Christopher

Not a bad recommendation, but I disagree.

Rocket chat is just as heavy (in fact, it federates to Matrix), uses MongoDB, and has steadily pulled features behind a paywall for years. To me, if I’m hosting the service on my own machines and I’m not using their live support, the idea of paying for the privilege of using it is absurd.

Matrix has come a long way, including integrated voice and video chats.

A general strike is one of the only non-violent levers of power the people have.

It sucks. It probably won’t do anything. But I’ll take this over open war with ICE any day.

They’ve been itching to do this – and when the ICE/National Guard occupation of our cities didn’t immediately result in an attack on “law enforcement,” there was a sense of frustration. Without a reason, they had to dial up the rhetoric and threats.

Charlie Kirk’s (MAGA on MAGA) death was hammered and shaped to fit their narrative. Now, with a reason, they will punish their enemies as terrorists.

Listen for calls of the death penalty, next.

Unrelated, but this photo… I honestly believe this is the first time I’ve ever seen him read for leisure. I really did think he was illiterate during his first term.

Hochul’s wait-and-see approach on Mamdani came after the Queens assemblyman bested former Gov. Andrew Cuomo in Tuesday’s Democratic mayoral primary – sending shockwaves across the nation and prompting soul-searching among moderate members of the party over its leftward drift.

No soul found here, apparently.

How’d it work out?

I mean in terms of hijacking DNS. Might be worth a look.

It runs quite well; Docker’s not a full fledged virtual machine so much as a virtualization layer. I also love the portability of running this in Docker. I rsync a backup of this and the Appdata folder every night. When or if this server fails, I can be up and running again in minutes on another machine.

Is your ISP interfering?

services:

  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    hostname: sheldon
    environment:
      HOST_CONTAINERNAME: pihole
      TZ: ${TZ}
      WEBPASSWORD: ${WEBPASSWORD}
      DNSMASQ_LISTENING: "all"
      PIHOLE_DNS_1: "unbound#53"
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "67:67/udp" # Only required if you are using Pi-hole as your DHCP server
      - "8080:80/tcp"
    # network_mode: host
    dns:
      - 127.0.0.1
    networks:
      dns:
        ipv4_address: 172.22.0.2
    volumes:
      - /mnt/appdata/pihole/etc-pihole:/etc/pihole
      - /mnt/appdata/pihole/etc-dnsmasq.d:/etc/dnsmasq.d
    restart: unless-stopped
    depends_on:
      unbound:
        condition: service_healthy

  unbound:
    container_name: unbound
    image: klutchell/unbound:latest
    networks:
      dns:
        ipv4_address: 172.22.0.3
    volumes:
      - /mnt/appdata/unbound:/opt/unbound/etc/unbound/custom
    restart: unless-stopped
    healthcheck:
      test: ["CMD", "dig", "google.com", "@127.0.0.1"]
      interval: 10s
      timeout: 5s
      retries: 5

  wg-easy:
    container_name: wg-easy
    image: ghcr.io/wg-easy/wg-easy:15
    ports:
      - "51820:51820/udp"
      - "51821:51821/tcp"
    # environment:
    #   TZ: ${TZ}
    #   LANG: en
    #   WG_HOST: ${WG_HOST}
    #   PASSWORD_HASH: ${PASSWORD_HASH}
    #   WG_DEFAULT_DNS: 172.22.0.2
    #   WG_MTU: 1420
    networks:
      dns:
        ipv4_address: 172.22.0.4
    volumes:
      - /mnt/appdata/wg-easy:/etc/wireguard
      - /lib/modules:/lib/modules:ro
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    sysctls:
      - net.ipv4.ip_forward=1
      - net.ipv4.conf.all.src_valid_mark=1
      - net.ipv6.conf.all.disable_ipv6=0
      - net.ipv6.conf.all.forwarding=1
      - net.ipv6.conf.default.forwarding=1
    restart: unless-stopped

networks:
  dns:
    external: true

Feel free to just delete the wg-easy service.

As a Red Wings fan, these last nine or so years have really sucked.