Well, seeing that Insurgency: Sandstorm was on a sale, I just picked it up for him (and myself). Seems to have a lot in the map making scene, and that's a really important factor for him.

It also helps that the prior Insurgency game has the most hours on his profile, by far. Gave me a good hint that he should enjoy this one.

Thanks so much!

EDIT: My dad just got back to me, and loves the gift. Apparently that's where most of his online buddies went and still are. Nailed it!

The best "bang for the buck" in your use-case is to use Nextcloud - Nextcloud Talk is your Jitsi replacement, and the files feature can be extended with the Nextcloud Photos plugin (https://github.com/nextcloud/photos).

As for your domain question:

1. You should use any computer you'd like that meets the Nextcloud recommendations, the key is of course isolating this machine on your home network so any "funny business" stays on the server. You can do this with VLANs or an entirely separate LAN connected to a different WAN (ISP).

2. Many places, I like porkbun.com for real custom domains for cheap, but for your use case, you might be able to use a Dynamic DNS provider for free. It just likely won't be an easy to remember URL (or at least, as easy as a root domain only). If you have a newer ASUS or Netgear router/modem they both have Dynamic DNS built in and you can select from a few different providers that have both free and paid tiers. ALSO it might be better to use Google Domains (now squarespace domains) since, IIRC, many DynDNS configs for routers support Google Domains too. Cloudflare can also be a decent registrar, and I'd recommend using them if you use any other cloudflare services (see below).

3. Other things to consider: Your ISP may block port 80, meaning lots of issues. If this is the case, you might want to use a tunnel of some sort. Cloudflare has a great solution here. Even if they don't block port 80, they may aggressively throttle and shape your incoming traffic - causing issues. Again, the tunnel is a good solution here. And, of course, your upload bandwidth matters a lot, you'll need something around 100Mbps upload for a decent experience when accessing your stuff over the internet. The 30Mbps that's typical of DOCSIS modems won't cut it. Outside of these concerns it's all about making sure you isolate your server from your "home stuff" to keep things secure.

I guess I didn't really see the pressure that they were under.

I hope they heal! But it's a bummer that such an excellent resource will be taken down.

I wish more creators were willing to hand their creations to someone who wishes to continue it. But oftentimes, I fear that it's far too entwined with a person's identity for that to be common occurrence.

It is definitely an under provisioning problem. But that under provisioning problem is caused by the customers usually being very very stingy about what they are willing to spend. Also, to be clear, it isn't buckling. It is doing exactly The thing it was designed to do. Which is to stop writes to the DB since there is no disk space left. And before this time, it's constantly throwing warnings to the end user. Usually these customers tend to ignore those errors until they reach this stop writes state.

In fact, we just had to give an RCA to the c-suite detailing why we had not scaled a customer when we should have, but we have a paper trail of them refusing the pricing and refusing to engage.

We get the same errors, and we usually reach out via email to each of these customers to help project where their data is going and scale appropriately. More frequently though, they are adding data at such a fast clip that them not responding for 2 hours would lead them directly into the stop writes status.

This has led us to guessing what our customers are going to end up at. Oftentimes being completely wrong and eating to scale multiple times.

Workload spikes are the entire reason why our database technology exists. That's the main thing we market ourselves as being able to handle (provided you gave the DB enough disk and the workload isn't sustained for a long enough to fill the discs.)

There is definitely an automation problem. Unfortunately, this particular line of our managed services will not be able to be automated. We work with special customers, with special requirements, usually fortune 100 companies that have extensive change control processes. Custom security implementations. And sometimes even no access to their environment unless they flip a switch.

To me it just seems to all go back to management/c-suite trying to sell a fantasy version of our product and setting us up for failure.

As a man who grew up with one foot firmly planted in yeehaw and the other in yuppie, I think this is brilliant!

Similarly FPS-Z games like Tribes (Ascend, Vengeance, 2) and Legions Overdrive.

Fortunately MidAir 2 is almost here. https://store.steampowered.com/app/1231210/Midair_2/

Fun fact, I purposefully goaded the bots into attacking my instance.

Turns out they aren't even using the web form, they're going straight to the register api endpoint with python. The api endpoint lives at a different place from the signup page and putting a captcha in front of that page was useless in stopping the bots. Now, we can't just challenge requests going to the API endpoint since it's not an interactive session - it would break registration for normal users as well.

The in-built captcha was part of the API form in a way that prevented this attack where the standard Cloudflare rules are either too weak (providing no protection) or too strong (breaking functionality).

In my case I had to create some special rules to exclude python clients and other bots while making sure to keep valid browser attempts working. It was kind of a pain, actually. There's a lot of Lemmy that seems to trip the optional OWASP managed rules so there's a lot of "artisanally crafted" exclusions to keep the site functional.

Anyways, I guess my point is form interaction is just one way to spam sites, but this particular attacker is using the backend API and forgoing the sign-up page entirely. Hidden fields wouldn't be useful here, IMO.

No, I was around when SysV Init was "replaced" by Systemd and how that impacted the Debian project (and other distros).

But you know what, sure, let's stick to your bad faith, insulting interpretation, after all it is more becoming of an internet troll. I'm sure it'll get you lots of updoots from similarly trollish individuals.

Personally, I believe in something called collective responsibility, and that does including expecting community members to do their fair share. But it sounds like you envision federations as mini fiefdoms.

Everyone is impacted, but especially moderators and admins. Moderators will see more spam if Capcha is removed, even if their own instance isn't on v0.18 - they will exist in a fediverse with instances that are on v0.18.

Admins are impacted because Captcha served as a decent way, when coupled with email validation, to combating spam account sign ups.

So the solution is to force everyone to be low hanging fruit in the meantime?

Look, I get where everyone is going in terms of improvements, but to remove an already working solution and leaving folks exposed in the meantime is not how we should be rolling improvements.

So what you're saying is that a poorly constructed door is better than none at all? Huh. That was my exact point.

Okay, so do you mind explaining why the servers onboarding the most spam users are the ones without Captchas?

If they are so ineffective, why are they effective now?