IsoKiero
@IsoKiero@sopuli.xyz
- Comment on Suggestions for file sync / android backup / sharing software (nextcloud alternative) 1 day ago:
I’ve used Seafile for years just for this. I haven’t ran that on pi, but on virtual machine it runs pretty smoothly and android client is pretty hassle free.
- Comment on What you can recommend for first time? 4 months ago:
I’d first recommend that you think about what you need.
This is the absolutely correct option. I’ve set up way too many things without a use case and lost interest shortly after. If you have a real world use case for your project, even if it’s just for yourself, you’ll have the incentive to keep it going. If you’re just setting things up for the sake of it the hobby loses it’s appeal pretty quickly. Of course you’ll learn a thing or two on the way but without a real world use case the things you set up will either become a burden to keep up with or they’re eventually just deleted.
Personally, tinkering with things that are just removed after a while gave me skills which landed me on my current job, but it’s affected myself enough that I don’t enjoy setting things up just for the sake of it anymore. Of course time plays a part on this, I’ve been doing this long enough that when I started a basic LAMP server was a pretty neat thing to have around, so take this with a grain of oldtimer salt, but my experience is that setting up things that are actually useful on a long term is way more rewarding than spinning up something which gets deleted in a month and it’ll keep the spark going on for much longer.
- Comment on [deleted] 4 months ago:
Hashing is one-way encryption. So, while you’re techcnically correct that they’re not encrypted in the traditional sense (encryption is reversible), for many it’s easier to understand the concept of encryption instead of hashing and terms are often used interchangeable.
- Comment on [deleted] 4 months ago:
Logging depends on the instance. Many admins choose to not log any data which could be used to identify any individual, but verifying their claims (without a doubt) as a single user is pretty much impossible and there’s nothing stopping an instance admin of gathering all the data (s)he wants to.
Like are they protected or encrypted so the hackers can’t use them ?
Passwords are encrypted, but in case of a security breach on an instance they are still vulnerable, like with any other password leak. Majority of the systems today use one way encryption with their passwords, but still millions and millions of user accounts are leaked almost daily.
Also what is stoping the instance owners from abusing or selling these behind our back ?
Nothing.
or running a modded version of lemmy are they detectable ?
If done properly, no, you can’t detect them.
But that’s not any different from any of the services around the net. Companies like Meta and Google make their money by selling user data, advertisers track you and all the other things you’re most likely already aware of.
Administrator of my instance said that they don’t gather IP addresses or any other data they don’t need to keep the servers running and I trust them on that, but your mileage may vary. And then there’s different legal systems around the world where an admin might be forced to give out information about individual user, but where I live that’s not a thing.
- Comment on Self hosted Wetransfer? 4 months ago:
Seafile. I’ve used it for years, but I’m moving over to nextcloud as I could use other features it provides. They have paid options too, but unless you need LDAP or something more sophisticated for user management the community edition works just fine.
- Comment on Router recommendation 4 months ago:
I personally like mikrotik routers. They have all the features you could wish for and then some and they’re relatively cheap for the things they can do. I have RB4011iGS+ (I don’t think that exaxt model is available anymore) and it’s been rock solid. As I have fiber I just pulled the SPF-module from ISP’s box and plugged it in on my own hardware, so the router ISP provided is just gathering dust right now.
But it depends on what you’re really after. If you just need basic firewall/NAT/DHCP functionality and your connection speed is below 1Gbit pretty much any router will do. If you have fast connection and/or need for totally separate networks/VLAN/something else it’s a whole another matter.
- Comment on Devotion to duty 5 months ago:
Firewall kinda-sorta plays with this idea, but all the tech is pretty stupid (and main focus, if memory serves, isn’t even in the technology). It’s not a bad movie as a hollywood 13-in-a-dozen action category, but it’s a far cry from “Server Down” we have here.
- Comment on Devotion to duty 5 months ago:
Bing Chat (so ChatGPT) wrote an opening scene (or maybe more like a trailer, prompt was opening scene) too:
The opening scene of “Server Down” begins with a shot of a high-tech skyscraper. The camera then zooms into the basement of the building, where we see Jack Bauer, a nerdy and obsessive system administrator, working on his servers. He is surrounded by racks of blinking machines, tangled cables, and humming fans. Jack is wearing a t-shirt with a witty tech joke printed on it, and he is sipping a cup of coffee from a “World’s Best Sysadmin” mug.
Suddenly, the lights flicker, and the servers go offline. Jack’s face turns pale, and he drops his coffee mug. He frantically tries to reboot the servers, but nothing works. He checks the network connections, the power supply, and the cooling system, but everything seems fine. He then realizes that the problem is not with his servers, but with the building’s infrastructure. He rushes to the security room, where he finds out that the building has been taken over by terrorists.
The camera then cuts to the terrorists, who are holding the employees hostage and demanding a ransom from the government. They have cut off all communication lines, disabled the security cameras, and planted a bomb in the building. They are confident that they can get away with their plan, but they didn’t count on one thing: Jack Bauer.
The scene ends with Jack staring at the security monitors, his eyes burning with determination. He knows that he has to act fast to save his servers, his colleagues, and himself. He takes a deep breath, puts on his backpack, and heads towards the ventilation ducts. The adventure begins!
- Comment on Hetzner Server auction worth it? 5 months ago:
have seen some people have networking issues with them.
I’ve been a happy customer for hetzner for almost a decade and I haven’t had any issues with their networking. If you’re running virtualization you need to take care of you MAC addresses or they won’t allow traffic and eventually will kick you off from their platform (and they have a good reason to do so). As long as you play by their rules on their hardware it’s rock solid, specially for the price.
- Comment on Alone i n the dark is playable online on this wonderful website. 5 months ago:
Archive.org has a copy too. And ‘a few’ more, with image downloads so you can run them on a emulator (or on a real hardware).
- Comment on Scale to others countries 6 months ago:
While I agree with @rglullis@communick.news, this isn’t strictly speaking on-topic for this community, that kind of knee-jerk response is very much out of the topic as well. The first community rule is to be civil and in general I, perhaps optimistically, would like that conversation over fediverse in global would be civil, or at least well argumented, a bit like it used to be (more or less, YMMV) back in the usenet days.
And on the topic of self-hosting, that’s a line drawn in the water. I run various of things by myself (postfix+dovecot, LAMP, bitwarden, seafile, nextcloud…) on a rented servers running linux+kvm. And I get money by doing that, it’s a very much a business case, so I’m a bit reluctant to ask questions about the setup I have in here as I think it wouldn’t be fair to ask for advice from hobbyists in a project where money is directly involved. But for me personally that setup checks both sides of things. I get money by doing it, but at the same time I personally can get out of the walled gardens like M365 or Gsuite.
TL;DR: There’s no need to be rude, you can choose to politely point people in the right direction.
- Comment on How can I set up a VPN that will use the client IP address for the connection? 6 months ago:
While I think you could techincally spoof your originating IP at the VPN server to match your clients IP it wouldn’t do anything useful. That’s not how IP routing works. What you’re trying to achieve with a setup like that?
- Comment on How can I set up a VPN that will use the client IP address for the connection? 6 months ago:
Not necessarily. VPN can be used for that, but I’d be that more common use case is to access networks which are otherwise firewalled off from the public internet, like corporate LAN.
- Comment on Proper HDD clear process? 6 months ago:
And if you’re concenred on data written on sectors since reallocated you should physically destroy the whole drive anyways. With SSDs this is even more complicated, but I like to keep it pretty simple. If the data which has been stored on the drive at any point of it’s life is under any kind of NDA or other higly valuable contract it’s getting physically destroyed. If the drive spent it’s life storing my family photos a single run of zeroes with dd is enough.
At the end the question is that if at any point the drive held bits of anything even remotely near a cost of a new drive. If it did it’s hammer time, if it didn’t, most likely just wiping the partition table is enough. I’ve given away old drives with just ‘dd if=/dev/zero of=/dev/sdx bs=100M count=1’. On any system that appears as a blank drive and while it’s possible to recover the files from the drive it’s good enough for the donated drives. Everything else is either drilled trough multiple times or otherwise physically destroyed.
- Comment on Proper HDD clear process? 6 months ago:
Dd. It writes on disk at a block level and doesn’t care if there’s any kind of filesystem or raid configuration in place, it just writes zeroes (or whatever you ask it to write) to drive and that’s it. Depending on how tight your tin foil hat is, you might want to write couple of runs from /dev/zero and from /dev/urandom to the disk before handing them over, but in general a single full run from /dev/zero to the device makes it pretty much impossible for any Joe Average to get anything out of it.
And if you’re concerned that some three-letter agency is interested of your data you can use DBAN which does pretty much the same than dd, but automates the process and (afaik) does some extra magic to completely erase all the data, but in general if you’re worried enough about that scenario then I’d suggest using an arc furnace and literally melting the drives into a exciting new alloy.
- Comment on Spotify axes 17% of workforce in third round of layoffs this year 6 months ago:
According to my spotify wrapped I listened to about 2500 different artists. Yearly subscription is 143,88€, so if spotify took 30% and ther rest is split equally to every artist they’d get a nice 0,0578€ from me each. For your $26 that’d mean on similar math that you’d need ~450 listeners, so it’s atleast nearby the ballpark if you have 1000 streams on there.
I obviously omitted things like VAT and other taxes, payment processor fees and complexity of revenue streams in general, like how long I listened to each to keep it simple.
I’m not saying if that’s fair or not, I just did quick and rough math around the data I had easily available. All I know is that for that half a cent per artist I’m not providing anything to anyone but I receive quite a lot every day.
For more detailed info you can check spotifys own report.
- Comment on Setup a DNS server on a dynamic public ip 6 months ago:
You can’t configure DNS server by name on anything, so you’d need some kind of script/automation to query current IP address of your pihole from google/your ddns provider/someone and update that on your parents router which can be a bit tricky or straight impossible depending on the hardware.
VPN would solve both 1 and 2 from your list as your pihole would be available with static address on both locations. You can’t authenticate on DNS server by MAC as you don’t receive originating MAC at all. Other solution would be to get a static IP address from some provider and tunnel traffic so that your pihole could be reached trough that static address.
- Comment on Sustainable network upgrade 7 months ago:
Unifi ticks most of the boxes you have. Wifi will work without controller and they act as an bridge, so DHCP and other services work as-is, VLAN support is there (if you want to use different SSID for different VLAN then you need a controller) and so on. I have couple of their APs and I’ve been pretty happy, but that being said, their push for their own cloud-only products and the way they manage updates, longevity and other stuff isn’t the best (to say the least). For now it works absolutely great for what I need it, but at the future situation may change with a short notice.
No idea about T-link, but mikrotik devices are interesting. For wifi I don’t have any kind of experience, so I can’t recommend them, but on paper they seem pretty nice.
- Comment on What are some KVM-over-IP or equivalent solutions you guys would recommend for guaranteed remote access and remote power cycle? 8 months ago:
Lantronix has a product called Spider, which (several years ago when I used one) works wonders. To the host side it looks like a standard monitor, keyboard, mouse and usb. I’m not quite sure if they still actively develop that, but at least the product page is still available. It’s not cheap, so it might not be what you’re looking for, but I was impressed on what it can do (since the company I worked back then too care of the invoice). It can’t do power cycle or hit reset button, but beyond that it was pretty close to IPMI and other remote server management solutions.
With my own wallet I’d look for piKVM, but it’s not really cheap either and I don’t have any personal experience with it. For power cycle there’s a ton of companies who manufacure wall-warts which you can control over wifi, APC and other big players included, and for home gamers nodeMCU and shelly are solid options if you’re familiar with electronics, but they can’t do KVM over IP, so it might require using different products to remotely accessing the host and for power management.
- Comment on Adobe's latest wearable tech promises dynamic clothing that can change at the push of a button 8 months ago:
There’s also 30 second clip showing how the thing is built and it is pretty much scale mail -style pieces with an single pixel e-ink style display (apparently that’s not really e-ink, but something similar). That’s not something I would call ‘fabric’. Embedding electronics to clothing isn’t a new idea and it has been done by hobbyists and professionals over and over again with different solutions, this is just one more.
I don’t doubt her claim, she sewed the dress and the components on top of it, but that’s still not something I would call ‘dynamic clothing’. If I hot glue an E-ink display on my baseball cap and mount batteries + arduino on it would that be dynamic clothing? With some definition, maybe, but in my opinion the story claims to be a bit more than that.
- Comment on Adobe's latest wearable tech promises dynamic clothing that can change at the push of a button 8 months ago:
Power and compute unit is rather trivial problem to solve, I suppose it’s big as it’s on a prototype state. But that looks more like a scale mail apron with e-ink displays than a fabric you could actually use as a clothing. Neat tech demo, but that’s pretty much it.
- Comment on [deleted] 8 months ago:
Finland has the same + unlimited data. If I remember correctly mine has up to 150Mbps 4G (which never happens where I live), unlimited calls and sms’s for 18ish €/month.
- Comment on Recommendation for an UPS 8 months ago:
I have older 1500VA FSP running my hardware. I’ve changed batteries on it twice and it just keeps going and the batteries are easy to buy&replace. I suppose newer models are similar, but check the documentation before deciding.
- Comment on Mapping ports to domain URI 8 months ago:
You want a reverse proxy. But if nextcould is already reserving ports 80/443 you need a bit more configuration as it’s not possible for multiple processes to use the same port.
- Comment on How To Run Your Own Tor Node 8 months ago:
I ran one for a while. In Finland legislation is a bit different, so I wasn’t worried about breaking the law or getting sued, but my ISP got in touch pretty quickly. They were professionals and understood the situation when I explained why my traffic might look “a bit” suspicious and I attempted to clean up bad actors from the traffic with filtering and whatnot, but eventually ISP got enough complaints and they were pretty much forced to tell me that either I shut the exit node down or they’ll cut my line.
As I said, they were very professional about it, and managed the whole experiment as good as I ever could have hoped, but my agreement with them has an option that if I’m letting malware and bad actors leave the network even after warnings they can shut the connection down. And that’s understandable, I suppose they have similar agreements with other providers and they received all the abuse mail my exit node was causing, so I’m still a happy customer with them even if they eventually took the hard way.
I’m still pretty sure it would be possible to run filtered exit node, but it would require far more time and other resources that I’m willing to spend on a project like that and I’m not sure if a single person is enough for it anyways.
So, yes, do your homework and be careful. Legislation plays a significant part (depending on where you live), but your ISP most likely won’t like it either.
- Comment on Two battery setup in camper 8 months ago:
12V 200A relays are pretty easy to find (I wouldn’t get one from alibaba tho), but that much current requires quite beefy wiring as well. Personally I’d review options to place auxiliary batteries in parallel since that would simplify wiring and the whole system a bit, but as I don’t know how your camper is built it can be tricky or you need to sacrifice storage space somewhere.
And as you’re placing a battery at the same space where people stay be careful with hydrogen. Charging lead acid battery produces hydrogen and in the worst case scenario, specially if you have a gas stove be dangerous if not lethal.
- Comment on Two battery setup in camper 8 months ago:
So you’ll have total of 3 batteries at the car? One for engine, existing utility battery and now you’re planning to install another utility battery, right? That should work. I don’t know how much current you’re pulling from the battery, so it’s difficult to recommend anything. Common bosh switching relay is something you can find from pretty much every car part store for ~5€, but I think they’re rated only up to 40A and I wouldn’t push them to the limit. Check your inverter datasheet how much current it can draw and preferably get a relay which can do double the maximum rating for longevity and stability.
- Comment on Two battery setup in camper 8 months ago:
Get a switching relay or one normally closed and another normally open one. That way there’s no paraller connection at all. Connecting two batteries together with different voltage levels causes a huge current spike, think jump starting a car and how thick those cables are. Arcing will happen on the relay contacts no matter how you switch it if there’s load connected.
And since you’re not talking about a trailer, is one of the batteries for the car itself? Since if you’re planning to use the secondary battery as a car battery too you need very heavy wiring to give starter enough amps to run plus running that over a relay is a whole another beast to manage since starter motor can pull hundreds of amps momentarily.
- Comment on Two battery setup in camper 8 months ago:
You want to put the batteries in parallel, so you’ll have double the capacity. Installing them in a series would increase voltage and most likely damage something (mixing 12V systems with 24V battery pack doesn’t really work). Increasing capacity with another battery can cause strain on charger components, so make sure they’re beefy enough or at least have proper protection against overcurrent.
People are correct that you should use the same capacity batteries, preferably the same make/model and age. Mixing batteries can cause problems where one battery drains faster and other(s) start to charge the lower level one so you’ll have less useful amp-hours and that degrades batteries faster.
Switching batteries with a relay or a switch is possible, but you need quite big and good quality relays/contactors for that as current can be pretty high which can cause arcing and even weld contacts together eventually. With proper parts it’s a safe way of doing it, but personally I’d just get two batteries in parallel since there’s fewer components to malfunction and adding complexity with arduino+contactor doesn’t save that much money, specially if you place any value for your time (which of course isn’t necessary, tinkering itself is often worth the time spent).
- Comment on PasswordManagement: which one of these options would you choose? 8 months ago:
Personally I’m running option 2 with self hosted bitwarden. Sure, it’s a bit more effort to make it work and while it’s not perfect that’s what I’ve ended up with. The most convinient thing with that is that I can access my passwords whenever I have internet access with a browser without any need to install any software on the thing I’m using. Obviously that doesn’t mean that I’ll happily access the vault with whatever free-to-use endpoint I happen to encounter but it also gives an option to access whatever even if I’m borrowing a computer from a (trusted) friend and once I close the private window I used it’s gone. And even more often, when I’m accessing my credentials from a family shared computer, I can just log out and I don’t need to do any cleanup on the host which might get infected by our kids browsing something malicious or some other breach of security.
With keepassxc I’d need to worry about the database file, which is a bit different than logging out and closing browser. Your usage patterns might be different, but web-based hosting solution works for me.