thelittleblackbird
@thelittleblackbird@lemmy.world
- Comment on [deleted] 1 day ago:
I would recommend an LDAP sever for user Auth.
There you can create/authenticate user with a central repo in a machine independent fashion. Also having the possibility to allow /egate specific services from the central database is a big plus.
It seems difficult at the very beginning but it quickly pays off. Give it a try
- Comment on Migrating from Nextcloud AIO to Owncloud Infinite Scale: Good Idea? 1 month ago:
No idea at all, but I am highly interested in your experience. So it would be great if you could came here back to share it with us
- Comment on Maintaining a level of anonymity. 2 months ago:
Even if you have a valid point, modern fingerprinting technics usually is done through your data and the connection dependencies of them (which accounts are activated from the sane computer and so on).
Selfhosting remove some links between your data set like the files you store in drive, the people who appear in your photos, your contact list, to whom you email… Etc etc
Suddenly all this data is vanishing from the big techs, so, in theory it would be possible to make that association process more difficult
- Comment on Maintaining a level of anonymity. 2 months ago:
Then follow that path, once you are comfortable with the approach you can start hosting more and more services,to the point that you can selfhost your own messenger services or ms teams services.
Once you are in that situation, you can think in accounts rotation and/or burner identities to address the services you can not pull from the big techs
- Comment on 2 months ago:
OK, thanks for the feedback. Perhaps I am doing something terrible wrong with it.
I will recheck the system again.
Thanks
- Comment on Maintaining a level of anonymity. 2 months ago:
You need to start reducing your fingerprint on internet.
The only reliable way to do so is selfhosting your stuff.
There are a few communities here in lemmy, so check on them
- Comment on 2 months ago:
Would you mind to elaborate a bit more about your experience witht he sophos?
I got a reused xgs115 a few months ago and I found the experience not so pleasant. The device lags a lot with the web page interface, the learning curve is steep in my opinion and I have problems to setup some services in a reliable way (they tends to hangs up, but this is perhaps my own problem)
Do you know by chance if they are able to have the Ds-lite tunnel for an ipv6 to ipv4 working?
- Comment on Planning build: Power efficient headless steam machine, and later upgrade for AI tasks 11 months ago:
Definitely.
I forgot to add that it would be necessary not to overdimension the set up. Any extra power is something that needs to be powered.
But with the chosen cpu and GPU there is not a lot of room here.
- Comment on Planning build: Power efficient headless steam machine, and later upgrade for AI tasks 11 months ago:
Some tips here:
- get a platinum rated power supply, if you can afford it go for a titanium. The efficiency in the power supply is half of the efficiency of the rig
- reduce the number of the modules to the minimum
- get a platinum rated power supply ;)
- get big passive coolers, you want to idle the fans
- reduce the number of usb and connectors to the minimum. Their converters are not the most efficient. Try not to connect enything on them.
- NO mechanical parts (including fans or water coolers)
- set schedulers to conservative or power efficient. You don’t want to spike the power just because a task is 2ms longer than expected.
- pick a power efficient CPU/gpu (I think we can discard this one based in your choices)
- use the latest amd adaptative undervoltage technology to ensure to reduce the wattage of the cores
- try to reduce to the bareminimum the number of background tasks /services running.
And that’s all. Sometimes there is a component of trial and error because sometimes the curve performance / power is not entirely linear and you don’t want to hit exponential-non-linear zone.
Good luck and if you can post you build with numbers and some lessons learnt would be great
Good luck
- Comment on jellyfin freezes on TV every 2 minutes 11 months ago:
Hi,
Every time it happened to me was either transcoding, either a real poor network speed.
I would double check the transcoding option
- Comment on VPNs, self hosting & security 11 months ago:
Oooops, that was not certainly the intention.
Clearly I need to work in my communication skills. My apologies if I really upset you
- Comment on VPNs, self hosting & security 1 year ago:
From your text I understand you are not a really tech savvy person and yiu are really struggling with all the service and configuration involved.
If you want a simple tip, stick to tailscale, it is a vpn and will protect all your services because you will not have access from internet. It is pretty safe and the configuration is trivial.
The obvious drawback is that you won’t have internet access without installing the vpn, which depending the use case can be a deal breaker.
Honestly, a proper configured nginx with certificates and strong password are reasonable secure when there is not any misconfiguration. But if you are in doubt stick to tailscale.
Good luck :)
- Submitted 1 year ago to selfhosted@lemmy.world | 2 comments
- Comment on CGNAT blocking external access to NAS. Looking to address this plus more. 1 year ago:
Truly incredible, shame on the.
Question then.
Are you experimenting some kind of connections problems?
I ask because I know some multiplayer games make a heavy use of the ipv6. Steam have some servers that are not reachable via ipv4, and don’t speak about vps…
- Comment on CGNAT blocking external access to NAS. Looking to address this plus more. 1 year ago:
Honestly, I cannt believe it.
Double or triple check it. The problem these days is to get a semifucntianl ipv4, they are expensive, scarce and full of problems.
Ipv6 on the contrary is abundant and all enterprise equipment fully support it since decades.
- Comment on CGNAT blocking external access to NAS. Looking to address this plus more. 1 year ago:
Take wiht a bit (or a lot) of salt what I am gonna say. Because undoubtedly I am. Missing something here.
But if what you a already say is true probably you are not restricting anything. The recommended way to do so is with a firewall rule (probably in your router).
You are extending the subnet definition beyond the 16 bits. This can create problems and I doubt that your router will block anything if something crafted is received from Internet.
But of course, being the extremely big address space your are probably safe.
I any case, with a firewall rule in your router allowing only the proxy to go receive connections, you should be good and more standard conform
- Comment on CGNAT blocking external access to NAS. Looking to address this plus more. 1 year ago:
This is not the Nat functionality as people associated with ipv4, and certainly it is not showing the drawback of allowing the communication only when the NATed client started the communication.
Even if they are alike they are not the same.
I reaffirm myself here. It is possible to have full ipv6 communication and providers do not have cgnats. It is your easiest and most uncomplicated solution with almost nothing to install to make it work.
And in addition, I have to say that I don’t see any benefit in using such functionality at home. If someone can illustrate me a use case I would be thankful
- Comment on CGNAT blocking external access to NAS. Looking to address this plus more. 1 year ago:
Ipv6
Cgnats don’t exist in ipv6. Nat doesn’t exist in ipv6
What also could happen is your isp blocking some ports from outside its network as a security approach, but normally you can ask to free a range of port from the firewall.
- Comment on Cost-cutting tips? 1 year ago:
Something that I usually forgotten is that cgnats are only there for ipv4. Running your server in ipv6 is almost a safe bet to have good connectivity.
And you know, these days getting a real ipv4 is more expensive than running in ipv6
- Comment on APC UPS switches to battery 50 times a day 1 year ago:
It could also be noise on the line, try introducing a ferromagnetic filter (low pass filter) to see if the situation improves.
Check also that the occurrences are not linked with the activation of an electric motor. I one bought a meat grinder that evertyime was on the analogical radio got only noise. And they even were not connected to the same circuit.
- Comment on Music Player container 1 year ago:
Give kodi a try ;)
- Comment on Question about Vaultwarden 1 year ago:
OK got what you mean.
For avoiding the cases you are describing I use several plugins for the keepass (original flavour) so in my desktop it syncs directly with the cloud.
And in my android I use keepass2androd thst is able to open the database from the cloud too.
Regards
- Comment on Question about Vaultwarden 1 year ago:
May I ask what is wrong with your archaic setup?
I have exactly the same config and I find it easy and reliable for not asking for a change.
Am I missing some points or what is going on?
- Comment on Is bit rot really a threat that I should worry about? 1 year ago:
Save yourself a headache and use btrfs/zfs with periodically checks as suggested in another post.
Who cares if it is a problem or not when it has a simple and inexpensive solution.
- Comment on [Question] does anybody know CalDAV+CardDAV server with multiuser LDAP support? 1 year ago:
Ok, Thanks to all, it seems I am doing something wrong with my nextcloud instance. I will double check again to see what the problem could be
- Comment on [Question] does anybody know CalDAV+CardDAV server with multiuser LDAP support? 1 year ago:
Thanks for the answer, I don’t know why but I overlooked this solution.
Let’s see if I am able to spin it up
- Comment on [Question] does anybody know CalDAV+CardDAV server with multiuser LDAP support? 1 year ago:
I already tried nextcloud but it doesn’t seems to support a proper a sync (2 ways sync), in addition the address book appears to be common to all nextcloud users.
So unless you can tell me I am doing something wrong it doesn’t look like an option
- Submitted 1 year ago to selfhosted@lemmy.world | 9 comments