ryokimball
@ryokimball@infosec.pub
- Comment on Hosting Dockerized website on VPS with Apache 1 day ago:
I am sick and slightly out of my mind anyway so I’m not going to be very helpful. One thing that stands out though, if you can SSH the machine and you can curl local host to Port 8,000 or whatever. This should help you troubleshooting the container while it lives on the VPS I think
- Comment on Considering self hosting my own git repositories. What are some options? 1 week ago:
Idk, I had not heard of gitea or forgejo before. Personally I really want strong & flexible CI/CD, and Don’t know what the alternatives have to offer there, but it would be worth looking into. GitLab is pretty resource-heavy even for low user count.
- Comment on Considering self hosting my own git repositories. What are some options? 1 week ago:
Self-hosting gitlab?
- Comment on Sftp client gor android? 2 weeks ago:
I’ve used Ghost Commander for this; I’ve tried several and disliked it the least. That said, really wind up doing SCP over command line with termux.
- Comment on Getting worn out with all these docker images and CLI hosted apps 1 month ago:
I don’t consider an app deployable until I can run a single script and watch it run. For instance I do not run docker/podman containers raw, always with a compose and/or other orchestration. Not consciously but I probably kill and restart it several times just to be sure it’s reproducible.
- Comment on Tagging music in Jellyfin & Symphonium 1 month ago:
My entire music library must pass through beets first. If it’s not automatically tagged I will manually search, and finally (esp for locals’ or friends’ music) I will manually tag it using eyeD3 and import through beets as l-is.
- Comment on How do I avoid becoming one with the botnet? 1 month ago:
I think most home lab/shelf hosters start off because they want to learn something. I think (generally, philosophically) many people never start something new even if it interests them because they are afraid. To this point, it sounds like you can either let the fear prevent you from doing what you want, or you can use the fear as a learning tool.
Start simple. Build something very easy and isolated, air gap it if you need to. Figure out how logs and monitoring work, maybe even try attacking it yourself, so you have confidence that even if it’s compromised you will see how and why. Then you can connect it to the internet, isolated from the rest of your network, and then you will learn how well- or un-founded those fears are. Learn even more about monitoring and defending, then start looking for a job as a cybersecurity professional because you are already well underway.
- Comment on How do I avoid becoming one with the botnet? 1 month ago:
They don’t have to succeed once.
Use antivirus and other endpoint security measures. Rotate your passwords and keys. Use Everything as Code, and for goodness sake make backups.
If you find yourself compromised, rotate and burn the keys, wipe and redeploy.
- Comment on Help getting started with self hosting Jellyfin via NAS? 1 month ago:
I have a much older NAS with not a lot of compute power, but it’s only purpose is to share data. I have a a proxmox server that connects to the NAS through NFS and does the actual transcoding, etc.
- Comment on Selfhosted coding assistant? 2 months ago:
I have heard good things about LM Studio from several professional coders and tinkers alike. Not tried it myself yet though, but I might have to bite the bullet because I can’t seem to get ollama to perform how I want.
TabbyML is another thing to try.
- Submitted 2 months ago to selfhosted@lemmy.world | 2 comments
- Comment on [deleted] 2 months ago:
It is the leading cause of death for ages 1-19 though
- Comment on Humble Bundle have a nice collection of games for handhelds 2 months ago:
Got it just for Haste. Might also try Creatures of Ava.
- Comment on This Looks kinda cool, but does anyone have any experience at vetting a project like this? 2 months ago:
Looks like on Reddit, the creator is blocking people from reporting things like sending data to foreign servers.
- Comment on What are good option for self hosting home security camera? 2 months ago:
I tried using kerberos.io a while back, I did not have success but I think that’s because my setup was wonky. We’re looking into, at least.
Also, HandsOnKatie has done a couple videos on home surveillance, I know she likes ReoLink and Home Assistant But I don’t remember what her full software stack set up as like.
- Comment on Smarties are like the chocolate version of jellybeans 2 months ago:
Not outside the US, specifically I think in Canada they are basically M&Ms
- Comment on How do you healthcheck your containers? 3 months ago:
What happened to grafana and Prometheus?
I have been putting off rebuilding my home cluster since moving but that used to be the default for much of this and I’m not hearing that in these responses.
- Comment on Docker security 3 months ago:
I use podman instead, though I’m honestly not certain this “fixes” the problem you described. I assume it does purely on the no-root point.
- Comment on [deleted] 3 months ago:
You can configure Dropbear to allow SSH unlocking. I have also heard of some key management software over network that can perform this role for you as well.
- Comment on Local DNS on Pihole 4 months ago:
Can you just point the second to the first?
- Comment on [Proxmox] Jellyfin w/ NAS mount + iGPU passthrough 4 months ago:
I want to say iGPU makes things easier, not because of experience but only because I tried passing through an Nvidia card and the instructions all insinuated this was more difficult than any other option
- Comment on [Proxmox] Jellyfin w/ NAS mount + iGPU passthrough 4 months ago:
There is a helper script for jellyfin LXC. From memory I can’t help much, but I suggest searching for that. I think the default specs for disk space and RAM were weak, But setup was easy enough. After the initial helper script, you will need to learn how to mount the NAS into the LXC as well.
- Comment on Turning Grafana into a health tracking app 4 months ago:
Love this. Thanks for sharing.
- Comment on What's the real danger of opening ports? 5 months ago:
You’re correct, imma let voice-to-text take the blame there.
- Comment on What's the real danger of opening ports? 5 months ago:
If you are trying to access several different services through the internet to your home network, you are better off setting up a home VPN then trying to manage multiple public facing services. The more you publish directly to the public, the more difficult it is to keep up with everything; It is likely needlessly expanding your threat exposure. Plus you never know when a new exploit gets published against any of the services you have available.
- Comment on rootless backup or rootless podman volumes? 5 months ago:
Sounds legit to me. Padman could be seen as a separate Unix system or the programs to live in, and therefore would have its own set of user and group IDs. As long as the created files have permissions that are different from The host permissions and they will still be inaccessible without some permission manipulation.
- Comment on What is the easiest way to have a self hosted git server? 5 months ago:
This is not the simplest answer at all but FYI you can also self host gitlab
- Comment on Confirm passthrough understanding for proxmox 6 months ago:
It even sounds like this is handled on proxmox’s side, no need for iommu stuff
- Comment on Confirm passthrough understanding for proxmox 6 months ago:
I did just find this quote on reddit:
A GPU can only be passed through to the a single VM at time though Proxmox can pass it through to multiple containers (LXC) but they can only run Linux instances.
I’ll have to look more into this but sounds promising
- Submitted 6 months ago to selfhosted@lemmy.world | 7 comments