My apologies; I have a computer running docker, who I hosts a plethora of services. I have an external drive connected to it (because i don’t have a NAS) and have it mounted to my underlying OS on that Docker server computer. And each container than needs it, mounts directories from that drive.

All of this is internal network only. And another server manages VPN connectivity to my home network. So I have remote access to everything I need with minimal ports forwarded.

I don’t Nextcloud currently, but I have considered it. Currently I have everything I want on a drive connected to my docker box, and if I need it I SCP it to or from that server. My need for files stored at home isn’t exactly huge. But nextcloud or similar is in the pipeline.

I am on the move often too, but because I can VPN into my network, and use the pihole+unbound DNS on my GrapheneOS phone all the time, I always have access to my stuff.

Digital Privacy is an ever evolving endeavor. What I was okay with a year ago, isn’t the same as where I am today.

I am still mid-journey of de-googling, de-microsofting, de-big-techifying my life.

The more and more the digital landscape changes, the more and more we have to be cautious of.

I went from using all the google services, all of the microsoft services, and more of big tech’s services. But at what cost? What was free really only made me the product. My data was and still is to some degree being used, bought, sold by many different providers.

So I have been working towards self-hosting anything that matters to me. File storage, self hosted. Media consumption, self hosted (mostly.)

I have one as far as running a pihole, with my own upstream DNS. Mix that with the only way to access my self hosted things through VPN. And beyond that other security/privacy measures.

The goalpost for being more private, and more secure, is ever changing. The goal is to minimize my exposure.

For any streaming, Netflix, YouTube, or anything I would always use a computer. Not some awful app on a slow device. No screen of mine needs to be anything besides a screen.

I wouldn’t say this is “better”

I do run a pihole, but I still will never connect my roku to the internet. It is much better to have a media PC or other streaming device I have control of fully connected.

I’d ditch Mull, and go IronFox. It’s a fork of Mull that is actively maintained.

Thank you for the info, I may try that out of curiosity

So, I of course rebooted everything i could, the box hosting my DNS/PiHole, VPN, docker box, etc. However, was remote and couldn’t reboot my modem.

I lowered my MTU on my VPN client config after rebooting my modem, and it’s working.

I don’t fully understand why it worked, but it did.

Maybe something on my ISPs end that wasn’t functioning.

I turned on query logging for my PiHole. I chose a random site I don’t typically browse, and confirmed I saw it logged in my PiHole. Though, I am thinking it’s likely DNS that’s causing issues.

I even tried turning off split tunneling, and it does the same thing.

I checked automatic DNS setting on my phone.

I don’t know if it will make a difference but the DNS records for my local services are CNAME records, so I am going to change it to an A/AAAA record on PiHole.

I have these set in PiHole and not my Unbound.

DNS leak test comes back the same mobile data with VPN as it does WiFi with VPN pointing back to DNS reflecting my upstream DNS, Quad9.

Wish I knew how to test/troubleshoot this.

That’s what I was thinking. Thank you

Absolutely, I can connect to the services via IP:Port

I have DNS handled by my PiHole (using unbound as-can upstream DNS)

On my PiHole, I have an A record for the docker box, and then CNAME records pointing to the A name record.

It makes little sense why it works on an offsite WiFi, but not mobile data.

Technology is going to be a part of every kids future (if they have one…) and should be taught with the other things they need to learn to be functional and successful.

There are other ways to limit social media access, and wccessnto other unproductive media. Use school sanctioned devices for work. Hire proper IT folk to lock down the equipment. But that would require funding for schools to be adequate.

This is a complex issue. You are over simplifying it.

I wasn’t trying to be short or condescending either. Just relaying what I know.

It is another layer of privacy in some cases. Could protect against poisoning of I’m not mistaken, but don’t quote me.

I know for me, I prefer to self host things where I can so I can own as much of my own data as possible.

Do you know what DNS does?

If you don’t, essentially is what translates IP addresses to hostnames.

So what having unbound would do is allow you to do DNS lookup locally.

I have used Tempo but I self host Navidrome

You can use both. Unbound is a validating, recursive, caching DNS resolver.

You can setup Unbound to be a self hosted DNS solution, and point PiHole to use your Unbound.

Source: Unbound

Singling out a problem that exists in a country I am very familiar with is a non problem. I didn’t state it was special to America. I didn’t speak on any other nation and their hatred of minorities. I didn’t even state anything about it being part of “human nature.”

I spoke on being familiar with the fact that it is a problem in America.