simplest tool to backup to Google drive

Without the need for versioning, I think rclone fits the description. For backup into USB drive / remote SSH server I would recommend rsync.

Wireguard config already includes “::/0”

That is what I was thinking, yes.

In my case just disable IPv6 in WiFi is enough.

sysctl looks like the most universal way.

net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1

I tried the same setup with Ubuntu 24.04.1 desktop live system and I can replicate this IP leak issue, I guess I will have to disable IPv6.

You setup Wireguard server on the VPS with both IPv4 and IPv6. Then you connect both your computer and IPv6-only server to the Wireguard server. After connection, you can connect to the VPN through IP address assigned by wireguard.

Personally have good experience with https://github.com/Nyr/wireguard-install, there are other script that are available by searching “wireguard setup script github”.

Note: By default Wireguard config generated will route every bit of traffic through Wireguard (which will be slower and probably not wanted in this situation), to change that change AllowedIPs field in Wireguard config, lets say all your machines are assigned 1.2.3.xxx as IP address, to only access other 1.2.3.xxx IP through wireguard, change the config to AllowedIPs = 1.2.3.0/24.

Host a website that needs to be accessible from your own machine or public?

Former situation: Can be solved by setup reverse proxy on the other VPS, or join machines to a VPN server (like tailscale, Zertoier or Wireguard server)

Later situation: Cloudflare or other CDN, setup reverse proxy on the other VPS.

Less accessible option but available for public: Tor or I2P

Great, if you need to SSH into Ipv6 only machine, SSH has -J flag which can be used to specify “jump host” (basically run SSH through SSH)

I think that means the access point can only run at up to 80Mhz bandwidth, so not full bandwidth.

I am born too late to understand what Y2K problem was, this (the result) might be what people thought could happen.

I9 14900k…bad news for you, 13th and 14th gen I9 is unstable, crashes.

Suggestion: Wait for 15th gen or AMD 9000 series CPU to come out.

I remember trying Retroshare… no offline message is the biggest obstacle.

I am pretty sure you can set your own DNS server in Android.

I think most up-to-date OpenWrt routers can do later (with normal, unencrypted DNS requests), see https://openwrt.org/docs/guide-user/firewall/fw3_configurations/intercept_dns.

The model you mentioned (Flint 2) is supported by OpenWrt.

route ipv6 dns to a destination of my choice

Does this mean setting custom DNS server (so devices using DHCP picks up what DNS server you want them to use) or intercept DNS requests (MITM or use firewall rule to drop outbound 53 port requests)?

Important things about dual booting:

1. Configure your Windows to use UTC time https://wiki.archlinux.org/title/System_time#UTC_in_Microsoft_Windows

2. Disable “Fast startup” in Windows (can possibly cause hardware issues if not disabled and it really doesn’t improve things in computers with SSD)

What do you recommend I do about disk partitions?

I recommend separate EFI partitions while dual booting, I haven’t seem issues with my separate EFI partition setup yet.

If Mint provides Btrfs filesystem I personally recommend looking into timeshift (snapshot software that can be setup to automatically snapshot your computer).

Is disk encryption straightforward?

According to Linux Mint forum, you need to choose an option in “Advanced features” while going through installer, that seems straight forward

Is cloud storage sync straightforward?

Don’t have experience with this but I can tell you: While rclone supports bi-directional sync, you need some setup for make it run periodically.

Should I just use apt to install software?

In the end you have to give trust to someone, I think it’s fair to say if you already choose Mint you probably trust whatever options comes with Mint more than 3rd party options (but is it theoretically possible that backdoored program exists in Mint repository? of course yes).

Tailscale server can also be self-hosted, look into headscale.

From my own experience, I still can’t setup headscale on my Android phone, I think latest tailscale APP fucked up setting custom server function. Don’t install from Google Play