Toes♀

I’d suggest using OVH. https://help.ovhcloud.com/csm/en-ie-dns-dynhost?id=kb_article_view&sysparm_article=KB0051641

Depending on your country you may need to use ovh canada

Syncthing like others suggested is probably the way to go.

But if you want more options you can do a lot with WebDAV. https://www.digitalocean.com/community/tutorials/how-to-configure-webdav-access-with-apache-on-ubuntu-18-04

Hey I just had another thought. Do you have your ISP provided router in bridge mode? That would help if you’re not using it for anything else.

If your lan devices only have a fe80, your clients are not receiving a proper router advertisement.

Which routes and firewall rules should I be checking?

Since the OPNsense device is getting a ipv6 address and is able to ping ipv6 devices on the internet.

It sounds like you don’t have ipv6 configured for the LAN. Try enabling “Assisted” mode.

https://docs.opnsense.org/manual/radvd.html

Confirm the ipv6 addresses your clients in the LAN are being assigned an ipv6 address within the scope of what your ISP is assigning.

If you are check default routes and firewall rules.

If you aren’t, investigate “router advertisement”.

I like that idea.

I’d suggest OVH or Digital Ocean.

If you think a DDoS attack is possible I’d suggest azure for that.

Sounds like an issue with your registrar more so than the domain authority?

Do you have any information to distinguish that?

Does anyone here know if they are the same entity?

This is probably a bit extreme. I think it has a way to tie into your phone’s calendar too.

But you could use redmine and create tickets and reoccuring tasks.

Using a whitelist in this manner with cloudflare may be challenging as this list can potentially change. They do have means to query it though. https://developers.cloudflare.com/api/operations/cloudflare-i-ps-cloudflare-ip-details Additionally, have you considered ipv6 support?

if you haven’t solved the problem yet, I would consider switching to Apache for your reverse proxy and using mod_remoteip.

Track the CF-Connecting-IP field instead of the IP address to get the client.

https://developers.cloudflare.com/support/troubleshooting/restoring-visitor-ips/restoring-original-visitor-ips/

I found this docker option.

https://hub.docker.com/r/apache/james#!

Although it’s pretty cheap to have someone else host it.

https://www.ovhcloud.com/en/emails/mail-hosting/

Let’s be honest, real nerds use Gentoo

Ah, is that what is happening here. I didn’t realise.

This is why I use the LTS edition for my OS

Edit: I’m a dum dum and didn’t know flatpak updates showed up like that.

That must be a very unfortunate situation where you don’t have control of your network for that to be a concern though. in which case I wouldn’t expect it to be suitable for a internet facing homelab?

Like I’m struggling to think of scenarios for this.

I suppose you could be trying to setup a homelab on a college network or using someone else’s internet connection where you have no input on the matter.

Perhaps, I could see a case for CGNAT like another user mentioned, where the whole town shares an single IP for example. But I’d imagine such a network would offer poor performance.

But in all those scenarios, a VPS is cheaper and you can do everything this service offers and more.

Yeah that’s a fair point, much like a VPN I could see this being useful in scenarios where you have limited control over your network.

It’s fairly straightforward to do for free with Hurricane Electric. Some home routers even have it built in as an option. https://tunnelbroker.net/

I’m assuming anyone who’s playing around with servers is capable of implementing it.

Go on eBay, punch in the price you’re looking to spend and search for an old server. Keep in mind some manufacturers use proprietary connectors.

Look for servers with lots of ECC ram, clean photos of the internals.

They probably won’t have a drive that’s pretty common.

To meet that 16 core requirement, you’ll probably be looking at older dual socket systems.

Edit: a quick search I found this. https://www.ebay.com/itm/225978893065?

Not a perfect match but the price is pretty good.

Guess it’s time to create an issue on your display manager’s github. And pray to the penguin gods they resolve it.

If I was in your IT department I’d be required to shut this down and probably revoke your access until our bosses decide on your future.

Keep in mind, your employer has a responsibility to protect their data and this would subject your homelab to any legal liabilities such as a lawsuit search order and data privacy auditing.

Any solution you work out needs to be signed off on in writing if it’s outside their expected usage.

Another important point o365 requires oauth2 authentication unless your IT department has intentionally allowed other forms of authentication or they are in a hybrid legacy environment.

When they broke EWS and office 2010 compatibility they crippled many foss solutions without an additional license and the tools that do work will report details to exchange about your homelab. So if your department is diligent it’ll come to their attention.