Maybe Gitolite if it’s for code?

This is a fair point, though I will say for most Paradox games the majority of the changes come out in free updates when the DLCs drop. And I’ve found (coming from Europa Universalis IV) that there are only a few crucial DLCs that really feel necessary to the experience, many just add cosmetics or minor changes that get balanced out with free updates anyway.

Doesn’t solve the problem, you still feel like you’re missing out, but for example EUIV has like 20 DLCs, only 5 or so I would consider mandatory, and they go on sale in packs so often I don’t think I’ve paid more than $50 for the full game and all necessary DLCs for any paradox game.

Apparently this happened during Grandma’s Boy https://youtu.be/NMZv7ut_Zzk

I have several vintage film cameras I use pretty often, oldest are probably my Nikon F or Leica M3 from the late 50s.

The Z-Trip remix of I Want You Back, which is more of a demix than a remix or cover. It strips away a lot of the production and emphasizes the subtle guitar riff really nicely

https://youtu.be/zh-I31AsJJg

Really great shot!

I would configure a Backblaze B2 bucket and copy your repos and configs there, should be dirt cheap compared to a VPS and very durable.

For so many Linux server packages I find the manual to be more of a reference than a guide, so not very useful if you’re just getting started and aren’t sure what to do, but Shorewall is an exception, its manual is wonderful and Tom the creator really goes into detail about how to fit it into many different setups.

https://shorewall.org/GettingStarted.html

You’ll probably want to follow the two interface guide, the two interfaces in your case are your public IP interface, and the virtual interface connected to the Podman network side. You’ll essentially treat shorewall as a firewall/router for your Podman containers which will act as your “LAN” in this case. The warning about not installing Shorewall on a remote system is not to be ignored, you’re generally fine to install the package, but do not start the shorewall service without first setting up some rules to allow SSH. The safest way is to log in via your VPS console instead of SSH to keep you from getting locked out. Most VPS providers have some sort of out-of-band connection utility like VNC or a simple console access you’ll want to use.

If you really want to stick to UFW, you can ignore me, but this looks like a situation where finding another firewall may be best. UFW is a front end for IPtables and is mostly meant for desktop or simple server app usage. I’d recommend Shorewall, which is also a front end for IPtables but implements a zone based firewall and allows for more complex setups to be handled easier than with UFW. You can put your podman containers into a zone and define all of the network access you need for that zone separate from the host system.