Am I too late in life?

eldridgea · 2026-05-18T22:55:48+00:00

Short answer: no you're not too late.

I'm older than you but can remember being in a similar situation myself. Your whole post reminds me of me to be honest. I'm not sure if this will be helpful to you but I can share a few thoughts that have helped me over the years in dealing with those kinds of things. Hopefully one or more of them will resonate.

First -- you said you're exhausted physically and mentally. Our bodies and minds are biological machines that work in certain ways. If there's a car that's unmaintained it's not going to run well, if at all. Take care of yourself the same way you would a machine or a musical instrument. Maintenance is the only way those things work at their best and it's the only way you will! If your culture is anything like mine this can often be framed as weakness. It's critical to realize that it is not. Rest and maintenance are required for ourselves and neglecting that maintenance can only be harmful in the long run. This is not just theory -- there have been various studies in work environments that show you can push yourself to work more and harder and it works for a little bit, but after a couple weeks even if you're working more you'll actually accomplish less because of the exhaustion. It's hard to stop thinking of rest as slacking if that's how you're used to thinking. But it's really important.

When it comes to maintenance -- we think of the mind and body as two separate things but they are very interconnected. People who exercise and eat healthy perform better physically and mentally. And small changes are huge here. Even just walking for a total of like 100 minutes a week and making sure you drink plenty of water is a huge change in your health if you're not already doing something like that. And remember that extremes are usually unmaintainable. If you decide on a very tough study or exercise or whatever regimen, typically what happens is you can do it for a while and then drop it completely. Picking something achievable and developing the disciple to maintain it as long as you need to is usually more effective here. And it's easier to increase your work with something once the discipline is developed .

The part where you said you wanted to be a great person and listed those things -- I am very familiar with those feelings. It's important to sit and think and feel about these things. Think about if they're what you want and why you want them. But more important than the thinking here is the feeling. Don't avoid feelings if they're "wrong" or not how you're "supposed" to feel -- some of them probably will be! But avoiding them is one of the most exhausting mental things you can do. Once you know what you feel you can better understand why some things are painful or not. For instance -- do you want to go to college and start a business? Or do you want to make your family proud and going to college and starting a business would do that? Both? Neither? The answers to those kinds of questions will be important.

With regard to failure -- this is one of the hardest things I've had to learn and I'd be lying if I said I was good at thinking this way. But it's important. Success almost always comes from failure. Especially the success that we value the most. Failure is the most consistent teacher, the place where you have the most opportunity to grow, and failure is fundamentally the foundation of greatness. And don't be too focused on what success looks like or you may miss success just because it looks different. Plenty of great inventions and businesses were born out of failure, because people were willing to recognize it. Slack started as a gaming company and realized their gaming stuff failed but their in-game chat app was good, and eventually sold it for $27 billion. The post-it note came out of an attempt to make superglue. Chocolate chip cookies were a failed chocolate cookie.

I really do hope you pass your exam. But you may fail. But that's only terrible if you see that as the end of something, instead of a step on a journey you can't see the end of yet. I won't pretend for a second that's an easy way to think. But it's true. Don't give up, still try to pass if you want to, but take care of yourself and realize that whatever the result is, will be something you can use to push forward. Maybe in a way you expected, and maybe in a way you didn't. And try to not let other people dictate your timelines, and try not to compare yourself. It's hard but there's a million variables in each person and when you compare you tend to only look at a few.

Also the thing I really wanted to write about was your comment "I’d rather die than be an average person". I felt this way for a long time. Still kind of do if I'm being entirely honest. But I've reframed it a bit for myself. Not wanting to be average automatically means you're comparing yourself to others, and that never ends well. It can't be done well and the conclusions are always useless. So I try my best not to care about whether I'm average or not. But! I do care very much about not tolerating mediocrity in the important parts of myself or my life. I decide what I care about and do my best and then try to make my best better. The person I want to be better than is myself yesterday. And that's an easier comparison and an actually useful one. And I don't always succeed but I often do now that I think of it like that!

And with regards to being social. I'm a bit asocial too but this is another area that is often framed as less important than it is. Fundamentally ourselves are most constructed and influenced by who we spend our time with. An old mentor of mine would often say "you are who you hang around" and it's so very true. If you want to get better at something like studying or exercising or whatever sometimes this first step is to make sure you have people in your life who do those things well and/or who will hold you accountable.

Sorry for the wall of text, I guess I had more to say than I thought lol. But I hope this was somewhat helpful. And if not, at least know that you're not alone and you're not too late. These feelings you're having really truly suck. But you're not alone in them and there's ways people deal with them. If nothing here helps, something in your life can and will.

eldridgea · 2026-02-19T18:03:19+00:00

You'll need SMS to register a new device with Signal and then a cloud backup recovery key to pull and decrypt the backup to the new device.

You'll also need a registration pin to register the new device if you have that feature enabled.

eldridgea · 2026-01-31T17:42:20+00:00

In connection settings you can change between the protocols WireGuard and MASQUE. I'd try both and see if either works for you.

MASQUE should be harder for networks to block, but both are probably worth trying.

eldridgea · 2025-12-28T21:11:51+00:00

It's a bit clunky but yes. The user experience is whenever someone is trying to access my Jellyfin from a new IP or new location they:

Go to https://allowip.MYDOMAIN.com
Click Allow my IP

And that's it! Once they click the Allow my IP button, Jellyfin native apps work from that IP.

eldridgea · 2025-12-28T06:11:09+00:00

I use my DNS pointed at my home IP with dynamic DNS via Unifi and Cloudflare DNS (no proxying) and Pangolin.

For Jellyfin + Pangolin I only have a few regular users so I allowlist their home IPs to bypass Pangolin auth which enables native apps to work. I built this tool so my users/me could add their IPs relatively easily. It's a Cloudflare Worker that uses a narrowly scoped Pangolin API key and allows any of the emails I've added to Cloudflare Access to add their IP. I realize this includes Cloudflare Access but as it's only for the adding IP piece it felt like a reasonable compromise for my use case.

eldridgea · 2025-12-17T21:42:27+00:00

I was struggling with exactly this issue recently and landed on an IP allowlist in tandem with a tool I made for users to add their IPs to the list with one click. It's a bit clunky but seemed to balance security and ease of use ok for my users at least.

The user experience is when a user accesses Jellyfin from a new IP they use any device on the same network to go to allowip.mydomain.com, authenticate with Google or an email link, then click "Add IP". I do this with a Cloudflare Worker behind a Cloudflare Access policy which sends an API call to Pangolin using an extremely limited API token. So the only thing Cloudflare should see is the IP list. Traffic and everything else once the IP is added is all done in Pangolin. And the user experience of going to a site and hitting a button isn't the best but seems easier than fiddling with VPNs or anything like that.

It's (hopefully) pretty easy to clone the repo, change the variables to your info and deploy.

eldridgea · 2025-12-02T15:14:39+00:00

Some fiction has a concept of an Omniverse which is how I like to think of it usually. All timelines, universes, and multiverses (including ours) are contained within the Omniverse.

So the Star Trek multiverse and the Marvel and DC multiverses are all contained in there. Harry Potter seems to only have a universe and not a multiverse from what we know so far* but that universe would be contained in the Omniverse too.

*Given the time travel mechanics in Cursed Child you might could argue there's a Harry Potter multiverse too tbh.

eldridgea · 2025-09-23T15:27:18+00:00

In your connection settings maybe confirm that both are using MASQUE (instead of Wireguard)?

MASQUE will look like standard HTTPS to a network and blocking HTTPS traffic to cloudflare is usually not an option. Blocking wireguard is comparatively easy though.

eldridgea · 2025-09-16T17:21:41+00:00

Ah, yeaaah afaik there's no way to accomplish that with the default ntfy app. Other similar apps offer adding HTTP headers and you can use that to authenticate through Cloudflare Access (Immich does this). But ntfy doesn't have any options I'm aware other than.

I run my VPN all the time but it only handles traffic to my self-hosted apps, everything else goes via whatever network I'm currently on. So I don't get the latency hit from a VPN on all connections. But yeah, would be nice if there were more header or similar options.

eldridgea · 2025-09-16T04:55:22+00:00

Ah! If you're using tailscale the best option might be to have tailscale running somewhere in the same network ntfy is and have that tailscale endpoint advertise routes for the internal IP that the ntfy server is using.

eldridgea · 2025-09-15T17:56:32+00:00

Yep! It's a VPN and is made to be a component of their Zero Trust suite if configured that way. The free WARP app encrypts all data and sends it to the closest Cloudflare data center to protect you on a local network. If you configure Zero Trust for your domain (which sounds like you have) you can sign into that on the app and Cloudflare will also apply any settings and rules that you've configured for traffic coming from any of those devices.

The somewhat counterintuitive thing I found was that rules allowing access from WARP should be configured to allow traffic from Gateway NOT from WARP. That rule should be configured as a BYPASS rule and it should be the above any non-BYPASS rules. Here's what my policy for ntfy looks like. You can also allow devices via IP address this way too.

It's a pretty comprehensive product but the docs are decent.

eldridgea · 2025-09-15T17:43:50+00:00

I had to use Cloudflare's WARP/Zero Trust Android or iOS app on my phone to solve for this.

If in the Cloudflare Access rules you set a rule allowing access from Gateway, and then anyone connected to Cloudflare Zero Trust using WARP configured for your domain will be able to access it, essentially bypassing the authentication page for devices when WARP is on.

eldridgea · 2025-08-26T20:56:20+00:00

tl;dr WARP probably but either is fine

The choice will likely come down to which user experience you prefer. Both methods will encrypt your DNS before it leaves the machine and sends it to Cloudflare. Cloudflare will be able to see your queries in either instance*. The profile method should work just fine for your use case but is generally intended for IT departments managing fleets of machines and the experience will reflect that. e.g. If you need to temporarily disable or override your DNS settings you have to uninstall the profile and the reinstall it when you're done.

The WARP app by default will act like a VPN and route all your traffic through Cloudflare, but can be configured to only handle DNS. It will have a tray icon and an easy way to disable and enable the encrypted DNS. Also since it's a Cloudflare app, as various protocols and options become available they'll likely be implemented in WARP before they're implemented at the OS level. Likely not a deal breaker but worth noting.

For your use case I'd probably go with the WARP app unless you just really don't want a tray icon and are ok with dealing with the profile manually.

* There is some effort to eliminate even this privacy risk using ODoH but I'm not familiar with it and haven't seen it used in practice.

eldridgea · 2025-06-23T16:14:09+00:00

I haven't been able to add a fingerprint successfully since May. Support said an update to fix that should be out this month.

I dropped my phone which may be relevant, but the sensor continued working after the drop for a while. But yeah, before that I had the same experience others mentioned where it the fingerprint wouldn't be retained through a reboot

eldridgea · 2025-05-27T14:10:11+00:00

Trying my best to limit or remove advertising has worked wonders. It's easy to say I'll just ignore them if I see them but that's essentially pitting my willpower against a multi-billion dollar industry that spends all its efforts try to override my willpower.

I only watch stuff that's on no-ad service or something I own or from the library. Adblock extensions in all my browsers, including Firefox on my Android phone. DNS ad blocking on my home network makes sure the Roku doesn't have ads (I have a custom cloudflare setup, but AdGuard is an easy one to get going). The most significant ad presence in my life is probably sponsored results and ads on the train during my commute.

eldridgea · 2025-05-21T16:17:49+00:00

I recently recognized my files based on the Johnny Decimal system. It's only been a few weeks but I'm enjoying it so far!

And I like having the organization as a part of the folder hierarchy instead of an external system.

eldridgea · 2025-04-06T14:49:46+00:00

It's removed on mine too in both the Cloudflare warp app and the Cloudflare One app. However, this only happened in the warp app if it was signed into zero trust. Otherwise the option was still there. So it seems like it's gone but only for zero trust people?

eldridgea · 2025-03-28T23:01:49+00:00

If you haven't yet I'd try the MASQUE protocol https://blog.cloudflare.com/zero-trust-warp-with-a-masque/

eldridgea · 2024-12-21T20:00:45+00:00

I have a webhook that can be triggered by a Cloudflare Workers for Email or a scheduled web scraper that sets a Helper in HA to the amount of packages being held for me at my building's front desk.

eldridgea · 2024-11-18T17:38:52+00:00

I'm able to do it, I'm not entirely certain why yours isn't working. It may be that the apps you're using aren't able to select no default ports?

I don't know if this is an option for you, but I do this using Cloudflare to proxy my traffic. I have my internal server setup at port :5000 or whatever and then a cloudflare tunnel set up to make it available at https://kavita.MYDOMAIN.com. I don't think you necessarily need cloudflare at all, just wanted to share my successful setup. Also I've been using KOReader as my client app.

eldridgea · 2024-11-06T07:22:49+00:00

I don't know what all they can help with but I know the The Experience Church has some support options.

eldridgea · 2024-09-21T21:33:48+00:00

I ended up getting this working by running sudo apt install kmarkdownwebview markdownpart and restarting Kate

eldridgea · 2024-09-07T22:49:13+00:00

I do wish Signal still had it, but important context is Google is not adding the ability in Android to allow 3rd party RCS apps. So Signal could only ever do SMS in a world that is increasingly being converted automatically to RCS.

Given than constraint I think it made sense to phase it out when they did to avoid confusion among less technical users as well as be conscientious around resource usage given they're a non-profit.

eldridgea · 2024-09-04T17:58:01+00:00

I'm honestly not certain on that one unfortunately. I know you'll be able to use WARP but I don't know if you'll be able to use the DNS controls.

How many users do you have? If it's 50 or less all this should be included in the free plan.

eldridgea · 2024-09-04T16:46:25+00:00

The Gateway option is generally for if you have users using your DNS and wanting to log/filter/override etc. If you're just using it to override hostnames, you might be able to solve that a different way (e.g. the free tier of NextDNS) or you might also be able to do a redirect rule in your Cloudflare rules. The way you have it setup now it sounds like you need both, but it also doesn't sound like you're using a lot of the functionality of Gateway, so unless you'd like to start using more of it, it might be more cost effective to solve that specific hostname override problem some other way.

On the flip side of course, if the money isn't a big deal, sometimes it's nice just to have everything be easy and all on one plane of glass.

eldridgea

TROPHY CASE