a_fancy_kiwi
@a_fancy_kiwi@lemmy.world
- Comment on The “Dark” Greek Telegram. 4 days ago:
To go along with that, Telegram doesn’t make it easy to set up an encrypted chat. First, you have to set up a regular chat, then tap on the profile image of the person you are messaging, then tap the 3 dot menu, and finally tap “secret chat”. It’s there but they clearly don’t want people using it.
- Comment on Microsoft is killing OneNote for Windows 10 1 week ago:
I don’t know what the fuck is going on. The client app connects to all 4 servers it needs a connection to. I can create a user on the server and all clients can login using it, I just can’t get notes to sync.
Official docs here
I found this tutorial1 and this tutorial2
Tutorial2 makes this one port change to the official docker compose file but otherwise is seemingly the same as tutorial1:
notesnook-s3: image: minio/minio:RELEASE.2024-07-29T22-14-52Z ports: - 9009:9000 - 9090:9090
With that change, and setting the port of the domain to 9090, I can access minio in the browser. But I don’t know if that’s necessary or not. I’m stumped.
- Comment on Microsoft is killing OneNote for Windows 10 1 week ago:
Did you by chance self host the sync server using docker compose? Their instructions aren’t great and I was hoping you had some tips.
For anyone else interested, if I figure it out, I’ll post what I did here.
- Comment on How do you all handle security and monitoring for your publicly accessible services? 1 month ago:
has some basic monitoring on them.
What monitoring software are you using?
I feel like the other measures you talked about (backups, condom of network traffic, etc) I’m doing ok on. Its really just the monitoring where I’m stuck. There’s so many options
- Comment on How do you all handle security and monitoring for your publicly accessible services? 1 month ago:
I’ll look into it, thank you
- Comment on How do you all handle security and monitoring for your publicly accessible services? 1 month ago:
I’ve seen a bunch of people recommend Authelia. Do you mind if I ask why you went with it over other software? I only went with authentik because I found a tutorial on it first
- Comment on How do you all handle security and monitoring for your publicly accessible services? 1 month ago:
-
check
-
check
-
check
-
I saw someone else recommend crowdsec. I’ll look into it, thanks
if you use one of those 5$/month VPSes, with a VPN tunnel to your backend services, that adds one layer of “if it’s compromised, they’re not in your house”.
I’ve heard this mentioned before but I don’t really understand how this works in practice. If the VPS was compromised, couldn’t they use the VPN to then connect to my home?
-
- Comment on How do you all handle security and monitoring for your publicly accessible services? 1 month ago:
Caddy only allows private IP ranges
Do you mind telling me more about this? How does that work; a VPN?
- Comment on How do you all handle security and monitoring for your publicly accessible services? 1 month ago:
will do, thanks
- Comment on How do you all handle security and monitoring for your publicly accessible services? 1 month ago:
If it were only me using the apps, I’d be using a VPN. Over the years, I’ve used OpenVPN, Wireguard, and now Tailscale. In my experience, they work like 99% of the time. That last 1% though is weird connection issues; usually when switching between WiFi and cellular (or vice versa) but sometimes it’s my server or ISP and I havr to turn the VPN off and back on to troubleshoot. My partner will either turn off the VPN and forget to turn it back on or they will forget about the VPN completely and not be able to use their phone. Ideally, I’d like to set something up that doesn’t require any potential troubleshooting on their part so I can avoid hearing “why can’t we just use Google photos?” or “what’s wrong with Google home?” 😓
- Comment on How do you all handle security and monitoring for your publicly accessible services? 1 month ago:
that’s awesome. thanks!
- Comment on How do you all handle security and monitoring for your publicly accessible services? 1 month ago:
oh, my mistake. tbh, I don’t know enough about it but I’m interested. Why set up a TLS cert for AI at home? How is that benefiting you and your setup?
I’ve seen some people set up SSL certs for self hosted services and not make them publicly available but I didn’t get around to seeing why they were doing it
- Comment on How do you all handle security and monitoring for your publicly accessible services? 1 month ago:
Have also set it up so they get banned on Cloudflare’s side, so before another malicious request ever reaches me.
How did you end up setting that up?
- Comment on How do you all handle security and monitoring for your publicly accessible services? 1 month ago:
Most definitely does not need a public URL for Assist in HA. Not sure where you read that.
You’re probably right. At one point, I had a subscription to homeassistant cloud a few years back to use a google nest speaker at the time. I was just going off that I guess. I’ll do some testing and will probably put it back behind tailscale. thanks for the heads up
It sounds like you need a VPN to your internal services if you’re concerned about security.
I’m more so concerned that I set something up incorrectly and would like to be made aware of it in the event someone else noticed
- Comment on How do you all handle security and monitoring for your publicly accessible services? 1 month ago:
I feel weird about having those apps on the internet and basically being blind to threats. I mean yeah, I’m not a target on anyone’s list and most IPs visiting the site are bots. But I would still like to know what’s going on.
I don’t work in tech for a living, this is just a hobby for me so I have limited time to work on this stuff and do research. It’s very possible I fucked something up and don’t know it. I figured if I at least got an alert that said “hey, your immich server db was dumped and sent to <insert IP>”, I could at least turn it off
- Comment on How do you all handle security and monitoring for your publicly accessible services? 1 month ago:
If you have access to all devices, why not just use your own self signed certificates to encrypt everything and require the certificate for all connections?
Sounds like you are describing a VPN. I was using that setup before but small stuff like immich album sharing via a link won’t work properly. Also, having to ensure a vpn is on and connected is a little to much to ask of my partner; they would turn it off and forget about it and then ask why their app wasn’t working :/
- Comment on How do you all handle security and monitoring for your publicly accessible services? 1 month ago:
I’ve been playing around with the voice assistant stuff in homeassistant and it seemingly needs a public url to get all the features. I could be wrong about that though?
I put authentik in front of immich to handle authentication so that I would need need a 2FA code
- Submitted 1 month ago to selfhosted@lemmy.world | 71 comments
- Submitted 2 months ago to selfhosted@lemmy.world | 0 comments
- Comment on Spotify’s Plans For AI Generated Music, Podcasts, and Recommendations, According To Its Co-President, CTO, and CPO Gustav Söderström 4 months ago:
Some YouTube creators are doing this right now. AI generated translations with the creator’s voice. Looking at it from simply a nerds’s perspective, it’s fucking neato