You might want to be more specific, cloud flare has a lot of different products, and you’re getting answers with differing assumptions.

For the self hosted focus, I use tail scale already, and when (not if) that company gets shitty, I will switch to head scale, or a competitor, or straight wire guard (plus firewall etc).

But I also run web sites on cf, and there’s no real alternative, definitely not for free. I don’t have hundreds of millions to spend on the CDN part, for starters.

I looked in to this a while back and didn’t find anything complete. I ended up using a collector and feeding the reports in to my existing Loki and making my own Grafana dashboard.

I used to. It’s really complicated and not big in the self hosted space.

I’d recommend the standard Prometheus, alert manager, and grafana stack instead. That’s what I use now, and although yaml sure is something, at least there’s tons of people to copy.

Use the DNS challenge instead? You’ll need a DNS provider with an API though

I use this, it’s fine, but development on the open version is very very slow.

And they still haven’t fixed my pet bug: they introduced Unix socket listening, I found that enabling it prevented upgrades, reported the bug with details and repro, and nobody cares. The workaround is simple, delete the socket file before every start. But I remain confused why a bug that prevents upgrades remains.

By default, unencrypted, and unauthenticated, and permissions rely on IDs the client can fake.

May or may not be a problem in practice, one should think about their personal threat model.

Mine are read only and unauthenticated because they’re just media files, but I did add unneeded encryption via ktls because it wasn’t too hard to add (I already had a valid certificate to reuse)

You could use a reverse proxy to terminate tls, and take the tls off of ad guard itself.

Same, I’ve been happy with my two play 1s for over a decade. But my secret is not updating, and not using the app (neither phone nor windows), I use Home Assistant (Python) and Noson. My other secret is not adding more Sonos speakers, because I believe you need to use the official phone app for grouping or updates.

Do you need more than locate offers?

https://wiki.archlinux.org/title/Locate

Of all those, I’ve only heard of Heztner. Am I out of touch?

I’ve been a Linode customer for years, and I used to use Digital Ocean as well. I’ve been happy with them, did you consider them?

None that article, but check my other reply and check your plan. You may be pleased, I was.

The marketing fluff doesn’t, but they actually did increase upload speeds. Mine went from 10 to 20 up. And here is the DSL reports forum thread from when this round started.

Also, they are testing larger increases. I could get 100 up today, if I had a supported modem.

So, check your actual plan and modem to see what you have now.

Yes. 2019 comment from cloudflare: https://news.ycombinator.com/item?id=19828702

On my network, I send dns requests for only the archive domains to a DNS server that archive likes. Adguards, in this case. Everything else goes to cloudflare. Both adguardhome and unbound can do that.

The recent webp vulnerability is a bit concerning.

I might get the 8 next week. It’s supposed to be a little smaller.

Ping is not a good way to test http, because they are completely different protocols, and can be blocked separately or not. From what you have posted so far, I don’t see a problem being demonstrated. Your caddy log here also shows one successful request. So: define “not working” better. Are you testing from a browser? Via curl? From where? To exactly what urls? What message do you get back from your browser/curl?

But who is running the bitwarden server? Bitwarden the private company.

I self host vault warden, but it’s really not something everyone can do.