Has someone experience running these as firewall preferably with package inspection and incoming Wireguard connections?

Sophos XG115 or XG105 seem to be quiet cheap on eBay

I'm looking for a cheap but futureproof way to run OPNsense at my place.

So I'm looking for a DSL modem capable of running at 300 Mbits and being able to run im bridge mode, it's fine if I buy it used I just couldn't find any good recommendations as FritzBox seems to not like running in bridge mode. Being able to flash something like OpenWRT on it is a bonus.

And on the other hand I'm looking for good recommendations for the OPNsense box. Should have enough power for Wireguard and package inspection. Used ist probably preferred

Thanks in advance :)

I'm looking for a vacuum robot preferably under 500€ and with a cleaning station. My main concern is that most robot vacuum providers seem to need to be connected to the internet. Are there any providers that either don't need that, where I can block the internet connection or any other way not getting a spy in my home? I'm fine with it if some work is needed

I followed this Guide to setup headscale with caddy. And tried to add Keycloak with this guide from the same guy.

Sadly my docker containers do not seem to be able to connect to the keycloak server. What happens is that if i try to download the openid configuration from the host (via wget) or from my local PC it just works. But the headscale server gets a timeout when trying to connect to the endpoint. When i use the internal docker name to connect to the keycloak container the connection works fine but then i get an error because its not the external url.

I experimented a bit and managed to reproduce the issue with a different container (running an ubuntu container and also getting a timeout when trying to download the config from keycloak). If i run the container with the host network i works just fine.

Does anyone know how to fix this?

PS: i also tried the example from the guide with gitea an its also the same problem

Update: I tried most suggestions and for some reason it just didn't work. My solution that is working now is that I bind the container ports to localhost only (by using p.e.: ports: -"127.0.0.1:4567:8080") and using the caddy server in host network mode. Now all containers can connect like expected and are working flawlessly. Thanks for all your suggestions :)

I've read a lot of recommendations for tailscale and am on my way to try it out myself. Do you use Tailscale in the "normal" way or do you host your own Headscale server (as I'm planning to do)? Any pros and cons?

Is it save to use identifying information (credit card, PayPal) for paying a Usenet provider? I'm especially interested in thecubenet.com and easynews. Have there been any incidents where someone got into trouble for downloading copyright protected content from a provider?

Also should I use a VPN for downloading even when SSL is enabled?

Thanks in advance :)

Do I need to use a VPN when torrenting with a Seedbox (especially giga-rapid and ultra.cc)?

I'm looking for good price to performance seedboxes for around 15€/month. I found the offers from GigaBox from GigaRapid very appealing. Does anyone have experiences with this provider? Do I have to worry about copyright claims when torrenting with any/this seedbox?

Do you host all services just from your root account with docker or do you seperate the services between user accounts with rootless docker?

Do you use podman or docker?

It's easier to just host everything from root with normal docker, but seperating services into special user account is probably way saver, at least as far as i know. Do you think ist worth going the extra step or do you just trust docker and your containers to not get exploited?

Last but not least do you use an automatic update service for your host system and your containers?