Microsoft says it will give up data on Canadian individuals and government and defence that is hosted on Microsoft servers to the US government on request, and they don't have to tell us about it. 👀
#cdnpoli #DataSovereignty
https://www.digitaljournal.com/tech-science/microsoft-says-u-s-law-takes-precedence-over-canadian-data-sovereignty/article
EU’s use of Microsoft 365 found to breach data protection rules
An investigation into the European Union’s use of Microsoft 365 has found the Commission breached the bloc’s data protection rules through its use of the cloud-based productivity software.
Last time I promoted my company here, all I got was positive responses, and some new customers! So I'm going to do it again!
I run an independent UK cloud hosting company called @brightbox. We offer virtual servers, load balancers, SQL services, object storage, docker registry and more.
All entirely UK owned and operated.
We don't have a separate support department, any help you get is from an experienced ops person.
Ask me anything!
My #StarterPack for #Linux #SelfHosting
1) Heimdall start page for your LAN
2) Shiori bookmarks
3) Copyparty for filesharing through web or FTP
4) Kanboard Kanban board
5) Kiwix for offline website content
6) calibre-web for ebooks
7) Hyper8 for self-hosted video content, like a poor man's #Youtube.
8) mkdocs for a markdown-based wiki
I self-host all of these, using #nginx as the web server in all cases. These all consume very little RAM and CPU, and would run very performantly on a Raspberry Pi 5 2GB, with a decent SSD. No #docker needed for any of them.
#OpenSource #DataSovereignty
Dear fellow or potential fellow gotosocial instance admins,
I've come up with a novel way to set up a #gotosocial server behind a reverse proxy, which avoids the use of making new firewalling rules - both on a VPS, and creating port forwarding on one's home router. This method is ideal for minimizing the cost of running one's own #ActivityPub/#Mastodon server, in a way that leverages inexpensive fast storage on the backend (say, on a #RaspberryPi 5, 2GB of RAM, with an NVMe). As many valiant and praiseworthy Mastodon server admins might attest to, renting cloud VPS' can cost a lot, especially when storing many tens or hundreds of GB of user data.
My method avoids the need of forwarding ports 443 and 80 into one's home LAN, using DNAT (on the VPS) and port forwarding (on one's home router). In a nutshell, it's a novel use of #Wireguard, in conjunction with #nginx on the frontend, and gotosocial on the backend. This can save the cost of renting a dedicated VPS, to get the exclusive use of ports 443 and 80, in conjunction with static IPv4 and IPv6 addresses. My method optimizes on reliability and cheapness, but it's not the most secure - decryption and re-encryption happens on the VPS, before the data travels down the Wireguard tunnel. This exposes the data to any underlying hypervisor at one's hosting company. So full disclosure there.
I've run my method by the helpful gotosocial furries in their #Matrix Help chatroom (and I'm grateful for their help to debug subtle warts the method had), and got their blessing, at least to the technical soundness of the method.
I have a testing instance of gotosocial 0.21.0 set up with this new method: https://g.toque.im
I'm the user @owl on that instance, should you wish to befriend me there.
I'll make a longer blog post on this in the days to come, and post it in a reply to this post. (I also cross-posted this on another account of mine, please forgive the duplicate: @gtsadmin )
#DevOps #Linux #infosec #SelfHosting #DataSovereignty #OpenSource
