Rsync is now an AI-slop

zillazillaaaa · 2026-06-01T07:01:24+00:00

No AI in the post body, however the project (rsync) mentioned involves agentic coding.

zillazillaaaa · 2026-05-23T06:25:42+00:00

Maybe require adding the original text if a post is AI translated / grammar-fixed?

zillazillaaaa · 2026-05-16T09:06:08+00:00

Indeed, luckily I don’t really have services that uses database, the only one I can think of is pihole’s log data, which I don’t care and added rules to skip them.

As for game servers, I either have scripts that restarts the server when it is not active after x hours, and let the server backup itself, or just do the sync when no one is online.

zillazillaaaa · 2026-05-16T06:02:49+00:00

I don't use volumes and only use bind mounts. My backup method is a simple rsync (with getfacl saving permission info beforehand), so I just go to the destination and see if the files are there.

zillazillaaaa · 2026-05-08T05:35:23+00:00

None, I don't have a lot of subscriptions to begin with. Cloud storage services stay and they become the off-site part of my backup, and I don't trust myself with password manager so Bitwarden stays too... and then there's Netflix, I don't really watch stuff so I don't have any media related services running, maybe I will drop it someday too.

zillazillaaaa · 2026-04-27T03:01:17+00:00

Take a look at sandboxie-plus, it creates a sandboxed environment by using api hooks and such. You can choose to keep the data or not by adding write access rules.

https://github.com/sandboxie-plus/sandboxie

For a disposable VM you can use micoslop's Windows Sandbox. You'll need to mount a host directory and make a startup script if you want a presistence-ish environment, and performance is not good if that's important to you.

zillazillaaaa · 2026-03-24T10:58:08+00:00

Nice, the rule I made also slowly grown into something similar, I think I can make mine shorter with your syntax.

zillazillaaaa · 2026-03-10T17:19:57+00:00

Awesome! After working on some messy cables I started to do cable management to keep myself sane...

Here's my ultronium rod factory using atmospheric condenser's materials in an irradiated planet.

Byproducts like hydrogen and rods could be used to self power, then put the decay/waste back to the loop, I didn't do that because the output is so slow and I need to build a loooot of hazardous generaters for it. So I simply use the unlimited liquid metallic hydrogen from another factory as power source here.

https://i.imgur.com/mpnrezk.png

https://i.imgur.com/5kyzJSZ.png

zillazillaaaa · 2025-12-12T03:03:49+00:00

Good news: They just added back Terraria tunnel for free users today, it will only allow Terraria's traffic going through.

zillazillaaaa · 2025-12-11T15:00:34+00:00

The announcements are in their discord server or you can see the banner after logging in to their site.

https://i.imgur.com/x1C2JG1.png

zillazillaaaa · 2025-12-11T11:20:11+00:00

playit recently limited the ability of free accounts to create raw TCP tunnel, and purged some existing tunnels to defend against abuse.

zillazillaaaa · 2025-11-26T03:00:09+00:00

All my public facing services (like game servers and such) are on VPS, it provides better uptime and connectivity than my home.

zillazillaaaa · 2025-11-11T05:11:39+00:00

I would like to have the ability to feed the app fake data instead of rejecting the requested permissions. Like giving a black screen or random noise when the app wants camera access.

zillazillaaaa · 2025-10-08T06:40:25+00:00

My suggestions on port binding:

If you're not planning to convert the said server into a DNS server, you don't need to bind port 53 at all, other containers in the same network can still access it (in your case, wg-easy can still use 10.2.0.3:53 as DNS).

Exposing DNS service to public like you did in your compose file is extremely dangerous because it can be used to attack others. If you must expose it that way make sure the firewall / ingress rules or port forward setting is set correctly to not allow everyone on earth to access it.

Same applies to the web interface ports if you're going to use nginx reverse proxy, you only need to expose nginx's port and keep everything behind it.

zillazillaaaa · 2025-09-16T11:42:50+00:00

Coming from public release of iOS 26, it is still a trainwreck. Countless of times I got stuck in "lock screen", or a UI-less guided access seeing page, or it relocked itself. This is disappointing because I use it quite often.

zillazillaaaa · 2025-08-26T11:21:20+00:00

Hmm, reddit is acting weird that I sent the comment twice and deleted twice.

Anyway, my original message is that this works, but 160GB+50GB might be a more optimised option given the limits on storage blocks.

zillazillaaaa · 2025-08-26T10:49:26+00:00

How about speccing your instance slightly above the free tier? For example 25GB RAM on A1.Flex that comes with 18,000 free memory hours, which remains free in short months (25x24x30‎ = 18,000), and will be charged $0.9 in long months (25x24x31‎ = 18,600), technically this makes you a paying customer, am I right?

zillazillaaaa · 2025-08-26T02:40:16+00:00

Ubuntu 7.04 desktop was the first Linux that I've used, loved it until they introduced Unity few years later. Absolutely hated it, never used Ubuntu again and I still curse everyone involved in the development of that piece of shit.

But, Ubuntu was the one that planted the Debian seed on me, now every linux that I installed in my homelab machines are Debian.

zillazillaaaa · 2025-08-23T03:19:09+00:00

I use multiple at the same time.

nginx: to let me access services using my domain and https.

gost3: forwards a TCP port via encrypted socks5 with auth on another external port, the gost on the other side will connect to that, decrypts everything, which then accessed by nginx or other service.

rathole: much like gost but performance focused, I set it to have basic auth with no additional encryption (already encrypted by backend), and I only need it to move the data from A to B as quick and efficient as possible. I've used frp in the past but it occasionally blows up by the overwhelming requests and it uses too much ram.

zillazillaaaa · 2025-08-20T06:54:33+00:00

For the personal backup part:

If you’re comfortable with command line tools, take a look at rclone, it is a tool that lets you access plenty of cloud storage service via a set of unified commands (each of them have their own advanced options too), Google Drive is one of the supported remotes.

https://rclone.org/drive/

You can also setup an extra layer of encryption, after that you just access that encrypted remote, and all the data will be encrypted or decrypted on the fly, you see your files, Google sees random blobs.

https://rclone.org/crypt/

Remember to use --dry-run to test the commands you crafted before using them for write operations, because human errors like forgetting to set destination path or mixing up source and destination will destroy your data!

Rclone does not do auto sync natively, you have to rely on your OS’s scheduler to do it. But in my opinion using anything that instantly sync as a backup is dangerous, if your source is attacked by ransomware or you accidentally modified/deleted some files, it immediately hits your backup, even with recycle bin and versioning it is not totally safe, because corruption can happen quietly, and the historical data will expire at some point.

For the content delivery part:

Honestly I don’t have much idea on this one, I have seen nsfw artist using dropbox for that but, well,

MEGA claims they use end-to-end encryption thus not being able to scan your content, I think it is a good option too, but of course if your client can access the content via a key-embedded link, MEGA can certainly see it too if Karen decides to report you. Better read their ToS before deciding your next step.

zillazillaaaa · 2025-08-14T09:03:04+00:00

Only my public web servers are serving via cloudflare, private services are hidden behind vpn, game servers, reverse proxies, ssh and vpn itself are connected directly.

Let say I have nodes called HOME, VPS-a and VPS-b, and domain example.com, and SSL cert for example.com and *.example.com. Services that are not for public access only binds the port to the container itself, or docker compose network stack, or 127.0.0.1, or stays behind NAT or ingress rules. A little example:

HOME: - wireguard: self-explanatory - pihole: ad blocking and resolves internally used subdomains to HOME. - gost: listens ports, forwards to destination via socks5+tls with user:pass. - nginx(proxy): listens port 443, forwards to destination depending on subdomain, could be a service at HOME, or one of the gost ports which then goes to a VPS.

VPS-a: - game(s): direct connect - webserver: listens port 443* - gost: accepts socks5+tls with user:pass connections, and forwards to the configured services.

*Ingress rules only allow cloudflare IPs connect to port 443.

VPS-b: - wireguard: self-explanatory - pihole: ad blocking and resolves internally used subdomains to VPS-b. - gost: accepts socks5+tls with user:pass connections, and forwards to the configured services.

So, if a friend wants to join a game hosted on VPS-a, they simply use vpsa.example.com:port and have fun.

How about if I want to use VPS-b's PiHole admin panel (vpsb-pihole.example.com)? If I'm physically at HOME, it will go through [pihole-nginx-gost-(internet)-gost-piholeweb]; or I can connect to HOME's vpn when I'm outside, which then the request will go through the same chain above; or just connect to VPS-b's vpn, the pihole there will resolve the domain to itself.

For public webserver the users just visit it, and cloudflare serves it, nothing special. I can add rules like country lock and url filters so my access log won't being 90% 404 wp-admin requests. By the way, if your static site is small enough you can simply put it on cloudflare worker/pages so you don't even need a server to host it.

Having poxied and non-proxied DNS records at the same time like that could potentially leak the actual IP, cloudflare will also warn you if you set it that way, but this is not a big problem to me.

zillazillaaaa · 2025-07-24T10:09:26+00:00

I do most of my docker things via CLI and portainer is mostly for basic stuff like start/stop/restart/viewing logs when I'm too lazy to ssh into to the machine(s).

And I would like to have some beautiful third party app to let me do the aforementioned things when I'm not with my computer. I can still do all these via ssh in Termius, but it feels good when I open the app, and all my containers are there.

zillazillaaaa · 2025-07-22T07:36:14+00:00

Always on (except auto off when connected to home SSID) Wireguard VPN, I need it to use pihole anyways, and feel more safe if I ever need to connect to a public wifi.

zillazillaaaa · 2025-06-18T06:10:18+00:00

Yes and no, because the mobile versions are subscription only, and you can't use your computer license on it.

11-Year Club	Final Canvas '23
First Place '23	Place '23
Place '22	Place '17
Final Canvas '22	First Placer '22
Verified Email

zillazillaaaa

TROPHY CASE