Also, guessing their standard is pretty low if Gimp does the job — at least from a professional standard. There’s not much of a comparison.

Seconded.

Well that’s nice. Hopefully they have some teeth, so we don’t have to go through another one of Zuck’s crocodile-tears-fuelled hearings, followed by absolutely fuck-all change 🙄

### GLUETUN

services:
  gluetun:
    image: qmcgaw/gluetun
    container_name: gluetun
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    ports:
      - 8888:8888/tcp # HTTP proxy
      # - 8388:8388/tcp # Shadowsocks
      # - 8388:8388/udp # Shadowsocks
      - 8090:8090/tcp # qbittorrent
      - xxxx:xxxx/tcp
      - 3423:3000/tcp # librewolf
    volumes:
      - /volumex/docker/gluetun:/gluetun
    environment:
      - PUID=xxxx #CHANGE_TO_YOUR_UID
      - PGID=xxxx #CHANGE_TO_YOUR_GID
      - TZ=Europe/xxxx #CHANGE_TO_YOUR_TZ
      - VPN_SERVICE_PROVIDER=airvpn
      - VPN_TYPE=wireguard
      - WIREGUARD_PRIVATE_KEY=xxxx
      - WIREGUARD_PRESHARED_KEY=xxxx
      - WIREGUARD_ADDRESSES=xxx.xxx.xxx.xxx
      - SERVER_REGIONS=Europe
      - HTTPPROXY=off #change to on if you wish to enable
      - SHADOWSOCKS=off #change to on if you wish to enable
      - FIREWALL_OUTBOUND_SUBNETS=172.20.0.0/16,192.168.0.0/24 #change this in line with your subnet see note on guide.
      - FIREWALL_VPN_INPUT_PORTS=xxxx #uncomment this line and change the port as per the note on the guide
      - UPDATER_PERIOD=24h
    network_mode: bridge-xxxx
    labels:
      - com.centurylinklabs.watchtower.enable=false
    security_opt:
      - no-new-privileges:true
    restart: always


### QBITTORRENT

  qbittorrent:
    image: linuxserver/qbittorrent:5.0.1
    container_name: qbittorrent
    environment:
      - PUID=xxxx #CHANGE_TO_YOUR_UID
      - PGID=xxxx #CHANGE_TO_YOUR_GID
      - TZ=Europe/xxxx #CHANGE_TO_YOUR_TZ
      - WEBUI_PORT=8090
      - UMASK=022
    volumes:
      - /volumex/docker/qbittorrent:/config

      - /volumex/linux-isos/:/data
    network_mode: service:gluetun # run on the vpn network
    depends_on:
      gluetun:
        condition: service_healthy
    security_opt:
      - no-new-privileges:true
    restart: always

### LIBREWOLF

  librewolf:
    container_name: LibreWolf
    image: ghcr.io/linuxserver/librewolf:latest
    security_opt:
      - no-new-privileges:false
      - seccomp:unconfined
    #healthcheck:
     # test: timeout 10s bash -c ':> /dev/tcp/127.0.0.1/3000' || exit 1
      #interval: 10s
      #timeout: 5s
      #retries: 3
      #start_period: 90s
    environment:
      CUSTOM_USER: xxxx
      PASSWORD: xxxx
      TZ: Europe/xxxx
      PUID: xxxx #CHANGE_TO_YOUR_UID
      PGID: xxxx #CHANGE_TO_YOUR_GID
    volumes:
      - /volumex/docker/librewolf:/config:rw
    network_mode: service:gluetun # run on the vpn network
    restart: no 
    depends_on:
      gluetun:
        condition: service_healthy
    shm_size: "5gb"

Heard about WireSock, but I’m on macOS, “sadly”.

Gluetun is running in a container in the same stack as Qbit, and Qbit knows to get its network through Gluetun.

network mode > service > gluetun or something similar (syntax is def. wrong) in the Compose.

Gluetun is connected to AirVPN through / with / using (?) WireGuard. I’m actually a bit foggy on the terminology 😅

I’m in virtually the same situation, although qbit is running in Docker through a Gluetun/Wireguard tunnel, so that part works fine.

I really wanted to do split tunnel on my Mac to access my tracker’s site (all Linux ISOs, of course) through the same tunnel, and haven’t had any success.

My workaround is running LibreWolf (modded Firefox) in the same stack, through the same tunnel. It’s not ideal, but at least it works.

Do update if you find a solution!

We have a Samsung “smart” TV, hooked up to an AppleTV box. The TV’s original remote is in a drawer somewhere, forever unused.

I have the apps that I need, the tiny Siri Remote turns on the TV and handles volume, and, apart from the aggressively, insanely, mind-blowingly horrible on-screen “keyboard” / text input (we don’t have Apple phones we can use to mitigate this, sadly. Also, what the fucking fuck, Apple?!) we’re happy. For now. I trust Apple to make the experience incrementally worse as a fact of life.

Not perfect, but leagues better than dealing with Samsung’s interface.

I spy a research rabbit hole in my near future … 🐰

Edit: ESPHome is a system to control your microcontrollers by simple yet powerful configuration files and control them remotely through Home Automation systems.