I recently watched, “Russia 1985–1999: TraumaZone” and greatly enjoyed it.

It’s about what it was like to live in the Soviet Union at the end of communism and then the end of democracy. The story is entirely told with footage from the time.

I’d like to also recommend my two favorite documentaries about labor unions, Harlan County, USA and American Dream.

I was a binge drinker. I would buy a big bottle of whiskey and drink until I fell asleep, then wake up and start drinking until it was gone. Then I’d be sober for a while and eventually binge again.

I had a sort of similar gradual experience with quitting. I was enjoying it less and less, mostly just getting depressed and feeling sick from the constant changes in body chemistry. I went from being blackout drunk 2 days a week to 2 days every other week, and then every month or so. At one point I realized I had been sober for 50 days and decided I needed to be done with it forever.

Now I’m at 200 days and almost never think about drinking. I have basically zero desire to drink, all I can think about is how bad it made me feel.

I don’t go to bars or really socialize in person at all. I would recommend trying to find other ways to socialize that don’t involve bars, but I have known sober people who can happily hang out with people who drink.

Rsync everything besides media to a Storj free account. I also rsync my most important data(docker compose files,config files, home assistant, a few small databases) to Google drive.

I have many of my services open to the internet, but behind authelia w/2fa and a reverse proxy. I haven’t had a security issue yet, been running this way for a few years.

I think it’s pretty safe as long as you keep them up to date. I run backups weekly and do updates at least once a month.

Using geoip restrictions will also help a lot because you can block most of the scanner bots by denying connections from outside your geographic region. These bots detect what services are open to the internet and then add them to databases like shodan. If a security flaw is found in one of those services, hackers will search those databases for servers with those services running and try to exploit them. If you aren’t in those databases they can’t easily find you before you are able to patch.

The Deprogram is really good.

We’re also in a big vehicles arms race. I’m always telling people about how big vehicles cause more kids to get run over, more pedestrians to die, more damage in accidents, etc. The most common response from giant vehicle owners is that it makes them feel safer in an accident.

In 10 years they’ll probably all be driving tanks with stadium lights mounted on top.

I think SSO is less important than having everything behind the reverse proxy. The importance of the proxy is that if there is a security hole in the web server component of your service, it cannot be exploited without a second flaw in the proxy. It’s an additional layer of abstraction and security that doesn’t add a ton of overhead.

An attacker would have to find an exploit in nginx, which is used by most of the big tech companies, so it is well secured compared to the services many of us selfhost.

Another advantage of using SWAG is being able to use fail2ban and geoip restrictions. Any ports open to the ipv4 internet get scanned by security services and malicious actors many times each day. It’s nice to be able to have nginx refuse connections from any of them that repeatedly fail to login, or that come from outside your geographic region.

If you’re going to try Authelia and a reverse proxy, I recommend using SWAG. It’s a docker container that includes Authelia, nginx, fail2ban, geoip restrictions, and has premade config files for most of the selfhosted software that people run. The config files are especially useful since they include comments that describe the settings you need to change within the services you run, like changing the external domain in Emby for example.

https://docs.linuxserver.io/images/docker-swag

I think the fact that reddit has never paid moderators in the past shows that they fear setting such a precedent. IAmA has always been a big draw for users and celebrities, yet they never put an employee in charge of it.

Once they start paying one set of moderators, other mods might start to expect something in return for their labor. This especially won’t look good to investors who might otherwise like the business model of paying nobody for moderation.