My stuff is all in docker-compose with a stack/service structure, so listing it is as simple as running tree
, and reading the individual YAML files if I need in-depth details.
antsu
What you want are two servers, one for each purpose. What you are proposing is very janky and will compromise the reliability of your services.
Solid advice. Good to mention too: use btrfs as filesystem for a better experience with Timeshift.
If you have an interest in Arch, I'd recommend starting with a derivative distro like EndeavourOS. It'll give you an easy installation process and a desktop that's ready to use.
Then just use it as your daily driver. You'll eventually run into the occasional issue when package X or Y upgrades and breaks something, learn to fix that, and eventually learn the "ins and outs" of Arch. That's how I started, I went from Mint to Antergos, used that for a while, then when Antergos was discontinued (RIP) I converted my install to "pure" Arch and never looked back.
RustDesk sort of fits the bill. It's open-source, has 2FA, can be self-hosted (but not needed), the client runs on anything, but the main issue here is that no amount of workarounds will make an untrusted machine any less untrusted, you're essentially extending the display and input from a dubious machine into your own.
If you're really worried about the security aspect, my suggestion would be to only use your phone as the client, and if you need to do anything more complex, use a Bluetooth keyboard connected to it. There are some foldable keyboards that don't take too much space and are not terrible.
This here OP! ☝️
Jellyfin lets you do this easily.
Mine are all anime characters. Currently I have:
- Mizuho (Onegai Teacher)
- Misaki (To Aru Kagaku no Railgun)
- Washu (Tenchi Muyo)
- Siesta (Zero no Tsukaima)
- Derfflinger (Zero no Tsukaima)
Suggest your friend to give Eturnal a try maybe. I have it running on an Oracle free tier instance, and I use it daily to have video calls with my family using Synapse/Element (and Jitsi inside Element for group calls), and it works great. The documentation is very good too.
Edit: this is my Eturnal config, for reference:
eturnal: listen: - ip: "::" port: 3478 transport: udp enable_turn: true - ip: "::" port: 3478 transport: auto enable_turn: true - ip: "::" port: 5349 transport: tls enable_turn: true realm: turn.<MY_DOMAIN> tls_crt_file: /etc/letsencrypt/live/turn.<MY_DOMAIN>/fullchain.pem tls_key_file: /etc/letsencrypt/live/turn.<MY_DOMAIN>/privkey.pem tls_options: - no_tlsv1 - no_tlsv1_1 - cipher_server_preference
And the compose file:
services: eturnal: container_name: eturnal image: ghcr.io/processone/eturnal:latest environment: ETURNAL_RELAY_MIN_PORT: 49160 ETURNAL_RELAY_MAX_PORT: 59160 ETURNAL_RELAY_IPV4_ADDR: <REDACTED> ETURNAL_RELAY_IPV6_ADDR: <REDACTED> ETURNAL_SECRET: <VERY LONG RANDOM STRING> volumes: - ./eturnal.yml:/etc/eturnal.yml:ro - /etc/letsencrypt:/etc/letsencrypt:ro restart: unless-stopped read_only: true cap_drop: - ALL security_opt: - no-new-privileges:true network_mode: host
Running the right command on the wrong SSH session/machine.
Cool. Time to get ready for another round of broken extensions.
Original artist: https://x.com/CenturiiC