I’ve used SailPoint at two different jobs. It’s got its issues. But it’s also a really powerful system for enterprise level identity and access management when configured correctly.

Yes, a VPN with strong authentication is what you want.

Yeah the best hope is that upnp is turned on. I think that’s the protocol that allows automatic port forwarding to happen

OSS is a double edged sword. It’s great, but the people looking for flaws that are exploitable are more often bad actors than good. At least that’s been my experience working in cyber security. Many CVEs that are responsibly disclosed are found to be actively exploited already.

Lol as if Linux is free of malware.

How is PiHole not built for custom DNS? It literally has an entire management page for that.

I’d guess that it’s running under a different user. You can find the user executing it and provide the key to that user via copying it to their ssh directory, or by using an identity file option for your command.

Although now that I think of it, I’d create a separate key and provide that public key to keep it separate from your user account.

So the error is because a service is already running on port 80 (http). This could be nginx or apache depending on configuration. Nginx is very useful if you plan to run more than one service in the container. And it’s more trusted security wise than I would trust Lemmy right now tbh. I would maybe configure Lemmy to run on a different port locally, and setup an nginx site to proxy to port 80.

It’s been a while since I’ve messed with devops stuff though, so I may be misremembering a bit.

The reason is DRM. Windows supports some baked in DRM that Linux doesn’t.