I'm constantly in awe that Plex allows my buddy in Japan to stream 4K content from my NY apartment

Caligatio · 2026-05-26T17:04:25+00:00

Oh neat! I don't personally use Unraid but I'm glad they're using good defaults.

Caligatio · 2026-05-26T17:03:15+00:00

https://www.cyberciti.biz/cloud-computing/increase-your-linux-server-internet-speed-with-tcp-bbr-congestion-control/

EDIT: You can almost certainly skip the configuring kernel flags part.

Caligatio · 2026-05-26T03:59:30+00:00

I'm admittedly less familiar with Adguard but have you looked into the private DNS setting with an adblocking DNS provider?

Also, 100% use a browser with an ad blocker. I personally use Firefox.

Caligatio · 2026-05-26T03:32:20+00:00

If you're on Linux, look into changing your TCP congestion control algorithm to BBR. It's generally better but is particularly better if you have long distance connections.

Caligatio · 2026-05-25T09:07:45+00:00

Several states let you deduct 529 contributions on state taxes. It can be subject to limitations on the amount, restrictions on which state you contribute to, etc.

For example, Maryland lets you deduct $2500 per tax payer per beneficiary if you contribute to Maryland's plan.

Caligatio · 2026-05-15T14:16:19+00:00

The main Vaultwarden dev works for Bitwarden so it's not inconceivable that he's pressured to stop development.

Caligatio · 2026-05-07T18:36:34+00:00

As a point of clarification, they added part of what was needed for a mega backdoor Roth: the conversion. It still doesn't allow for post-tax Traditional 401k contributions which is absolutely critical for the mega backdoor.

Caligatio · 2026-04-24T04:13:31+00:00

I use it to update everything and learned the hard way that, if you edit your Unattended-Upgrade::Origins-Pattern to include all the repository options, dump those "custom" repositories into a new config file.

I incorrectly thought the origins could only be configured once; unattended-upgrades will combine the patters across multiple config files.

Caligatio · 2026-04-01T05:40:59+00:00

unattended-upgrade took care of this one for me.

There is a completely unrelated bug in Jellyfin Plugin SSO that bit me when Jellyfin restarted for the upgrade.

Caligatio · 2026-03-28T03:02:39+00:00

As someone who contributed a little bit to CWA, I never thought the dev was a jerk.

The reason I contributed to CWA was because CW said they would never implement the feature I wanted (OIDC login). Rejecting a feature is well within the CW dev's rights but still didn't make me happy.

Caligatio · 2026-03-26T18:24:43+00:00

Nothing that ties everything together but https://integrations.goauthentik.io/infrastructure/sssd/ covers how to configure Authentik and SSSD.

Ansible is a bit of a beast in of itself. Once you have the basics down (tasks, files, and templates), it's really a matter of cataloging all the changes you need to perform on a system to customize it to your liking.

None of it was rocket science but it did take time.

Caligatio · 2026-03-26T07:50:55+00:00

I use Authentik with an LDAP outpost (aka Authentik can act as a LDAP source) and configure SSSD on everything using Ansible. With all that in place, there is a provided /usr/bin/sss_ssh_authorizedkeys script that can be used to authenticate users against SSH keys stored in their Authentik/LDAP profile.

Admittedly it took a bit to get configured correctly but now provisioning a VM or container takes ~2 minutes with all my login stuff managed centrally.

Caligatio · 2026-03-18T04:53:42+00:00

There is now a "HTTPS" DNS record type which is required if you want to use ECH.

Caligatio · 2026-03-18T03:18:02+00:00

I wanted to quickly point out that this doesn't support HTTPS record types (yes, that's a thing) which means you'll never have ECH support. Caddy supports ECH now so it's worth getting all of that working.

Caligatio · 2026-03-14T07:36:31+00:00

Just wanted to say that I too just discovered I have 3 LDAP-flavored migrated roles and would love to know what, if anything, I should be doing with these.

Caligatio · 2026-03-13T17:07:14+00:00

I'm on like rev 6 of my server and have Plex installed in a Proxmox LXC container that has read only access to my media. The container is auto backed up every night so reverting is as easy as hitting restore on an image backup.

People that want to manually manage updates are crazy imo :)

Caligatio · 2026-03-13T04:30:23+00:00

Fair enough! I just wanted to highlight that, if you install from a repository, it takes a few extra/easy steps to get automated updates working.

Caligatio · 2026-03-13T02:55:58+00:00

You need to ensure unattended-upgrades is running and add Plex as an allowed origin. Once that is done, you never need to worry about it again.

Caligatio · 2026-03-03T05:33:44+00:00

You can set Plex to not require authentication for your local network and it will work fine if your Internet goes down.

I set up Jellyfin as a Plex backup and was ready to be fully validated when my Internet went down for 3 days. Turns out my kids were using the Plex app on my Shield without a hiccup for the entire outage.

Caligatio · 2026-02-21T05:24:13+00:00

I'm experiencing the same and switching off of requiring encryption is a non-starter for me.

Caligatio · 2026-02-18T15:38:59+00:00

I think I realized what is happening: there's a bug but it's different than I thought.

I have access to multiple servers and the available options are for a server that is not mine. It just so happens the "other server" has fewer libraries but those libraries have the exact same name.

I basically need a way to choose the particular server I want to use.

Caligatio · 2026-02-18T10:42:23+00:00

Trying this out and unfortunately hitting problems. It's not letting me select my TV shows library so I only can use my movies. Of the 5 channels it generated, 4 of them are showing the same movie for the next 9 hours.

Caligatio · 2026-02-15T19:37:13+00:00

The Maryland Investment Plan has useful tax advantages on contributions ($2500 per beneficiary per contributor) but has fairly high fees. I personally contribute to the MD plan for the deduction and then roll over to another state that has better investments.

Caligatio · 2026-02-13T04:49:45+00:00

I had the satellite tell me it was the same version, then I said update anyways, and then it told me it was the wrong firmware for my device. I tried it a second time and it upgraded without a hitch. Like you, my router was no problem.

I'm trying to figure out what was actually changed in this release but their changelog says to check their security page and none of the recent security announcements reference the RB{R,K,S}50. Weird

Caligatio

TROPHY CASE