beerclue
@beerclue@lemmy.world
- Comment on how are my fellow peeps hosting your music collection these days? 5 days ago:
Hosted with Jellyfin, for clients I use Symfonium on Android and Feishin on desktop.
- Comment on What's the real difference between a shell script and Ansible (and which should I use)? 1 week ago:
ansible can seem like just a fancy way to run shell scripts with extra syntax, but the real power shows up when you start managing more than one machine or need repeatable, “idempotent” (i love this word) setups. ansible handles state rather than just running commands, so you can describe what you want instead of how to do it step by step. it’s also easier to maintain over time, especially if your setup grows or changes. just add that new vm to the inventory list.
if you’re already comfortable with shell scripts and just want to get a few vms going, you could totally get by without ansible. but if you’re planning to do this more than once, or want to be able to rebuild things cleanly, it’s worth it, imo. it could save you a lot of headaches later on.
i use it at work, i manage about 40 vms in our pre-production environment with ansible. if i need to install a new package on all, it’s one line and one command (ran in a pipeline). if i need to change the settings for
unattended-upgrades
on the debian machines only, same thing.however, our “production” environment is k8s and a handful of external services, and we use terraform to manage all that.
i guess it all depends on your needs.
- Comment on OpenAI's annualized revenue hits $10 billion, up from $5.5 billion in December 2024 2 weeks ago:
They also have an API, I think a chunk of that revenue comes from there. Think 3rd party apps and services having chat bots, writing assistants, etc that use openai’s API.
- Comment on If we replace most plastic with a non plastic alternative and would that really be better? 2 weeks ago:
Not exactly answering your dilemma, but I was watching a cooking channel yesterday (Sorted), and they were talking about seaweed - it’s wild (heh). You can use it to make straws, bags, packaging and all sorts of stuff that’s foodsafe and biodegradable. And apparently, even if we replaced all the plastic used for that kind of thing with seaweed, we’d barely make a dent in the ocean’s seaweed supply - we’d use less than 1% of it.
- Comment on Ansible sounds interesting 3 weeks ago:
Oversimplifying it, Ansible playbooks are nothing more than some commands that should be run on a remote machine via ssh. Ansible knows or has modules for a variety of different package managers (apt, yum, etc) and automagically knows how to handle services or various config files.
It can get complex, but I think just the startup phase, until you have an inventory of remote machines, the ssh keys are in place, etc. I second the Jeff Geerling recommendation, his stuff is solid, both ready to use playbooks, and tutorials.
I would suggest to also look into
cloudinit
. Makes setting up VMs on proxmox easier, faster, more consistent, with users, networking, ssh keys, etc ready to use (by you or by Ansible). - Comment on This was the theme song used in a documentary about a failed corporation. Can you name the company? 1 month ago:
Do they make cardigans?
- Comment on Is it possible to set what DNS server cloudflare tunnels uses when resolving local ips? 1 month ago:
Yeah, I think coredns offers all the options you need.
- Comment on C4illin/ConvertX: Self-hosted online file converter that supports 1000+ formats 1 month ago:
This is a great addition to my home-lab, no more “free online convert” tools needed.
- Comment on [deleted] 2 months ago:
Am tot auzit și eu, da’… sursa?
- Comment on Cucumbers taste like the white part of watermelons 2 months ago:
My family pickles watermelons, for generations. They are delicious.
- Comment on How do I host Jellyfin in the most secure manner possible? 2 months ago:
I agree with you, but this was specifically about jellyfin.
- Comment on How do I host Jellyfin in the most secure manner possible? 2 months ago:
I don’t think so, but don’t quote me on that. My machines come with a 65w charger.
- Comment on How do I host Jellyfin in the most secure manner possible? 2 months ago:
A micro sized PC with an i5 and 8gb or ram can cost under 100€, and it’s way more powerful compared to a pi. Power efficient too. That’s what I used for a long time for my jellyfin server.
- Comment on Testing vs Prod 2 months ago:
I personally use my home lab to test and learn, and I try to mimic a corporate environment. I have multiple instances of DNS, proxy, etc and I have a “prod” and a separate “staging” k8s environment. I try as much as possible, without going nuts about it, to update and try new changes that might be breaking in the staging cluster.
- Comment on [deleted] 2 months ago:
Jizăs Craist.
- Comment on How to secure Jellyfin hosted over the internet? 2 months ago:
I don’t think I’ve ever encountered what you say… I use WG it to access a network, not a device. I have a few dozen devices, physical and virtual, why should I set up wg on all of them? Tailscale, maybe, it’s a different story, but I prefer to “self host” and not rely on a 3rd party provider. Wireguard was relatively easy to set up too, a few years ago… and in the meantime, if I need to add a new client, it’s a two minute job.
- Comment on How to secure Jellyfin hosted over the internet? 2 months ago:
Right, but I have wireguard on my opnsense. So when I want to reach jellyfin.example.com, if I am at home, it goes phone -> DNS -> proxy -> jellyfin (on the same network). If I am connected to the VPN, it goes from phone -> internet -> opnsense public ip -> wireguard subnet -> local subnet -> DNS -> proxy -> jellyfin. I see some unneeded extra steps here… Am I wrong?
- Comment on How to secure Jellyfin hosted over the internet? 2 months ago:
Oh, I get that, but it just doesn’t make any sense to me to be physically next to the server, and connect to it via VPN…
- Comment on How to secure Jellyfin hosted over the internet? 2 months ago:
My network is not publicly accessible. I can only access the internal services while connected to my VPN or when I’m physically at home. I connect to WG to use the local DNS (pihole) or to access the selfhosted stuff. I don’t need to be connected while I’m at home… In a way, I am always using the home DNS.
Maybe I’m misunderstanding what you’re saying…
- Comment on How to secure Jellyfin hosted over the internet? 2 months ago:
I can stay connected, still works, but I don’t think I need the extra hoops.
- Comment on How to secure Jellyfin hosted over the internet? 2 months ago:
I also have a different subnet for WG. Not sure I understand what you’re saying…
- Comment on How to secure Jellyfin hosted over the internet? 2 months ago:
Same, wireguard with the 'WG Tunnel" app, which adds conditional Auto-Connect. If not on home wifi, connect to the tunnel.
- Comment on Rocky rock rocking 2 months ago:
Ok.
- Comment on Rocky rock rocking 2 months ago:
Ok.
- CVE-2025-1974: vulnerabilities that could make it easy for attackers to take over your Kubernetes clusterkubernetes.io ↗Submitted 2 months ago to selfhosted@lemmy.world | 3 comments
- Comment on Wonder what it tastes like 2 months ago:
foodporn@lemmy.world :)
- Comment on Amazon customer receives fake Ryzen 7 9800X3D, turns out to be decade-old AMD CPU 3 months ago:
It happened to me a few years ago, when I ordered for work an i9 9900k, and inside the sealed box was a core 2 duo… After the seller (not Amazon) refused the return, I looked up a bit online, and it’s a common practice. I even found rolls of “Intel original” seals for 5€ on eBay.
- Comment on This Week in Self-Hosted (7 March 2025) 3 months ago:
60k stars for a free open source self hosted project? I’d say that’s a really healthy number. Jellyfin has 37k.
- Comment on What's up, selfhosters? - The Sunday thread 3 months ago:
I did have backups, it was an easy fix. I had a
pihole -up
on a crontab for years, probably not the best idea :)FW rule accept :53 from pihole only, deny :53 from all. I had some devices with hardcored DNS settings (8.8.8.8).
- Comment on What's up, selfhosters? - The Sunday thread 3 months ago:
Pihole 6 broke my DNS (dnsmasq), and since I had a fw rule in opnsense to only use pihole’s DNS, and deny public DNS access, it was an early rise for me :)