rtxn

@rtxn@lemmy.world

This is a remote user, information on this page may be incomplete. View at Source ↗

I take my shitposts very seriously.

⁨Comment⁩ on ⁨⁩ ⁨⁨23⁩ ⁨hours⁩ ago⁩:
You are literally on Lemmy. The project owner’s views are well-known.
⁨Comment⁩ on ⁨This is another implementation of what's possible inside of termux for all you self hosters.⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:

on limewire

Not only has this made me realize how fucking old I am, but I also got curious about how Limewire is doing, and…

In September 2025, LimeWire acquired the Fyre Festival brand, including its intellectual property, trademarks, online domains, and social media assets, from Billy McFarland via an auction held on eBay.

At this point, my 2025 bingo card would serve better as kindling.
⁨Comment⁩ on ⁨Radicale - What am I supposed to do?⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:
You make a new user specifically to run Radicale processes. The user should have write access only to Radicale’s directories, nothing else.
⁨Comment⁩ on ⁨Is it possible to make WoL unicast work indefinitely?⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
The most straight-forward method would be to buy a standalone switch. I have a TP-LINK TL-SG108 8-port gigabit switch and it seems to retain the ARP table indefinitely.

My previous solution was an ESP32 board with an SSH server and a relay, wired parallel with the power switch, that would be closed by an output pin on command.
⁨Comment⁩ on ⁨[deleted]⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
How much experience do you have with networking, exactly?

The DNS record points to a private IPv4 address (10.0.0.41), which cannot be accessed from the internet for multiple reasons; first of which is that it’s almost certainly behind a NAT gateway.

Your internet provider has given you a single publicly routable IPv4 address and assigned it to the WAN interface on your modem or router. If you want to access a host on the LAN, you’ll first have to configure port mapping or port forwarding on the router. Then you’ll have to open holes in your firewall and accept the fact that every bad actor will try to break into that host unless you know how to set up network security.
⁨Comment⁩ on ⁨⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Linux has two different kinds of “used” memory. One is memory allocated for/by running processes that cannot be reclaimed or reallocated to another process. This memory is unavailable. The other kind is memory used for caching (ZFS, write-back cache, etc) that can be reclaimed and allocated for other things as needed. Memory that is not allocated in any way is free. Memory that is either free or allocated to cache is available.

It looks like htop only shows unavailable memory as “used”, while proxmox shows the sum of unavailable and cached memory. Proxmox “uses” 11 GB, but it’s not running out of memory because most of it is “available”.
⁨Comment⁩ on ⁨how to start with self-hosting?⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Proxmox is a great starting point. I use it in my home server and at work. It’s built on Debian, with a web interface to manage your virtual machines and containers, the virtual network (trivial unless you need advanced features), virtual disks, and installer images.
⁨Comment⁩ on ⁨Make it make sense ⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
The Mythbusters did it! They couldn’t even get up to speed to begin the first experiment because the traffic jam formed naturally.
⁨Comment⁩ on ⁨Why are anime catgirls blocking my access to the Linux kernel?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
New developments: just a few hours before I post this comment, The Register posted an article about AI crawler traffic. www.theregister.com/2025/…/ai_crawler_traffic/

Anubis’ developer was interviewed and they posted the responses on their website: xeiaso.net/notes/2025/el-reg-responses/

In particular:

Fastly’s claims that 80% of bot traffic is now AI crawlers

In some cases for open source projects, we’ve seen upwards of 95% of traffic being AI crawlers. For one, deploying Anubis almost instantly caused server load to crater by so much that it made them think they accidentally took their site offline. One of my customers had their power bills drop by a significant fraction after deploying Anubis. It’s nuts.

So, yeah. If we believe Xe, OOP’s article is complete hogwash.
⁨Comment⁩ on ⁨Why are anime catgirls blocking my access to the Linux kernel?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
That’s why the developer is working on a better detection mechanism. xeiaso.net/…/avoiding-becoming-peg-dependency/
⁨Comment⁩ on ⁨Why are anime catgirls blocking my access to the Linux kernel?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
The developer is working on upgrades and better tools. xeiaso.net/…/avoiding-becoming-peg-dependency/
⁨Comment⁩ on ⁨Why are anime catgirls blocking my access to the Linux kernel?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
The current version of Anubis was made as a quick “good enough” solution to an emergency. The article is very enthusiastic about explaining why it shouldn’t work, but completely glosses over the fact that it has worked, at least to an extent where deploying it and maybe inconveniencing some users is preferable to having the entire web server choked out by a flood of scraper requests.
⁨Comment⁩ on ⁨[deleted]⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
You can go with Debian (or Devuan), easily. My home server is running Proxmox (Debian-based itself) and multiple Debian containers on an i3-4150 and previously 4GB RAM (now mis-matched 10GB).
⁨Comment⁩ on ⁨Securing a 'public' service for family⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Bro is also concerned about attacks on exposed well-known ports, in which case bro can use Tailscale Funnel to expose a service without exposing a port. Besides, bro can make up bro’s own mind.
⁨Comment⁩ on ⁨Securing a 'public' service for family⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Consider Tailscale. It’s a mesh VPN based on Wireguard that uses a hosted service to manage keys and devices. It works without having to expose any ports on the firewall, and can expose a service through a relay server.

Some people will say that you shouldn’t trust it because company bad, but you should give it a try and make up your own mind. If you’re feeling adventurous, you can install Headscale on a VPS to serve as a control server.

⁨Comment⁩ on ⁨Is this mail something I should be concerned about?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

I can’t believe it. The incident has actually been reported!


I don't use Caddy, but it seems like it tried to generate and write a TLS certificate into `/usr/local`, but didn't have the necessary permissions. Is Caddy running in a container?

⁨Comment⁩ on ⁨Turn linux server into a router?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Do not do that. You need to set up VLANs and proper separation between them on both the switch and the router, assuming the switch even supports tagged trunk lines. If you don’t, you’re just connecting all of your clients to the unfiltered internet.
⁨Comment⁩ on ⁨Turn linux server into a router?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Yes, that will be enough. You can also use a single port on the NIC and the one on the motherboard if it can handle the ethernet speed you want.

This is my network setup on Proxmox: Image

vmbr0 is a bridge that has a single port going to the modem. The OPNSense VM’s first virtual interface is connected to this and configured as a WAN interface. Nothing else connects to this bridge as it is exposed to the internet.

vmbr1 also has a single port that goes to the physical switch. OPNSense’s second interface connects to it as a LAN port, as well as every other VM and container running on the server.
⁨Comment⁩ on ⁨Turn linux server into a router?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
You can use OPNSense inside a virtual machine. You can use QEMU or install the Proxmox toolkit over Debian to manage it.

You’ll have to create a bridge network for the WAN and the LAN interface, connect them to the VM, then configure the virtual interfaces inside OPNSense.
⁨Comment⁩ on ⁨More adventures in self-hosting the fediverse⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Please share those options, don’t keep them secret.
⁨Comment⁩ on ⁨Your favourite piece of selfhosting - Part 1 - Operating System⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
PVE running on a pile of e-waste. Most of the parts are leftovers from my parents’ old PC that couldn’t handle Win10. Proxmox loves it. Even the 10GB mis-matched DDR3 memory. The only full VM is OPNSense (formerly pfSense), everything else runs inside Debian containers. It only struggles when Jellyfin has to transcode something because I don’t have a spare GPU.
⁨Comment⁩ on ⁨Your favourite piece of selfhosting - Part 1 - Operating System⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
+1 for OMV. I use it at work all the time to serve Clonezilla images through an SMB share. It’s extremely reliable.

My first choice for that role was TrueNAS, but at the time I had to use an old-ass Dell server that only had hardware RAID, and TrueNAS couldn’t use ZFS with it.
⁨Comment⁩ on ⁨Selfhosted - friendly ways to fight spam without email / sms verification?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Still don’t understand why they cut the fleeb.
⁨Comment⁩ on ⁨Simplifying Crypto Parties⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
I don’t think you fully comprehend just how many footprints people leave behind on the internet. Users would have to practice perfect opsec – and I mean completely, absolutely perfect. One mistake, like using an e-mail address or an alias off-site, will link a person to the account. It’s happened before.

Thinking you can solve the issue of privacy with a single idea is simply delusional.
⁨Comment⁩ on ⁨Simplifying Crypto Parties⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Have you heard of surveillance cameras and facial recognition? If a hostile actor knows in advance that members of a targeted online community will be physically present at a location at a given time, those people will be linked to the community. It doesn’t take a lot from then to link specific persons to accounts.
⁨Comment⁩ on ⁨[deleted]⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Something’s not right. There shouldn’t be a deck-tailscale.sh file. There’s supposed to be a directory named deck-tailscale and a tailscale.sh and some other files inside it.

Here’s what you do. First, open a terminal like Konsole. Then run these commands:
```
git clone https://github.com/tailscale-dev/deck-tailscale
cd deck-tailscale
sudo bash tailscale.sh
```
⁨Comment⁩ on ⁨[deleted]⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
You should see “Getting version…” right after running the script. Did you cd into the directory where the repository was cloned?
⁨Comment⁩ on ⁨[deleted]⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Program no worky will not be enough if you want help. What is the exact output when you try to run tailscale.sh?
⁨Comment⁩ on ⁨[deleted]⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
The problem is that your phone’s hotspot network doesn’t advertise routes through the Tailscale tunnel. I don’t know how/if it can be done.

Try this guide on the deck: github.com/tailscale-dev/deck-tailscale
⁨Comment⁩ on ⁨What are your VPN recommendations for accessing self-hosted applications from the outside?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Managing Wireguard is just one of Tailscale’s features.

It uses some UDP black magic fuckery to get through NAT and firewalls without having to open ports. Very useful if you’re behind CGNAT and/or your ISP is a dickhead and locks down the firewall on your router (this is why I use it; eat a dick, Vodafone). If the UDP fuckery is not available, it reverts to simple relay servers. The client can also advertise subnets and route to hosts on it. You could install the Tailscale client on OPNSense/pfSense/OpenWRT and access your entire home network through that one device.