PeriodicallyPedantic

@PeriodicallyPedantic@lemmy.ca

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨If you have one, how much do you pay for a domain name? Any cheap registrar recommendations?⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
On [CloudFlare, user224.com(domains.cloudflare.com/?domain=User224) renews annually at least than $11

That’s where I got my domain (I was using them at the time, but it doesn’t matter), for that price, and that includes whois privacy.
⁨Comment⁩ on ⁨Help getting started with self hosting Jellyfin via NAS?⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:
I can’t answer many of the questions here, but I can help a little with two:

If you’re worried about noise, don’t get ironwolf drives. I just did and they’re noisy af. I brought some sound absorbing foam to put around the place where I keep my NAS, because they’re so much louder than I expected.

Don’t open up a port in your network.
Use something like tailscale to connect your devices to your home network, or rent an VPS to run a secure tunnel using pangolin (you’ll need to look into bandwidth limits).
⁨Comment⁩ on ⁨Bo'le of wa'er⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:
Ah, RP, so Bottol of wotta
⁨Comment⁩ on ⁨Bo'le of wa'er⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:
Are you the
Buh’oh ah wa’ah
Or
Bah’ol ah wa’er
Or
Bo’el a wo’ah
Type of English?
⁨Comment⁩ on ⁨Bo'le of wa'er⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:
“have”?
I think you mean 'ave, mate, innit?
⁨Comment⁩ on ⁨News could use a reboot.⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:
News 2: electric Boogaloo
⁨Comment⁩ on ⁨Using Immich in combination with NAS permissions⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:
Sorry I misread when you said “library” for some reason I thought you meant “external library”

The problem that I’m trying to solve and I think OP is also trying to solve, is that they want the files to be on their NAS because it is high capacity, redundant, and backed up, but many users have access to the NAS, so they cannot rely on immich alone to provide access permissions, they need access permissions on the files themselves.

I solved this by having a separate share for every user, and then mounting that user’s share on their library (storage label).
It sounds like OP wants a single share, so having correct file ownership is important to restrict file access to the correct users who are viewing the filesystem outside of immich.

Not sure what you mean by your last paragraph, how do you assign a share to individual files (assume you mean directories) outside of immich’s need for storage?
⁨Comment⁩ on ⁨Using Immich in combination with NAS permissions⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:
Library access won’t allow upload, this will.

My knowledge here isn’t super deep, but it seems like you can do mapping per-share-per-ip, which means you can say “all file access coming from the immich host to this share will act as this user” which I think is fine if that share belongs to that user, and you don’t have anything else coming from that host to that share which you want to act as a different user. Which are very big caveats.
⁨Comment⁩ on ⁨Using Immich in combination with NAS permissions⁩ ⁨⁨6⁩ ⁨days⁩ ago⁩:
Yes, except for the NAS user ownership of those files.

I think there might be a way to do the file ownership too, which I’ll get to at the end, but I don’t think its necessary. for now here is my setup:

First off, you need to be using Storage Templates.
Second, you need to have either a fresh install, or users need to be set up with storage labels that aren’t their intended final storage labels.

In docker, you’ll need to set up an external NFS volume for every user. I use portainer to manage my docker stacks, and its pretty easy to set up. I’m not sure how to do it with raw docker, but I dont think its complicated.

in your docker compose files, include something like this
```
services:
  immich-server:
    # ...
    volumes:
      - ${UPLOAD_LOCATION}:/data
      - /etc/localtime:/etc/localtime:ro
     - type: volume
        source: user1-share
        target: /data/library/user1-storage-label
        volume:
          subpath: path/to/photos/in/user1/share
    - type: volume
        source: user2-share
        target: /data/library/user2-storage-label
        volume:
          subpath: path/to/photos/in/user2/share
    # and so on for every user
  # ...

volumes:
  model-cache:
  user1-share:
    external: true
  user2-share:
    external: true
  # and so on for every user
```
There are 2 things about this setup:
1. it does not scale automatically. this is fine as long as you don’t intend to be adding/removing users often.
2. it is only saving the photos and videos. all thumbnails and transcoded videos, etc, get saved to ${UPLOAD_LOCATION}. For me this is fine, I dont want to pollute my NAS with a bunch of transient data, but if you want that info then for every user, in addition to the target: /data/library/user1 target you’ll also need a target: /data/thumbs/user1, target: /data/encoded-video/user1, etc.
finally, redeploy, and add your users (making sure that the user’s storage labels match the target directories) or change your user storage labels (to match the target directories, and run the migration job). the storage label must not have existed before you deployed, otherwise it’ll get masked by the mount and you wont see the existing data.

You may also want to add similar volumes for external libraries (I gave every user an external “archive” library for their old photos) like this:
```
    - type: volume
        source: user1-share
        target: /archive/user1-storage-label
        volume:
          subpath: path/to/photo/archive
```
and once immich allows sharing external libraries (or turning external libraries into sharable albums) I’ll also include a volume for a shared archive.

To address the file ownership:\n I honestly don’t think its important, as long as your user has full access to the files, its fine. But if you insist then you have a separate share for every user and set up the NFS server for that share to squash all to that share’s user. Its a little less secure, but you’ll only be allowing requests from that single IP, and there will only be a request from a single user from that server anyways.
Synology unfortunately doesn’t support this, they only allow squashing to admin or guest (or disable squashing).
⁨Comment⁩ on ⁨Rules for a gun fight⁩ ⁨⁨6⁩ ⁨days⁩ ago⁩:
Any size is fine if the other side doesn’t know they’re coming to a gun fight
⁨Comment⁩ on ⁨Bluesky just verified ICE⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
It’s illegal to hire people or refuse to hire people based on political beliefs or affiliation, so you’re not gonna have companies that only employ Trump supporters or employ no Trump supporters. Politics is considered a protected group wrt employment law in the USA and many countries.

But how would it actually work?
It’s not like it’s difficult to gauge employee sentiment about ICE. If your employees are strongly against it, then you simply don’t enter the competition for ICE contracts, or you choose to not renew the contracts when they expire.
⁨Comment⁩ on ⁨FYI: Reddit trademarked some community names (Digg link)⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
They only have to make an example of a few to discourage the rest.

The only real safety is with the instances hosted and run in locations difficult for American companies to pursue legal action
⁨Comment⁩ on ⁨Bluesky just verified ICE⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Yeah, but at the same time it’s kinda good for people to be able to see the kind of shit they’re posting for themselves.

It is propaganda, but it’s not good propaganda, and that’s what the community fact checking thing is meant to counter, imo.
⁨Comment⁩ on ⁨Bluesky just verified ICE⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Even if that was true, which it isn’t, a company should reflect the beliefs of its employees and community.
⁨Comment⁩ on ⁨Bluesky just verified ICE⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
If it’s an official govt agency I think it makes sense for them to be allowed on communications platforms and to be verified, so that people can see what they’re saying and know that it’s an official statement.

Then people can see the post and make their own judgements about it, knowing it’s an official agency statement.
Having twitter style factcheck for blatant misinformation is also important for this, though.
⁨Comment⁩ on ⁨Bluesky just verified ICE⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
I think that tech companies taking a stand on what their employees and/or users believe in is a reasonable thing.

Idk what the employees of bluesky believe, but I’m fairly familiar with the bay area tech scene and I think that there is a decent chance that the employees would like to take a stand by not providing services to ICE.

That being said, idk if simply allowing them to have an account is providing services. I think it’s probably better to have govt agencies have verified accounts so people know when things are official statements, even if you disagree with the agency.
⁨Comment⁩ on ⁨Why isn't using a key file the most common way to log into self-hosted servers?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
What you’re looking for is probably something like certificate authentication, or mTLS. It exists, but it’s kind of a pain to set up on client devices so it’s not very common.

What’s more common and easier to set up and is nearly the same thing, is passkey authentication. Same in-flight security characteristics, but you typically need to pass a simple challenge for your device to unlock it.

There are a bunch of self-hosted auth options for both
⁨Comment⁩ on ⁨Anyone using Revolt?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
I wanna try matrix, but it’s crazy to me that no clients, even the official clients, support all the features. It really makes me hesitate lol
⁨Comment⁩ on ⁨who's gonna tell him?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Yeah, that was the incident that really made me look back on his previous action with fresh eyes and reconsider my opinion of him.

Like you said, it went downhill fast after that
⁨Comment⁩ on ⁨Such a dreamy guy⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Jastate?
Odd name
⁨Comment⁩ on ⁨Lemmy's active userbase has been stable since September 2025⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Im not sure how these stats are collected, I assume that they query each server for its to make the chart, rather than query every server every day and copy the results.

If they’re really copying the results, then you’re absolutely correct that temporary instances outrages would cause those correlated downward blips, but I’m surprised to hear you wouldn’t just be able to query servers to get this data on demand.
But then again if a server went permanently offline you’d lose that data forever. Hmmm
⁨Comment⁩ on ⁨oh no :0⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
I don’t get it, and I feel like I’m probably not supposed to.
Kind of a shame. I guess I’ll just get led astray
⁨Comment⁩ on ⁨Lemmy's active userbase has been stable since September 2025⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
A statistician explain to me why these graphs seem correlated beyond general trend? They both seem to have localized events on the same day, but given their different timescales that doesn’t seem like it should be possible.

I raised the same concern on the other post too, but idk enough about statistics to for sure say something seems fishy.
⁨Comment⁩ on ⁨we need more users⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
But they should be offset. Monthly MAU departures shouldn’t reflect in half-year until 5 months later. And half-year departures shouldn’t influence the MAU at all.

The fact that they line up to they day strikes me as very suspicious.
But I’m not a statistician
⁨Comment⁩ on ⁨we need more users⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Right, that’s why I suggest providing both an opinionated option and an opinionated option. Like a “recommended” section and a “full list” section.

Let people without contest and who don’t care to learn the context in advance use an opinionated picker, but don’t withhold from people who want to dig in.

But it turns out I misunderstood the example that was given - those instances aren’t shown because they simply aren’t piefed instances.
⁨Comment⁩ on ⁨we need more users⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Ah I misunderstood your example, I thought you were saying instances were intentionally excluded from the picker rather than “instances that don’t support this platform don’t appear”.

I’m not going to opine on what constitutes a “real” leftist apart from saying that left/right dichotomy really doesn’t describe reality well.
⁨Comment⁩ on ⁨we need more users⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:

join-lemmy.org/instances will send you to places like hexbear.net and lemmy.ml, whereas piefed.social/auth/instance_chooser literally never will.

Honestly I think this is a problem. I don’t think the instance picker should be so opinionated that it blocks (legal) instances. I want extremist to be directed away from the normie and moderate instances.
⁨Comment⁩ on ⁨we need more users⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:

this site

This isn’t a site. It’s a collection of sites (instances).
If there is an instance that doesn’t tolerate your kind of speech, then choose another instance that does.

Be aware that two of the largest hardcore left-leaning instances (hexbear, ml) have been widely defederated (instance-blocked), so it’s not fair to say that this only happens to right leaning or centrist ideas.

The beauty (and point) of Lemmy and fediverse is that if you feel like you’re being censored, you can join or make an instance of like-minded people, while still having access to the other area if you want it.
⁨Comment⁩ on ⁨we need more users⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
It seems strange that these two curves so closely match eachother in shape.

When 6month active users drop that means 6 months ago a user stopped using the platform.
When monthly active users drop that means a month ago a user stopped using the platform.
So this would suggest that there is a correlation between user attrition 6 months ago and last month.
⁨Comment⁩ on ⁨Self-hosting in 2025 isn't about privacy anymore - it's about building resistance infrastructure⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Thank you!

This is almost exactly my motivation when I recently started my homelab journey. A bit of privacy, but what pushed me over the edge is that I was supporting these anti-social corporations with my money or data, when they went fully mask-off.