I haven’t met a Linux user that would consider leaving the factory installed OS instead of immediately blowing it out and installing their own

The poster you’re replying to is suggesting a static IP, not an apipa up. You’d already know a static IP because you set it yourself.

Damn, I created a minor niche meme. And my teachers didn’t think I’d amount to anything

I did, yeah. I thought the original flowchart was really childish and cringy so I made this and posted it on some Linux circlejerk sub on reddit. It didn’t get any traction, I’m shocked to see it pop up years later. I guess somebody must have liked it

Where’d you get that image? I made that 7 or 8 years ago. Has it been making the rounds? It’s weird to see it in the wild lol

If OP, freed from the confines of the corporate security suite, happens to get infected with a firmware or boot partition malware…

Postfix with MTA that filters maybe.

This provides very little of exchange’s functionality. The closest thing I’ve seen in the open source universe is zarafa, which crowbars activesync emulation into an imap/caldav/carddav infrastructure, badly I might add, and with 3-4x the complexity, maintenance cost, and attack surface. I wouldn’t even recommend it for a small business let alone a government agency with all the compliance regulations they have to deal with.

This is one case where Microsoft owns the market because they legitimately have the best tool for the job.

I don’t recommend thinkpads. As I mentioned elsewhere in this thread, they don’t allow you to replace your own wifi card. Latitudes have great Linux support, and as a business class machine they’re as reliable and easy to work on as thinkpads

Thinkpads are locked down, the bios will refuse to boot if you install a non-Lenovo wifi card.

Is it anything like the daily shit storm in every Linux community?

It’s free and open source, unlike Microsoft’s proprietary Ms. Pacman

People missing a leg

Is GNU really just unix in disguise?

How do I change the language to EN-US on redstar os?

Almost every open source project accepts donations. They want your money, they just don’t demand your money.

For great justice, you must

use rust and zig

Technically true but I wouldn’t suggest using a self signed cert on the internet under any circumstances.

Absolutely do not expose your server on port 80. Http is unencrypted, you’d be sending your login credentials in plaintext across the open internet. That is Very Bad™. If you own a domain name, you can set up a letsencypt cert fairly easily for free. Then you could expose 443 and at least your traffic will be encrypted in transit. It won’t solve the other potential issues of exposing your instance like brute force or ddos attacks, but I’d consider it a bare minimum.

If you use a VPN like many others are suggesting it won’t matter as much because the unencrypted traffic never leaves your local network.

Wireguard installation is going to be much more secure than a Nextcloud

I understand that, and it’s a good suggestion and a better solution if it fits the OPs use case. I don’t understand suggesting they do both. Either VPN or port forwarding solve the problem, doing both seems unnecessary.

before you start forwarding ports on your router

Don’t you mean instead of? If all the OP wants to do is access next cloud, they can do it over the VPN without forwarding ports. What you’re suggesting doesn’t solve the problem of port 80 being an attack vector, and adds yet another attack vector (the VPN itself)