starkzarn
@starkzarn@infosec.pub
- Comment on Rybbit - Open source Google Analytics replacement 5 weeks ago:
Hey thanks so much for the engagement. I was trying to run it on a VPS that cost $35/year. 2GiB of RAM wasn’t quite enough to make it work for me, granted that was with the webserver and ancillary supporting services.
I’ll find an opportunity to test it out though, as rybbit looks great. I appreciate the mention on the other FOSS products, that’s a good look for you. I have plenty of experience with umami already. Cheers!
- Comment on Rybbit - Open source Google Analytics replacement 5 weeks ago:
Glad to see you post this here. I’ve been experimenting with selfhosted analytics for a while now and have attempted your project here a couple times. The thing that kills me is the Clickhouse requirement. It makes it impossible to host on a lightweight VPS. Like why should my analytics platform require so much more compute than my simple static site? Am I missing something?
- Comment on How to Run Custom Linux Images on Oracle Free Tier 5 weeks ago:
Okay this is excellent content, thank you!
I went through and fiddled with some more stuff to try and get this working to no avail. However, it inspired me to take apart netboot.xyz a bit more, and I was able to grab an efi and get next boot to load the efi file. It took me too long to realize you need the console tty arguments as part of the boot cmdline to get it working interactively, but after I got there I got it netbooted. Sadly though, it almost immediately runs into an OOM condition and thus isn’t practical on a free tier x86 asset. It would probably work on an aarch64 node, but I already have my allotted arm node spun up and working so I don’t have a free one to practice with.
Solid write-up though, thank you for putting that together!
- Comment on How to Run Custom Linux Images on Oracle Free Tier 5 weeks ago:
The “gotcha” with Oracle free tier is that you can’t install from arbitrary media, so the typical netboot.xyz or any iPXE workflow is out. No console access, no pre-bootloader access, nothing.
I’ve been fiddling with kexec, but it doesn’t seem like a supported method of loading the lkrn file from netboot…
This is super interesting to me, so by all means, if you have the kung-fu to show how this works I would happily read through that!
- Comment on How to Run Custom Linux Images on Oracle Free Tier 5 weeks ago:
Interesting. I’ve had two instances running for over 2 years and haven’t noticed that. It might be that I just don’t notice it though. I’m not scrutinizing it much.
- Comment on How to Run Custom Linux Images on Oracle Free Tier 5 weeks ago:
I am not well versed with
kexecbut I always understood it to be a kernel reboot without power cycling the “metal.” Please enlighten us with an example! I don’t see how you’d replace the entire userspace (and possibly filesystem) with simply kexec. - Comment on How to Run Custom Linux Images on Oracle Free Tier 5 weeks ago:
Certainly! As others have said, don’t hang anything worth value on it without an out of band backup strategy, they’re famous for unscrupulously deleting things with no warning. Oracle is a miserable company.
Free is free though!
- Submitted 5 weeks ago to selfhosted@lemmy.world | 14 comments
- Comment on Is Kagy web browser worth it? 1 month ago:
Mullvad Leta is the way
- Comment on A Beginners Guide To Selfhosting Part 1 2 months ago:
I would recommend giscus over discus, but yes, certainly a valid approach!
- Comment on A Beginners Guide To Selfhosting Part 1 2 months ago:
I have been pleased with his on my blog (roguesecurity.dev) Its powered via github discussions.
- Comment on End-to-End Encrypted Chat that YOU Control: Hosting XMPP (Jabber) with Prosody 2 months ago:
Agreed, prosody is great! I’ve been doing some experimenting with ejabberd and it seems more enterprise-ready, but I haven’t found anything that is discernable as far as feature advantages.
- Comment on End-to-End Encrypted Chat that YOU Control: Hosting XMPP (Jabber) with Prosody 2 months ago:
Sounds like a great opportunity to breath some life into it! If you really have the itch for IRC, there’s a slidge bridge to connect IRC to XMPP!
- Comment on End-to-End Encrypted Chat that YOU Control: Hosting XMPP (Jabber) with Prosody 2 months ago:
Agreed! Runtime environment management is so much nicer with modern containerization. You or ally can’t overstate how much better it is to have app stack state be entirely divorced from OS state. I’m very pleased they’re back on the bandwagon as well.
Stand up a server and come join our MUC!
- Comment on End-to-End Encrypted Chat that YOU Control: Hosting XMPP (Jabber) with Prosody 2 months ago:
UPDATE: For anyone who comes back to this, or any new readers – I have added a MUC (chat room) on my XMPP server for discussion of any tech-related things, akin to the subject-matter of this blog. Hope to see you there!
- Comment on End-to-End Encrypted Chat that YOU Control: Hosting XMPP (Jabber) with Prosody 2 months ago:
I have experimented with Simplex, but it feels less tuned toward hosting federated infrastructure and more tuned toward participation with the greater network in a pseudo-anonymous fashion.
Adoption is also always a hurdle with any ecosystem like this, and XMPP is certainly ahead of Simplex in that avenue.
- Comment on End-to-End Encrypted Chat that YOU Control: Hosting XMPP (Jabber) with Prosody 2 months ago:
It has a long healthy life ahead! Come join the party, the proof is in the pudding.
- Comment on What's the best chat to self host? 2 months ago:
😆 +1 for reading enough to see that! Thank you!
I’m one of those people that ends up using the vocabulary I once learned to get the most value out of it. Would hate to waste all that. Haha.
- Comment on End-to-End Encrypted Chat that YOU Control: Hosting XMPP (Jabber) with Prosody 2 months ago:
This is also a great article! Thanks for the link.
One cool point in favor of XMPP is that in a public setting (MUCs), there’s community. Moparisbest is an active participant in several of the MUCs that I’m in. Very cool!
- Comment on End-to-End Encrypted Chat that YOU Control: Hosting XMPP (Jabber) with Prosody 2 months ago:
Yeah they just redid their container image pipeline and these containers are the result!
- Comment on End-to-End Encrypted Chat that YOU Control: Hosting XMPP (Jabber) with Prosody 2 months ago:
Super true. I think this was best exemplified by SignalGate
- Comment on End-to-End Encrypted Chat that YOU Control: Hosting XMPP (Jabber) with Prosody 2 months ago:
This is great, I have not seen this post before. Thank you for sharing.
You make an excellent point here, that the burden of security and privacy is put on the user, and that means that the other party in which you’re engaged in conversation with can mess it up for the both of you. It’s far from perfect, absolutely. Ideally you can educate those that are willing to chat with you on XMPP and kill two birds with one stone, good E2EE, and security and privacy training for a friend. XMPP doesn’t tick the same box as Signal though, certainly. I still rely heavily on Signal, but that data resides on and transits a lot of things that I don’t control. There’s a time and a place for concerns with both, but I wanted to share my strategy for an internal chat server that also meets some of those privacy and security wickets.
- Comment on End-to-End Encrypted Chat that YOU Control: Hosting XMPP (Jabber) with Prosody 2 months ago:
Yes, absolutely. It all depends on implementation. I am using VLANs for L2 isolation. I have a specific DMZ VLAN that has my XMPP server and only my XMPP server on it. My network core applies ACLs that prevent any inter-VLAN traffic from there, so even if STUN/TURN pokes holes, the most that is accessible is that single VLAN, which happens to contain only the single host that I want to be accessible.
Great question.
- Comment on What's the best chat to self host? 2 months ago:
Just updated my original comment, but that XMPP blog post I mentioned is live: roguesecurity.dev/blog/xmpp
- Comment on What's the best chat to self host? 2 months ago:
Here’s the blog post: roguesecurity.dev/blog/xmpp
- Submitted 2 months ago to selfhosted@lemmy.world | 38 comments
- Comment on What's the best chat to self host? 2 months ago:
Arch wiki never fails to deliver!
- Comment on What's the best chat to self host? 2 months ago:
XMPP most definitely! Especially if you want to have connectivity to other servers at all (like simplex). It’s much simpler, more well-known, battle hardened, and still supports E2EE and video calling very well.
I recommend prosody. I recently went through the process of setting up a server and have a draft blog on it half way finished if you want an account of the experience.
- Comment on Security camera recommendations? 2 months ago:
There is not a mobile app, no. You can pseudo install it as a PWA if using a chromium based browser though.
I do use HomeAssistant so I let it do the notifications for me, but you could easily setup pubsub and use that to hook gotify or something. Maybe it even has native webhooks at this point, I’m not sure.
Notably though I don’t run frigate in HomeAssistant, it’s just plugged in via API. That’s to support hardware passthrough for my coral TPU.
I highly recommend it over the others. the only one I haven’t tested is blue iris because it’s windows only and I refuse to have a windows machine on my network. Frigate outperforms all the others that I tested. Zoneminder is a runner up but it feels dated and the object detection is a kludge.
- Comment on Security camera recommendations? 2 months ago:
I have some reolink and some amcrest, and I’d choose the amcrest (or dahua) any day tbh. Similar workload. Tensor and frigate for software NVR and object detection, all to a zfs dataset.