peregus

@peregus@lemmy.world

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨This Week in Self-Hosted (7 March 2025)⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:

On another note, I received some flack last week for poking fun at the Immich devs for prioritizing the platform’s new mascot over a feature I’ve personally been looking forward to (yes, they were in on it). I had planned to make a formal apology this week until I noticed they dropped another release that again left me feeling neglected as they instead celebrated 60k GitHub stars (is that a lot?).

If you need me before next Friday, I’ll be busy making the transition back to Google Photos while enjoying this custom CSS for styling a Flame dashboard to look like the Lumon MDR terminals from Severance

Both these sentence feels very childish to me. First of all, it’s an open source software, nobody can pretend anything! Second, it’s clear that, as mentioned by one of the developer, they were joking about it

If he was joking too, I didn’t get it.
⁨Comment⁩ on ⁨What host names do you use?⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
I use Alps bigger peaks for the hosts like: Castore, Polluce, Lyskamm, Gnifetti, etc. (yes, mainly from Monte Rosa) for the hosts and smaller peaks for the VMs: Grigna, Grignetta, Resegone, Cornizzolo, Palanzone, etc.)
⁨Comment⁩ on ⁨How can I host a small api/database accessable from a phone app as cheap/easily as possible?⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
I’ve read very bad experiences about Oracle free tier VPS, like VPS disappeared for good with all the data.
⁨Comment⁩ on ⁨Decentralized Search Engine⁩ ⁨⁨6⁩ ⁨days⁩ ago⁩:
If you host a system that uses the Google APIs, it seems to me that you don’t get any privacy gain since being you the only one using it, Google knows it’s you. I’ve been using startpage for a year now and I’ve been happy about it; I’ve never had to use Google anymore.
⁨Comment⁩ on ⁨Email provider for home server alerts⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
I use SMTP2GO (with my own domain) with the free plan (1000 email per month) that’s way over a selfhoster needs.
⁨Comment⁩ on ⁨Seagate's fraudulent hard drives scandal deepens as clues point at Chinese Chia mining farms⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
I’ve read the article and I couldn’t see any implication of Seagate. I’m not saying anything about your story, shame on Seagate, but I don’t see what that has to do with the scandal in the article.
⁨Comment⁩ on ⁨How do you all handle security and monitoring for your publicly accessible services?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

The entire point of selfhost is to host private services not available to the public
Probably your entire point, a lot of self hosters self host services that family members and friends can reach most of the time without the need of a VPN. This very community is full of examples.

It’s infinitely more secure

I’m with you about that.

There’s simply no room for an argument.

As stated in the other post, I’m sorry about that, I’m here to discuss and learn, if you don’t have room for an argument, our discussion ends here.

VPN is objectively better in all possible situations.

Exactly! in all possible situation!!!
⁨Comment⁩ on ⁨How do you all handle security and monitoring for your publicly accessible services?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

Only a hardware firewall would do this. If it’s software, like implied in your post, no traffic is filtered and all connections are accepted.

Talking abut netfilter, since it manages also the forwardning, it for some strange reason it should crash, NO IP traffic is flowing

VPN is the least amount of work for the most secure setup. There’s nothing to even argue, its superior in every way.

If there’s nothing to even argue, then I say goodby to you since I’m here to discuss. All the best!
⁨Comment⁩ on ⁨How do you all handle security and monitoring for your publicly accessible services?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Well…if you edit your post after someone has replied to it at least specify what’s you’ve edited and don’t pretend that the answer that somebody else has already given you wasn’t about your non edited post!
If you (my mistake) wrote VPS instead of VPN, you can’t pretend that I’ve answered about VPN!
If you can convince your family member and your friends to use a VPN to use your service, that’s good for you, and I mean it!
But saying that it’s quite impossible to do that, I think that I’m speaking for 99% of the self hoster (is this correct in English? Bah, you got me!)
⁨Comment⁩ on ⁨How do you all handle security and monitoring for your publicly accessible services?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

If for whatever reason your firewall is down, there’s unrestricted access to your server…

I don’t know what kind of firewall you use, but if my firewall is down there is NO traffic at all passing through!

And by the way, since I’ve replied to someone that don’t want to use VPN because he doesn’t want to give access to the whole network, I meant that he could use a VPN AND iptables to restrict the guest access to single services instead of the whole network.
⁨Comment⁩ on ⁨How do you all handle security and monitoring for your publicly accessible services?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

Again, this is the reason VPS’ exist.

What? What’s the difference between a VPS and your home server? You may say that’s a good practice to separate things, so maybe have a a VM with public facing services and another with more private stuff reachable only with a VPN. But for something like Nextcloud, it needs to be public (if you’re not the only one using it), but it contains personal stuff and then comes the OP request!
⁨Comment⁩ on ⁨Byebye Raspberry Pi (Selfhosted Linux Prepper podcast)⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
ChatGPT summary:
The podcast episode “Byebye Raspberry Pi” discusses the evolving role of Raspberry Pi devices in 2025. The host evaluates self-hosting options, the growing appeal of thin clients over Raspberry Pi due to cost and performance, and the use of containers for flexible testing environments. They also touch on repurposing older hardware and share personal experiences with self-hosting and audio editing. The episode covers modern alternatives to Raspberry Pi, such as x86 computers, and invites audience feedback on their use of devices for hosting services. The discussion includes tips on managing disk space and remote access with WireGuard.
⁨Comment⁩ on ⁨How do you all handle security and monitoring for your publicly accessible services?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Just out of curiosity, why do you disconnect from your home VPN?
⁨Comment⁩ on ⁨How do you all handle security and monitoring for your publicly accessible services?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
For that, you can restrict access to a single service with iptables.
⁨Comment⁩ on ⁨How do you all handle security and monitoring for your publicly accessible services?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

With Wireguard there’s really no reason.

Well, that’s kinda of a personal choice. If somebody needs to have services accessible by someone else besides him, that service can’t be behind a VPN (let’s face the truth: we know that we can’t ask all out relatives and friends to use a VPN).
⁨Comment⁩ on ⁨How do you all handle security and monitoring for your publicly accessible services?⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Oh, I really didn’t know that. Thanks
⁨Comment⁩ on ⁨How do you all handle security and monitoring for your publicly accessible services?⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
No no, what I meant is that if I connect to your server without the certificate installed don’t I just get the warning and I can still get through?
⁨Comment⁩ on ⁨How do you all handle security and monitoring for your publicly accessible services?⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Beside the fact that you would like to understand if you’ve done everything properly (that’s good, but I can’t help you here), a VPN on a smartphone can be always active. Mine is always on and I’ve never noticed any battery problem. If you prefer something simpler there’s Tailscale.
⁨Comment⁩ on ⁨How do you all handle security and monitoring for your publicly accessible services?⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
I don’t know much about certificates, but doesn’t that just alert the browser that the certificate is not trusted and you can decide if keep going or not?
⁨Comment⁩ on ⁨Don’t Use Session (Signal Fork)⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Ops. However a small TL;DR would be useful instead of just copying/pasting links.
⁨Comment⁩ on ⁨I don't know what to do with this information⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Very thorough explanation! I’ll add a basic info for @TheTwelveYearOld@lemmy.world: every service MUST have a different password (password manager almost mandatory with a VERY strong password and 2FA). If you’re paranoid like me ( 🙈 ) use a different email alias for each service (SimpleLogin)
⁨Comment⁩ on ⁨Don’t Use Session (Signal Fork)⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
It would be nice to read the basic points of your statement, then if someone wants to go in detail, there’s the link to your article.
⁨Comment⁩ on ⁨Many smaller drivers or fewer larger drives?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Where do you buy refurbished HDD?
⁨Comment⁩ on ⁨JetKVM's Source Code is now public! ✨⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Dude, chillax!
⁨Comment⁩ on ⁨JetKVM's Source Code is now public! ✨⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Yes, I’ll have to buy a 10/15€ cheap Chinese adapter.
⁨Comment⁩ on ⁨JetKVM's Source Code is now public! ✨⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
But can it run it though? Does it have enough power?
⁨Comment⁩ on ⁨JetKVM's Source Code is now public! ✨⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
I wish it was possible to connect it to VGA servers to 🙁
⁨Comment⁩ on ⁨JetKVM's Source Code is now public! ✨⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Veeeery nice! I want one! (Well…maybe 2, or 3, or… 😁)
⁨Comment⁩ on ⁨JetKVM's Source Code is now public! ✨⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
What do you mean by “suspicious”? What are your worries?
⁨Comment⁩ on ⁨Noob stuck on port-forwarding wile trying to host own raw-html website. Pls help⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

Cloudflare acting as a MITM

It is a MITM, but I think that for us self hoster ther’s nothing to worry about. What could they sniff? And it makes things easy.