just sold my department to another company. The phrase they use in the office is “a Microsoft shop”. We’re talking Windows, Teams, Azure and O365.

The transition is going to be shit. After the transition is over, it will be shit.

I might just operate my workflow entirely out of WSL2 out of spite.

That’s basically it. My Ubuntu server is a router, NAS, plex server, public statum-1 NTP server, wordpress server, nextcloud server, security camera NVR, SMTP/IMAP mail server, CUPS print server, tor relay, and probably a few other things I forgot about.

You can do a lot with a single CPU from 2015.

I don’t have hostapd on it anymore. I now have dedicated APs on OpenWRT. The main problem with using a WNIC for an AP is that they don’t typically have a very strong broadcast output. I had to add an amplifier, and even then it wasn’t great.

I’ve done this before on Ubuntu. You can install nftables for routing, then install hostapd for a wifi AP.

I don’t even use it. Once I got SPF/SSL/DKIM/DMARC working, there was less spam than what I get on gmail.

The owners closed the restaurant and started a new one so I let the domain lapse.

Linux is great when you have the opportunity to choose the right hardware upfront.

There’s a few things that are outright neglected.

ISPs often have SMTP relay servers. If you hook into that, your mail gets instant street cred.

Setting up fail2ban to block people trying to brute force the admin panel is a good start.

PlexAmp is an amazing bit of software for a phone. It doesn’t translate well to the desktop, but it’s still pretty good.

Your flacs will play lossless on wifi, and transcode to 128kbps opus on mobile. You can tweak those settings too.

Most smart TVs have a native plex app available too.

CUPS facing the public internet sounds a bit crazy. Why would you print when not physicly near the printer?

IPv6 should not be disabled under any circumstances.

In fact, many devices in my house have IPv4 disabled. Disabling IPv4 on my public-facing SSH reduced the attack traffic to zero.

IPv4 is shit.

Public-facing: Password generator, stored in a password manager.

Internal LAN: Everything gets the same re-used, low-effort password.

Nobody is going to hack my CUPS server.

OK, here’s how it happened.

I was hungry, and I wanted to see the menu for my local pizza joint. I couldn’t find it anywhere.

I discovered that all their socials linked to a website that wouldn’t load. When I checked, the domain had lapsed.

Out of frustration, I purchased the domain and pulled the last snapshot of their website off archive.org. It had their full menu as a PDF.

6 months later and it’s still getting visitors from their facebook page, who are viewing the menu. They haven’t even realised.

Host all the things!

Wordpress, SMTP/IMAP, tor, bittorrent, Nextcloud, Plex, NTP, photo galleries, DoT…

I even started hosting the website for my local Italian restaurant and they haven’t even realised it yet.