That really depends on the implementation. In the case of gluetun, yes, no data can leak.

In Linux, by interface binding, no data can leak as well. No idea how Windows network stack is implemented.

Well, in some countries carriers don’t have a say in that.

Back to my trusty Xperia with SailfishOS, I guess.

Oh, fuck off Nothing, you were to be my next phone! Now I need to find a different European brand which does high-end smartphones. Which means only HMD remains unless something changed in the last few months.

1. Install Caddy on the host
2. Configure each service to forward to unique ports (say, 5001 for one service, 5002 for a different service)
3. Inside Caddyfile add a block like this for each service:

service1.example.com {
  reverse_proxy localhost:5001
}

It can be done in Apache as well, but Caddy is simply better and simpler.

As for images, take a look at Immich if that’s something you might want.

Monthly unless I learn about a vulnerability that would require it sooner.

What’s gluetun? Seems like it’s a VPN client? What’s special about it?

Gluetun can connect to multitude of VPNs, but most importantly it can be used to force other containers to use only the gluetun network, meaning if you disconnect from VPN for whatever reason, the other containers don’t suddenly send data over non-VPN network.

So if you’re torrenting and use gluetun to provide internet to the qBittorrent container, you won’t accidentally reveal your real IP if your provider’s server goes down for a few seconds.

How do you use it in your setup?

Configure it to connect to my VPN, create a file with the public port it uses, configure qBittorrent to only use gluetun for network and some script which reads the file with public port and changes it in qBittorrent.

Do I need to know about this if I use Tailscale on the host for connecting to my VPN?

Depends. I like having everything container related in the containers. Sometimes I need to do something without VPN, this would limit me. Also, if you don’t configure disconnect on VPN connection loss in a different way (interface binding), you risk revealing your IP.

Would gluetun allow me to use an additional VPN provider for certain apps without messing with the host Tailscale?

Yes. Though you would be double VPNed: App -> gluetun -> host VPN -> target server. That would probably add some latency.

I’d give Syncthing a try. Though you should make some kind of tunnel so that they can communicate without relays, the speed there really depends on what traffic the relay is going through.

But for men.

If you want to self host, rent some cheap server somewhere (I use Hetzner) the will act as a proxy and then configure frp.

It’s basically what Cloudflare tunnel does, except you need to provide the public server instead of Cloudflare giving you one for “free.”

Eternity.

On your local system? In that case yeah, you might have fucked something up, if you for example replaced a root certificate authority or something.

That’ll show them! I’m gonna use a corporate mascot to show them I’m against corporations!

So nothing really changes? Fire OS is Android.

Does it need to be that specific tld? There are plenty you can use, like .eu if you’re from eu, or .dev if you’re a developer etc.

Seconding caddy, it’s extremely simple.

Nothing beats caddy for simplicity, IMO.

If you’re on your home WiFi, try the private IP, it will most likely start with 192.168, though it’s possible it will start with 10 or 172.

If you’re accessing it over an external IP, you need to forward ports to the host that runs Immich. Note that not all ISPs support it, you might be out of luck.

But accessing it on the same network (like the same WiFi) should always be possible, you just need to know the correct IP address.

Well, I meant some kind of mainstream, financially sustainable market. Their phones are definitely overpriced, which is IMO precisely because of their smaller marketshare.

And yeah, their mobile division is definitely going down in the near-ish future unless something changes.

Their pre-smartphone era phones were simply amazing and even the early Android era phones were really great.

Ah, in that case it probably won’t work, the Android apps on SFOS don’t have access to Bluetooth, you would need a native one.

SFOS is fine, I like it, it’s smooth, has sleek UI and generally works very well, sans the occasional bugs. The Android layer is also splendid, though there are cases like this where it simply won’t work. Same with any app needing to pass SafetyNet checks which many bank apps do.

But if you’re lucky and you don’t need any app with hardware access and your bank doesn’t mind being ran on Google untested device, it’s really great!