Could also use Cloudflare tunnels. That way:

1. your 1password gets a different entry each time for <service>.<yourdomain>.<tld>

2. you get https for free

3. Remote access without Tailscale.

4. Put Cloudflare Access in front of the tunnel, now you have a proper auth via Google or Github.

You can also use cloudflare to create a dns record for each local service (pointed to the local IP) and just mark it as not proxied, then use Wireguard or Tailscale on your router to get VPN access to your whole network. If you set up a reverse proxy like nginx proxy manager, you can easily issue a wildcard cert using DNS validation from your NAS using ACME (LetsEncrypt). This is what I do, and I set my phone to use Wireguard with automatic VPN activation when off my home WiFi network. Then you’re not limited by CF Tunnel’s rules like the upload limits or not being able to use Plex.

This is exactly what I do. I have a few operators set up in k8s that handle all of this with just a couple of annotations on the Ingress resource (yeah, I know I need to migrate to Gateway). For services I want to be publicly-facing, I can set up a Cloudflare tunnel using cloudflare-operator.

Yup doing this with Caddy and Nebula, works great!

This is the way

Tunnels go through Cloudflare infrastructure so are subject to bandwidth limits (100MB upload). Streaming Plex over a tunnel is against their ToS.

Pangolin is a good solution to this because you can optionally self-host it which means you aren't limited by Cloudflare's TOS / limits.

Also achievable with Tailscale. All my internal services are on machines with Tailscale. I have an external VPS with Tailscale & Caddy. Caddy is functioning as a reverse proxy to the Tailscale hosts.

No open ports on my internal network, Tailscale handles routing the traffic as needed. Confirmed that traffic is going direct between hosts, no middleman needed.

Another vote for Pangolin! Been using it for a month or so to replace my Cloudflare tunnels and it's been perfect.

Ah good old days when I was in college and used to use my 2006 White Polycarbonate MacBook with the said remote as a glorified DVD player to play movies I'd rent from Blockbuster. Can't believe that was 20 years ago

The source of all other tools: https://www.fcc.gov/media/engineering/dtvmaps

Well, an important reason for spotify to have podcasts is $$. Unlike music producers, Podcasters are not paid by play count. The ones from openweb are not paid at all by Spotify, I am not sure about the ones that have deals with Spotify directly, like Joe Rogan. Anyway, the more time users spend listening to podcasts, the less they have to pay to music producers. which means more EBITDA! And my friend, its all about EBITDA.

[Boston/DevOps] Not laid off yet, but we have been told that "Role eliminations" is coming. Those not getting laid off, are going on mandatory two-week furlough. Once week in April, and once in May. June onwards TBD. All as part of cost cutting.

Akamai's HQ is in Cambridge. I don't know if they're currently hiring, but I expect they're quite busy these days. Might want to check them out.

Wendover did a video on this a couple years ago. Basically saying why trains suck in America. And the reason is the same: freight gets priority because Amtrak does not own the track, freight companies do. https://youtu.be/mbEfzuCLoAQ

It’s the law that passenger trains should get priority, but actual enforcement of this law is nonexistent, and Amtrak does not have as much money to spend on counsel.