Slap LibreBoot on that stick child ! DO IT !
Keeping the source IP intact means you'll have troubles routing back the traffic through host B.
Basically host A won't be able to access the internet without going through B, which could not be what you want.
Here's how it works:
On host A:
- add a /32 route to host B public IP through your local ISP gateway (eg. 192.168.1.1)
- setup a wireguard tunnel between A and B
- host A: 172.17.0.1/30
- host B: 172.17.0.2/30
- add a default route to host B wireguard IP
On host B:
- setup wireguard (same config)
- add PAT rules to the firewall so to DNAT incoming requests on the ports you need to 172.17.0.1
- add an SNAT masquerade rule so all outbound request from 172.17.0.1 are NATed with host B public address.
This should do what you need. However, if I may comment it out, I'd say you should give up on carrying the source IP address down to host A. This setup I described is clunky and can fail in many ways. Also I can see no benefits of doing that besides having "pretty logs" on host A. If you really need good logs, I'd suggest setting up a good reverse proxy on host B and forwarding it's logs to a collector on host A.
OpenBSD is the most pleasing expérience I've had with an OS. It's fully contained and has all the tools you need without needing to install anything (eg a DNS, HTTP, SMTP servers, a proxy, a good firewall). All config files look alike and use the same keywords for the same things, making it straightforward to configure everything.
And regarding RAID 1, I've never done it myself, but it totally works out of the box (as well as full disk encryption).
OpenBSD for all of them.
This one got some serious Jazz Jackrabbit vibes... I love it ❤️
The thing is, this layout moves symbols to places that are much easier to remember (~ is altgr+n, ç is altgr+c, $ is altgr+d, parenthesis/brackets are next to each other, etc...) I got used to it very quickly because the new placement makes sense, and the fact you only have to remember symbols and not alphanum chars helps a lot. Definitely worth trying IMO.
Did you know about the New AZERTY ? I've been using it for a few years now and it's definitely a great improvement, while remaining compatible enough with the standard one so you are not lost when you use a colleague's setup.
Of course !
I bought this album and the last song segfaults. Is it just me ?
IRC est loin d'être mort ! J'y traîne encore beaucoup perso. Il y a beaucoup de communautés sur Libera.chat surtout, mais également dans les communautés "Tilde" (genre tilde.chat). Après il faut reconnaître que ce sont en général des commus internationales et orientées tech.
Sinon en vieux protocoles, Gopher et Finger résistent toujours à l'extinction :)
Aaah j'aimerai beaucoup mais je suis trop engagé dans le soutien aux petits producteurs (de bière !) de ma région 🙃
The neat part is that you get to imagine the "plot" yourself. @pmjv feeds us and endless stream of (lovely) flashes of the universe, and leaves you at task to connect whatever dots your brain can create :)