It's better than no backup at all, but ideally it shouldn't be your only backup. Still, having any backup puts you ahead of the vast majority of computer users. If the data is truly of value to you, consider also keeping a second backup within your custody and away from your home.
I rotate two encrypted hard drives between work and home, performing a backup monthly and taking the newest backup to work before bringing home the previous.
I can't provide specific advice for tailscale, but I can share my notes for my own use case, which is for PCs that are safely behind the home firewall. You'd want to adjust your ssh/smb settings accordingly. You shouldn't need any rules for ProtonVPN, as you're likely just trying to block incoming connections, not outbound.
It's my understanding that Fedora opens ports 1025-65535/tcp and 1025-65535/udp by default.
To lock down to sane defaults (--permanent saves the settings directly, avoiding the need to run firewall-cmd --runtime-to-permanent separately):
sudo firewall-cmd --permanent --remove-port=1025-65535/tcp
sudo firewall-cmd --permanent --remove-port=1025-65535/udp
sudo firewall-cmd --permanent --add-port=27031/udp # steam remote play
sudo firewall-cmd --permanent --add-port=27036/udp # steam remote play
sudo firewall-cmd --permanent --add-port=27036/tcp # steam remote play
sudo firewall-cmd --permanent --add-port=27037/tcp # steam remote play
Ensure that ssh and samba-client are listed as allowed services too (sudo firewall-cmd --list-all).
firewall-cmd --reload--permanent or by committing all changes with --runtime-to-permanentCommon commands:
sudo systemctl enable --now firewalld # enable and start firewalld service
sudo systemctl disable firewalld
sudo systemctl stop firewalld
sudo firewall-cmd --state # show running state of firewalld
sudo firewall-cmd --get-active-zones # list active zones
sudo firewall-cmd --get-zones # list all zones
sudo firewall-cmd --get-default-zone # list default zone
sudo firewall-cmd --list-ports # list allowed ports in current zone
sudo firewall-cmd --list-all # list all settings
sudo firewall-cmd --reload # reload firewall rules to activate any rule modifications
Add/remove ports, services, IPs:
sudo firewall-cmd --add-port=port-number/port-type # allow incoming port (tcp,udp,sctp,dccp)
sudo firewall-cmd --remove-port=port-number/port-type # block incoming port
sudo firewall-cmd --add-service=<service-name> # allow incoming service (see /etc/services)
sudo firewall-cmd --remove-service=<service-name> # block incoming service (see /etc/services)
sudo firewall-cmd --add-source=192.168.1.100 (or 192.168.1.0/24) # whitelist incoming IP or IP range
sudo firewall-cmd --remove-source=192.168.1.100 (or 192.168.1.0/24) # remove whitelisted IP or IP range
Block an IP or IP range (rich rules):
sudo firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='192.168.1.100' reject"
sudo firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='192.168.1.0/24' reject"
Whitelist IP for specific port (rich rule):
sudo firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="192.168.1.100" port protocol="tcp" port="3306" accept'
Removing a Rich Rule
sudo firewall-cmd --permanent --remove-rich-rule='rule family="ipv4" source address="192.168.1.100" port protocol="tcp" port="3306" accept'
If it were me and there was no way to have an additional drop installed from the exterior, I would still consider running a single cable through the living space to your desired location, as discreetly as possible.
It's difficult to suggest exactly how to do so without pics or a floorplan, but I would try to match the wall or trim color and keep the cable tucked close to the floor and/or ceiling throughout the run.
Once in place, the cable will quickly disappear into your surroundings and you'll be left with rock solid reliable networking.
And if you already use uBlock Origin for adblocking, you can simply enable the cookie-notice filters and avoid needing to install another extension:
Nice tin. We grind a 1L Mason jar's worth at a time and use a French press. One jar lasts about 2 weeks and honestly, I can't tell the difference between a fresh grind and a 2-week grind, regardless of bean used. I'm sure some would disagree :)
We use markdown notes extensively. Everything is synced to our desktops and mobile devices with Syncthing. Markor editor for Android, and VSCodium/vim on the desktop. Works great for tech notes, medical info, shopping lists, recipes, etc.
While I'm a big fan of Vim, it's definitely not for everyone.
I spend about half of my writing time in VSCodium, which is a community-based release of Microsoft's open source VS Code editor. There are several markdown, grammar, and focus-oriented plugins for the platform, and you can pretty much shape it into whatever kind of editor you want.
I use VSCodium for the vast majority of my personal notes, technical writing, and project documentation (nearly all of which are written in markdown format).
Well said, and this should really be the top comment. Yes, I am mostly a Fedora user these days, but I also love Arch and Debian. I have a lot of respect for the significant contributions that Redhat have given to the community time and time again, and I had zero issue with their recent stance.
It's possible you saw a post that predated the defederation. Cached copies of those posts still exist on the lemmy.world instance. You can reply to them, but I believe that only the other lemmy.world users will be able to see it and respond.
Har! To be clear, I was referring to attention-seeking usernames like this:
...and this:
I think that would be best for now. As much as love the idea of folks being to use it without a browser add-on, it would just require constant upkeep from you site admins to push the daily changes.
I'll see if the Lemmy devs are open to user-submitted themes when things settle a bit, or I could keep a version specifically written for Lemmy instances in my repo, and then site admins could pull it whenever updated.
And I would argue that all data should be encrypted now, even the working copy. If you have data that's worth backing up, you probably don't want it in the hands of criminals or weirdos either.