

Security is pretty minimal, not gonna lie.
There’s a 50 GB LUKS partition that stays locked unless I’m actively using it. It’s got backup copies of my important/critical documents and password manager exports but the rest of it is just media and doesn’t really merit encryption.
All applications have local accounts but I’m not using LDAP or any kind of SSO like I am with my main stack.
At home, I keep the firewall disabled on the interface configured as “WAN” so I can access its services directly via their hostname (I point its wildcard DNS record to its local “WAN” IP) but do enable firewall when I’m using it on an untrusted network. Granted, I have to manually remember to do that, so that’s kind of a security risk if I forget. Generally, though, when I’m using it remotely, it’s using my secondary phone as a USB-tethered uplink so even if I leave its internal services exposed to WAN, the NAT from the phone blocks that. One of my goals, eventually, is to automate some of the firewall rules depending on where I’m using it.




















I try for at least 2 hours a day, excluding sleeping.
Usually that’s in the form of puttering around outside doing yardwork, working on whatever my summer/winter project is, and/or taking the dogs for a walk. It’s difficult in the winter but the other 3 seasons are pretty easy to keep the habit alive
However you choose to spend that offline time, I highly recommend a daily dose of it. Been doing that for a few years now, and my mental health has improved dramatically. The world isn’t nearly as horrible as social media makes it out to be.