I recently finished setting this up on my system after having a plan to do it for years beforehand and never following through. It turned out to be quite a bit easier than I thought; LUKS has built-in support for keyfiles, so all you have to do is add the keyfile as a valid key for your disk, then modify the mount options to use the keyfile by default. There’s a dedicated option to fail over to password-based authentication as well.

Facebook treats all their users as a resource to be exploited: 🤷‍♂️
Facebook treats me (their loyal employee) as a resource to be exploited: 😱

Nice, I’ll have to remember that GitHub trick. The main thing I’ve found lacking so far is config examples.

NixOS home server, gaming PC will soon move to Bazzite from Windows 10 (whenever I’m done working on my home server). I’m trying Bazzite for that machine because I use it more like a game console hooked up to the TV and don’t need the same level of tweaking and customization.

I’d say that if you’re an experienced developer, the learning curve is probably overstated, at least based on my limited experience. I’m still a relatively new user, but I’m feeling pretty comfortable with it so far.

A good thing about proxying is that it prevents auto-loading of resources from potentially malicious domains. For instance, I could make an image comment containing an image link to a server I control. When you reply to my comment, since you clearly have seen my comment, I can now look at my server logs and see the IP addresses of everyone who viewed my image. I now know that your IP address is in that list.