Fedegenerate
@Fedegenerate@lemmynsfw.com
- Comment on Looking for MiTV box replacement 1 month ago:
The firestick is what I chose as my TV’s, a 10yo LG, jellyfin client. Works as intended, better really. One day I’ll block the stick’s internet connection, and it’ll be the almost perfect device, in that it plays almost anything natively. My server is a rpi4 so anything I can do to stop transcoding, I do.
- Comment on Recommendations for Hardware for Physical Media/Jellyfin Server 1 month ago:
Aoostar n100 2 Bay nas is what I’m currently thinking about. Or the same device but rebadged.
Pros: n100 for quicksync. 2 bays of HDD for media storage. Low power @ idle. Cheap for a box with av1 encoding + sata storage. All relevant codes included. High WAF compared to other HTPCs
Downsides: Unknown brand for build quality and bios updates. General Chinese security anxieties. Idle power, while low, is higher than other n100 options. Fan isn’t pwm. Personally don’t like the aesthetics.
- Comment on Recommendations for RaspberryPI 4B case? 2 months ago:
Personally running an Argon Neo on the pi 4, zero complaints. Flirc is better looking by half (imho), but the Neo out performs it thermally (with the cover off).
I’m running it as a pihole/jellyfin&servarr passively cooled with zero problems.
- Comment on What's the deal with Docker? 3 months ago:
I guessed it was a “once bitten twice shy” kind of thing. This is all a hobby to me so the cost-benefit, I think, is vastly different, nothing on my setup is critical. Keeping all those records and up to date on what version everything is on, and when updates are available and what those updates do and… sound like a whole lot of effort when currently my efforts can be better spent in other areas.
In my arrogance I just installed Watchtower, accepted it can all come crashing down. When that happens I’ll probably realise it’s not so much effort after all.
That said I’m currently learning, so if something is going to be breaking my stuff, it’s probably going to be me and not an update. Not to discredit your comment, it was informative and useful.
- Comment on What's the deal with Docker? 3 months ago:
When I asked this question"
So there are many reasons, and this is something I nowadays almost always do. But keep in mind that some of us have used Docker for our applications at work for over half a decade now. Some of these points might be relevant to you, others might seem or be unimportant.
- The first and most important thing you gain is a declarative way to describe the environment (OS, dependencies, environment variables, configuration).
- Then there is the packaging format. Containers are a way to package an application with its dependencies, and distribute it easily through the docker hub (or other registries). Redeploying is a matter of running a script and specifying the image and the tag (never use latest) of the image. You will never ask yourself again “What did I need to do to install this again? Run some random install.sh script off a github URL?”.
- Networking with docker is a bit hit and miss, but the big thing about it is that you can have whatever software running on any port inside the container, and expose it on another port on the host. Eg two apps run on port :8080 natively, and one of them will fail to start due to the port being taken. You can keep them running on their preferred ports, but expose one on 18080 and another on 19080 instead.
- You keep your host simple and empty of installed software and packages. Less of a problem with apps that come packaged as native executables, but there are languages out there which will require you to install a runtime to be able to start the app. Think .NET, Java but there is also Python out there which requires you to install it on the host and have the versions be compatible (there are virtual environments for that but im going into too much detail already).
- Comment on Bitmagnet Allows People to Run Their Own Decentralized Torrent Indexer Locally 3 months ago:
Finally got it set up, pointed Prowlarr at it which synced to Sonarr and Radarr, not readarr or lidarr though. I couldn’t manually point readarr at it either without getting a
Query successful, but no results in the configured categories were returned from your indexer. This may be an issue with the indexer or your indexer category settings
which is a shame. Still a potentially powerful bit of kit regardless.
- Comment on Uncomplicated firewall rule set for a *arr stack. 4 months ago:
Ah, I knew it was bypassing the pi-hole, I thought it was IPv6. I think I made the mistake of changing more than one thing at once, what I did worked and I moved on to the next functionality I was chasing. I’ll try enabling IPv6 on the pihole, I know at least if I get Ads with it on its not IPv6.
- Comment on Uncomplicated firewall rule set for a *arr stack. 4 months ago:
You have cleared up a lot of misconceptions for me, I have not been port forwarding, I have not learned how yet. I think I’m good. I don’t mind breaking functional stuff, and have a lot already, but I really don’t want to explain to my fiancée that the reason someone is in her bank is because I wanted to watch Samurai Jack.
I have been keeping it as insular as possible for this reason, and the next thing I intent to learn is to make it more insular by putting the pi on a subnet of its own. Actually, thank you for writing that up. I have been actively resisting using people for IT support, as I know it takes time. I have been trying to find everything I can, there isn’t much or what there is assumes knowledge I don’t have.
- Comment on Uncomplicated firewall rule set for a *arr stack. 4 months ago:
When it was active I was getting ads. I disabled the pi-hole registered an increase in traffic and there were no more ads. I don’t know why. It’s working as it is and I’ll tinker when I know more.
- Comment on Uncomplicated firewall rule set for a *arr stack. 4 months ago:
That’s a relief. Thank you.
- Comment on Uncomplicated firewall rule set for a *arr stack. 4 months ago:
Both pi’s have static IPs.
I asked the *arrs to talk to each other, and when they didn’t work (and only when they didnt work) I "ufw allow"ed the relevant port.
I just want to patch up my firewall layer as best I can, and then start building security layers on top/bellow it as I learn how.
- Comment on Uncomplicated firewall rule set for a *arr stack. 4 months ago:
I don’t know, what’s more I don’t know how to check.Which ever most likely?
ISP plastic box didn’t allow custom DNS, I disabled DHCP and IPv6. On pihole I enabled DHCP with IPv6 disabled.
I know, I know enough to be dangerous now, and I’m trying to get the system through my dangerous phase. I don’t think I know enough to ask intelligent questions yet…
- Comment on Uncomplicated firewall rule set for a *arr stack. 4 months ago:
ISP modem. I have a pi3 running pihole-dhcp-unbound, ufw and log2ram.
My system is a pi4 running *arrs, qBit, fail2ban, portainer in docker and ufw for now. Use case is: via mobile phone access *arrs, let them do their things and manually play files via hdmi or more files via thumbdrive. I was thinking giving up the phone access to put them on their own network, but subnets are beyond my ken for now.
Hoping to increment my security, and then the system as my skills develop.
- Comment on Uncomplicated firewall rule set for a *arr stack. 4 months ago:
Just trying to keep outside/malicious actors from entering my stuff while also bring able to use my stuff. More safer is more better, but I’m trying to balance that against my poor technical ability.
My priority list is free>easy>usable>safe. Using UFW seemed to fit, but you’re right, punching holes in it defeats the purpose Which is why I wanted to only allow local network and have only the necessary ports open. You have given me lots of terms to Google as a jumping off point so thank you.
- Submitted 4 months ago to selfhosted@lemmy.world | 25 comments
- Comment on Misadventures with my first server (On a old laptop) #1 4 months ago:
Current obstacle: dockstarter qbittorrent immediately flips torrent to ‘errored’. It can see peers, so i believe it has access to the internet. I have “sudo chmod 777 /mnt/hdd” on my pi, so I believe it has permissions to do stuff. I opened all the ports listed in Portainer on ufw and it errors even with ufw disabled so it isn’t that. I have reset the container so all changes should be applied.
I am currently trying to find the logs, /var/lib/docker gets me permission denied on my ssh. I used “sudo su” to get in and there is one thing listed in there and it isn’t labeled qbittorrentlog so I backed away slowly. “sudo su” makes me anxious for some reason.
Yay learning
- Comment on Misadventures with my first server (On a old laptop) #1 4 months ago:
Matches my experience. It doesn’t matter what guide I’m following, I seem to have to troubleshoot every other step. On the plus side, stumbling over every obstacle possible has been a great learning experience and I am primarily doing this as an exercise… Fuck me would I like something to just work though.
- Comment on After 1.5 years of learning selfhosting, this is where I'm at 4 months ago:
Thank you.
- Comment on After 1.5 years of learning selfhosting, this is where I'm at 4 months ago:
I am sorry, I am but a worm just starting Docker and I have two questions.
Say I set up pihole in a container. Then say I use Pihole’s web UI to change a setting, like setting the web UI to the midnight theme.
Do changes persist when the container updates?
I am under the impression that a container updating is the old one being deleted and a fresh install taking its place. So all the changes in settings vanish.
I understand that I am supposed to write files to define parameters of the install. How am I supposed to know what to write to define the changes I want?
Sorry to hijack, the question doesn’t seem big enough for its own post.
- Comment on Own a Roku TV or streaming device? You're about to see a lot more ads on your home screen 5 months ago:
Firebog Ticked lists as a collective, over 10^6 domains long now. Firebog have lists organised by how likely it is to impact general browsing, ticked being least likely (basically do you want to be black listing or white listing).
- Comment on Own a Roku TV or streaming device? You're about to see a lot more ads on your home screen 5 months ago:
I set one up. My IT skills begin and end with being a millennial that had to troubleshoot what I wanted to get to work before App stores.
You’ll be fine in general searching “Pihole setup (insert OS here)”. Some minor troubleshooting was necessary in my case, could be an ID10T issue though.
- Comment on New guide on Ico dropped on Gamefaqs 5 months ago:
Funnily, I just finished this game for the first time last week. Wonder what happened in our lives that it became relevant. I might use the guide for a NG+ if it tells me how to get the lightsaber.
- Comment on YouTube is slowing down for users with ad blockers in new wave 5 months ago:
Free wouldnt work either. nobody would make any content.
Except it was free, and people did make content.
- Comment on Pornhub blocks North Carolina and Montana as porn regulation spreads 5 months ago:
Padme: For cancer, right?
Anakin:
Padme: For cancer, right?
- Comment on Pornhub blocks North Carolina and Montana as porn regulation spreads 5 months ago:
As you’re here on Lemmy, a site that has pornographic content, we’re going to need you to post a picture of your government ID as a reply to this comment. You know, to prevent kids accessing porn.
- Comment on Amazed these aren't real 5 months ago:
In my day the punchline to this joke was
Polo: the one with the whole… Shit
- Comment on It's true. 7 months ago:
That’s what we call in the industry “foreshadowing”.
- Comment on Leaving the fediverse 8 months ago:
You’re not a train, you don’t have to announce your departure.
- Comment on What games can you recommend that didn't get the appreciation that they deserved? 8 months ago:
Wildermyth is just so endearing I loved my time with it.
Taking the same character through each campaign was pretty fun like I was making a serialised demi-god: Doofus and the mountain horde, Doofus and the ancient threat etc. Because characters age though the campaign, it has interesting implications in the world lore. Like we’re an archivist document the various legends of Doofus, acknowledging where they contradict and maybe speculating on how the differences in each culture’s legend of Doofus reflects back.
Downside is I optimised the fun out of the combat in always having Doofus at the center of the strategy, each encounter then played out the same.
- Comment on American bully XL dogs to be banned by end of year - Sunak 9 months ago:
Yeah I tried to summarise that in the what would prevent fatal attacks paragraph. I try to see through a “what effective measures have we done to regulate things that can cause harm” lense.
Cars can cause harm, we demand training, licencing, registering, insurance, stoppages by police to provide proof of the above, etc etc. There are still fatalities though. I would accept every one of those measures being applied to dog ownership, you’re right it sucks for the peeps owning chihuahua’s, their insurance will likely be low though.
That said, after engaging with the dog foster system, I have other reasons for wanting to limit access to dogs. I weigh the harm done to families that lose an opportunity Vs the harm prevention what I think the above will do to the number of homeless dogs as I would add all animals are neutered at the earliest possible convenience unless owned by a registered breeder, that registration being an absolute bastard to get, perhaps requiring yearly inspections to curb puppy mills too. I love dogs, I don’t see their ownership as a right but a responsibility first and a privilege second.
I did think about banning characteristics, which then lead me on to blades as we regulate blades by characteristic. I have absolutely no idea if it was effective though, and didn’t care to check, so I didn’t include it. But how to apply it to dogs, weight maybe, biting force are objectively measurable but what happens if some family just lands an absolute chonk. As you say, the actual relevent characteristics are functionally impossible to police.