It is the default atime option used when mounting if I’m correct. If it’s an ubuntu specific mount option it will be specified in /etc/fstab file.

You can run this to check

findmnt --real

Do you actually need to move the admin ui off of port 80/443 if you are just forwarding ports? I don’t think you need to. That said I actually don’t know much about port forwarding since I use Tailscale because of CGNAT.

My understanding of port forwarding is that you are forwarding connections to your WAN IP/port to a LAN IP/port. Since the router admin ui is available only on LAN by default, you don’t need to change it’s port from 80/443.

You don’t need 2 reverse proxies as others have said. What I did is just add a DNS rewrite entry in my adguardhome instance to point my domain.tld to the LAN IP of my reverse proxy.

I use some generic names.

• Phone: phone
• Current Laptop: fedora
• Old laptop: laptop
• Router: openwrt

Yeah obsidian’s pretty nice. I use the daily notes feature built into it for my journal.

I actually use both in fish. I use aliases for some longer commands. For example I have la as an alias for eza -la --icons=auto --group-directories-first because I don’t really want to see it every time I run la. I use abbreviations for some shorter commands. For example systemctl abbreviated to sys and systemctl --user abbreviated to sysu.

I ran a podman quadlet setup as a test some time ago. My setup was a little like this:

• Create a pod if the app uses multiple containers
• Create a seperate network for each app (an app is either a single container or multiple containers grouped in a pod)
• Add the reverse proxy container to all networks
• I don’t expose any ports to the host unless necessary

If you create a new network in podman you can access other containers and pods in the same network with their name like so container_name:port or pod_name:port. This functionality is disabled in the default network by default. This works at least in the newer versions last I tried, so I have no idea about older podman versions.

For auto-updates just add this in your .container file under [Container] section:

[Container]
AutoUpdate=registry

Now there’s two main ways you can choose to update:

1. Enable podman-auto-update.timer to enable periodic updates similar to watchtower
2. Run podman auto-update manually

# Check for updates
podman auto-update --dry-run

# Update containers
podman auto-update

If you run adguard home it’s pretty easy. Just add a DNS rewrite to your local IP.

How are you running nginx and immich exactly? With containers or on the host?

I don’t know nixos that much but that looks like nixos configuration to me, so it’s running on the host I assume?

Some feeds I follow

• Adventures in Linux and KDE: https://pointieststick.com/feed/
• F-Droid: https://f-droid.org/feed.xml
• GamingOnLinux: https://www.gamingonlinux.com/article_rss.php
• Project Zomboid: https://projectzomboid.com/blog/feed/
• This Week in KDE Apps https://blogs.kde.org/categories/this-week-in-kde-apps/index.xml
• This Week in Plasma: https://blogs.kde.org/categories/this-week-in-plasma/index.xml

Personally, I always use MusicBrainz Picard to tag any music I download, so it doesn’t matter if what I downloaded has incomplete metadata.

If I don’t end up finding the correct release for metadata on MusicBrainz, then I just add it to the database myself (there’s tools and scripts to make it easier to add digital releases).

I use Firefox as my main browser. I use the multi-account containers extension in Firefox to seperate my browsing activities. Brave is installed as a backup in case firefox fails me. I use TOR browser for searching for stuff that I don’t want linked to me.