we just have to advertise its available on what we know would work with it. So chrome and mozilla and android browser can go brrrrr (sorry ios)
I guess you could also do add_header Alt-Svc ‘HTTP/2=":443"’; as well
Why didnt I know about this. I will experiment this weekend. I like having options available for all. No reason to stay on a downgraded protocol if the client can support a new one and no reason to break HTTP/1.1 either
I fucking love these russian devs. The one thing the motherland did right other than wodka
I havent updated it for my DoH and DoT changes yet. The pihole setup is a simple filter. The unbound does all of the work. Ive also setup auth zones and hardened the DNSSEC of the unbound. I disabled DNSSEC on the pi to the unbound because there is no point since its local.
Use unbound + DNSSEC not pihole to unbound with DNSSEC. The lookup only matters on the unbound
It is worrisome but thats the realization of an open source backend. Chromium can be forked and degoogled by anyone and its a better engine. FAR better code
Failure in leadership on the project tbch
Its fine thats why ive moved this discussion to my blog. LOL. See the top of this post
SEE! At one point in time you DID consider using CF in a very specific (and free) use-case… which is exactly what i continue to use it for. There are some decent free tier options, but all the points you made earlier in the previous thread remain valid.
On a side note… the SSLlabs stuff you dabbled in above, is there any value in adjusting what ciphers I’m using? I see your point, but I already managed to get an A+ despite not having things quite as fancy or elliptically curvy as you may:
Cipher Suites: TLS 1.3 (suites in server-preferred order)
I also hardened my stuff because I realized I would be using DNS over TLS
and choosing the curve that the phone can run really easily AKA ChaCha 20 and keeping with the 256-bit scheme and having an AEAD setup
I knew that would probably be best for what I was doing You don’t necessarily need to do it and also because I know all the devices I’m using are very modern I wasn’t really worried about breaking backwards compatibility
I’m not really married to any of these technologies, I’m just trying to learn a thing or two while I tinker and (hopefully) try to improve the computing experience for family and try to maintain those rigorous SLAs. >.<
This is just a little VM i run since migrating the web server off my RPi3B so I could repurpose that for a little ADS-B project attempting to learn a few basics about radio waves and the surrounding technology. The thinking was that it might better equip me to deal with WiFi related matters. Sorry, now I’m delving a bit further off topic. You guys are great.
Apologies if I haven’t found it skimming through the thread but since I am now the owner of a Pixel 4a I’d like to follow your steps on getting the phone set up since my last lineageos setup was pretty tashy. Have you already written more specifically about what steps you took or could you if not?
Yeah I’ve seen that, my hope is that it overlaps greatly with the 4 though so I wouldn’t discount your steps being helpful or at least some general guidance.