There’s nothing wrong with just using a VPS for this. Despite what some mouth-frothing hobbyists will tell you, it’s still well within the realm of self hosting. There’s just no reason or difference for hosting a blog on your UnRAID server vs a VPS.

If you really want to be some kind of purist and only use your own hardware, then you could configure a web server that can reverse proxy on your UnRAID server and forward port 443 in your router to your UnRAID box, but you’d have to change your UnRAID access port to something else. You’d want to keep this web server docker container up to date, and preferably see if you can implement some kind of WAF with it or in front of it. You’d then forward the requests from this web server to your ghost container.

A better idea would be to use a different piece of hardware for this web server reverse proxy, like a raspberry pi or something, and put it on a different subnet in your house. Forward 443 to that, then proxy the connection back to UnRAID, in whatever port you bind the ghost container to. Then you can tighten access that raspberry pi has. Or hell, host the blog on that hardware as well and don’t allow any traffic to your main LAN.

There are half a dozen better ways to do this, but they all require you to rely on a third party service to some extent.

I can’t think of a single DLC I’ve ever played in my entire life that didn’t add new mechanics

No he’s objectively right. No Mans Sky has made improvements but they just made puddle wider. It’s no deeper than it was at release.

Most games are locked at 30 fps anyway

No?

Years of ongoing issues with their metadata server bricking its ability to search for content. It wasn’t an issue with your setup, it’s an issue with Readarr itself. They always fix it, but it’s kind of a joke how many times they’ve had the same problem over the years.

Well, it would be if Readarr worked consistently.

Not at all. It’s a factory building game. 3D Factorio if you will.

Fun game, if not a little on the easy side. Beat Ante 8 on my second run. There is an endless mode thankfully.

I don’t think they’re doing that.

What it really comes down to is that this type of “safe” game design where you rehash the same game over and over again for 20 years thing used to make a shitload of money, that’s why they all do it, and now it doesn’t. Or at least, they’re discovering that there’s a mathematical maximum amount of times you can rehash something without innovating. And not doing that is too huge a pivot for a huge lumbering company like Ubsioft to make on a reasonable timescale.

This is what’s supposed to happen though. When not enough people buy games to make them profitable, the games have to change, or Ubisoft goes under. Either is fine.

Getting all the functionality of Pihole into Unbound would be a good deal more than “a little work” lol. And for no real practical reason when all you’re trying to do is set up secure DNS with some ad blocking on your network. And this is coming from a professional who wouldn’t have to “learn” anything to do it. If it was really that little work, Pihole + Unbound wouldn’t be the go-to solutions for so many people.

I mean if you want to build something around Unbound to do ad blocking and set up a monitoring stack for metrics and all that jazz that’s great, more power to you. But you already have two things built for purpose, there’s no reason to go out of your way to do that. And I don’t think OP here is prepared to do all that.

For the same reason you’re running AdGuard and not just pointing all your devices at the recursive upstream.

You’re using AdGuard / Pihole as an ad sinkhole, not just to cache and forward DNS requests. Like if you really wanted to you could hack together something in Unbound to do that, but why would you do that when Pihole already exists? You have two things built for purpose.

If you want to run your own recursive DNS server, why would you run two separate DNS servers?

I’m not sure I understand your question. A recursive DNS server and a local DNS cache/forwarder/are two different things with two different purposes. You will always need both. You yourself are using AdguardHome and that is just connecting to recursive DNS server upstream. In my scenario you’re just running both yourself instead of you running one and then letting a 3rd party run the other for you.

Your outbound queries will still be unencrypted, so your ISP can still log them and create an advertising profile based on them.

You can encrypt the recursive queries through your ISP if you want to. Though the effectiveness of any profiling your ISP would do to you are minimized by Qname minimization that Unbound does by default.

If you’re just using DoH then you’re just shifting who’s making that advertising profile on you from your ISP to whoever is hosting your upstream recursive DNS server. It doesn’t matter how much encryption you do because on the other end of that encrypted connection is the entity who you’re giving all your queries to.

I would say Pihole is a better choice than AdGuard home because PiHole just runs on top of dnsmasq. Throw Unbound on there too as your upstream recursive resolver and you’re set. You don’t even need to worry about an encrypted session to your upstream anymore because your upstream is now your loopback.

I think you are right but I wasn’t sure. Like technically you’ll still see the details if you open the certificate but… who’s doing that?

The point of paid SSL at this stage in the game are the higher tiers of verification. Instead of just verifying that you own the domain, you can verify that you are who you say you are. These are called Extended Validation and Organizational Validation certificates. This has historically been desirable by businesses. It used to be that these higher tier certs would not only give you a lock icon in the address bar of a web browser, but also a little blurb confirming your organization is legit. Not sure if this is still the case though. You will see the extended validation when you check the sites certificate though for sure.

As far as encryption and security, there’s no difference. Also side note, the Comodo brand still technically exists but it was bought by Sectigo like 7 years ago.

Yeah but also even when you’re paying, you’re still the product.

The shame of it is this kinda the way she goes for passion jobs like game dev. Similarly, EMS is a chronically underpaid career. Not for lack of difficulty or skills required, but because people want to do it. That desire to help others only translates into an ability to underpay people for the privilege. There’s a nobility to wanting to dedicate your life to helping people despite the lack of pay. A nobility that is happily exploited by private equity.

Nah, just a guy who has actually used both consoles and understands the state of Compute today.