Lemongrab

@Lemongrab@lemmy.one

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨Selfhosted alternative to google keep/onenote/evernote/goodnotes?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Notesnook has a desktop app. Does it not work with self hosted implementation?
⁨Comment⁩ on ⁨2024 Self-Host User Survey Results⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
Hmm, you have typed words that I do not vibe with.
⁨Comment⁩ on ⁨⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
Cus there isnt a reason to change if you are already super familiar with pfSense. They basically do the same stuff.
⁨Comment⁩ on ⁨⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
In that case OPNsense does the exact same thing but with a more intuative GUI. It original was a fork of pfSense.
⁨Comment⁩ on ⁨SpacebarChat - a selfhosted, Discord-compatible communication platform⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:
WebCord supports it.
⁨Comment⁩ on ⁨Programmatic access to discord⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:
Self-boting is against ToS. You have to be careful when interacting with the Discord API. Maybe there is a way to run the discord website to fetch text messages.
⁨Comment⁩ on ⁨OS recommendations⁩ ⁨⁨5⁩ ⁨months⁩ ago⁩:
Generally, I think it is better to use a general server OS like Debian or Fedora instead of something specialized like Proxmox or Unraid. That way you can always choose the way you want to use your server instead of being channeled into running it a specific way (especially if you ever change your mind).
⁨Comment⁩ on ⁨Security and docker⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
That is not how security works. You must protect against known and unknown attack vectors. I am only pointing out weaknesses of Docker and other linux containers that share the kernel with the host or/and run with Root. I’m not saying anything original or crazy, just read up on the security of these technologies and their limits. I am not a malware designer, I am a security researcher.

Look into gVisor and Kara Containers for info on how to improve the security of containers.

Here are some readings for you:

…tux.pizza/…/help_can_i_safely_run_malware_inside…
csoonline.com/…/vulnerabilities-in-docker-other-c…
www.panoptica.app/…/7-ways-to-escape-a-container
blog.trailofbits.com/…/understanding-docker-conta…
securityweek.com/leaky-vessels-container-escape-v…
cybereason.com/…/container-escape-all-you-need-is…
⁨Comment⁩ on ⁨Security and docker⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
It is not speculation, it is reducing attack surface. Security is preemptive. Docker/Podman are not strong isolation solutions. Rare does not mean we shouldn’t protect against the chance of kernel vulnerabilities. The linux kernel around 30 million lines of code long and written in a memory unsafe language. Code isn’t safe just because we dont know the vulnerabilities, this is basic cybersec reasoning.
⁨Comment⁩ on ⁨Security and docker⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
Docker/Podman and LXC linux containers share the same kernel with the host machine. Root in the container is root period. With a exploit to escape the container (which are common) the malicious program has root on the machine. This is a known attack vector against linux containers. VMs are much better for isolating untrusted software from the host OS.
⁨Comment⁩ on ⁨Security and docker⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
Idk how to decide what is safe or not, but as a warning, Docker containers can escape trivially and have access to the kernel.
⁨Comment⁩ on ⁨PrivacyGuides@Lemmy.one: What are benefits for using privacy friendly frontends for apps like Reddit and YouTube compared to accessing them and using UBlock Origin?⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
Specific blocklists are designed to block fingerprinting scripts. This can help, but it is better when done by the browser.
⁨Comment⁩ on ⁨PrivacyGuides@Lemmy.one: What are benefits for using privacy friendly frontends for apps like Reddit and YouTube compared to accessing them and using UBlock Origin?⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
Ublock doesn’t stop (all/most) fingerprinting. A hosted frontend or instance can help protect against this vector of attack.
⁨Comment⁩ on ⁨Pros and cons of Proxmox in a home lab?⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
Sorry, misunderstood. Proxmox Free broke my containers on updating a while ago.

Now I use Docker-style application containerizing, but I think LXC (the base technology powering Incus/LXD) is useful in a number of situations and perfectly viable for use. I think Incus-containerized applications are easier to upgrade individually (like software updates of your apps, no need to recreate the container image) and gives a closer to native experience of managing. You do lose out on automated deployment of applications from widely available image sources like docker.io, but the convenience-loss is minimal.
⁨Comment⁩ on ⁨Pros and cons of Proxmox in a home lab?⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
If incus works for yoy, use it. Proxmox locks you out of the option to choose your base server distros.
⁨Comment⁩ on ⁨Pros and cons of Proxmox in a home lab?⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
I remember updating (maybe a year ago now) and it making all my containers unaccessable.
⁨Comment⁩ on ⁨ChatGPT's voice, self-hosted?⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
Installing Sherpa Onnx TTS makes it an option to use as your system TTS voice
⁨Comment⁩ on ⁨ChatGPT's voice, self-hosted?⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
Librera FD as your reader app: www.f-droid.org/en/…/com.foobnix.pro.pdf.reader/
Sherpa Onnx as your TTS engine: github.com/k2-fsa/sherpa-onnx

I recommend the piper TTS pretrained models, either Lessac medium or Kusal high/medium
⁨Comment⁩ on ⁨Here is what 6 decommissioned servers looks like. My Jellyfin will be very happy⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
For security, yes, your word is not enough. This would be confidentiality in the CIA triad. I still understand your disappointment seeing probably many dozens of drives get destroyed.
⁨Comment⁩ on ⁨Building my Homelab!⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
I don’t fetch from google. Also a VPN does wonders for that.
⁨Comment⁩ on ⁨Building my Homelab!⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
Custom default settings, speed, and reliability (not IP blacklisted)
⁨Comment⁩ on ⁨Building my Homelab!⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
Stirling PDF IT Tools SearXNG Dashy PiHole or Adguard home
⁨Comment⁩ on ⁨Funkwhale - A platform for all your audio⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
This is true
⁨Comment⁩ on ⁨Funkwhale - A platform for all your audio⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
It looks clean, maybe not very original but better than a early 2000s looking-ass website
⁨Comment⁩ on ⁨Are there any privacy-friendly (including offline) AI detectors?⁩ ⁨⁨9⁩ ⁨months⁩ ago⁩:
Test them on known good articles, like those before 2019, and see the rate of false positives.
⁨Comment⁩ on ⁨[Question] If I selfhost a privacy frontend on cloud, wouldn't the original service get my server IP and track back to me?⁩ ⁨⁨9⁩ ⁨months⁩ ago⁩:
Like hosting it from a local server that routes all internet traffic through the VPN to avoid exposing the source of the server’s IP to the unprivate service.
⁨Comment⁩ on ⁨[Question] If I selfhost a privacy frontend on cloud, wouldn't the original service get my server IP and track back to me?⁩ ⁨⁨9⁩ ⁨months⁩ ago⁩:
To add to the question, what about using a selfhosted privacy frontend behind a VPN. Does this shrink the need for a crowd.
⁨Comment⁩ on ⁨[deleted]⁩ ⁨⁨9⁩ ⁨months⁩ ago⁩:
Not that it is private, but that this shouldn’t be possible by an untrusted party. Two assumptions are made by a typical user: discord is somewhat trustworthy, the data is only controlled by discord. These are both incorrect but it is understandable why they make such an assumption about a large platform like discord. Without the knowledge of how things are scrapped, one might not think it is even possible.
⁨Comment⁩ on ⁨[deleted]⁩ ⁨⁨10⁩ ⁨months⁩ ago⁩:
It is still better than having to go to Googles ad-ridden tracker-filled website. Also, in the settings you can select an option to proxy videos.
⁨Comment⁩ on ⁨Linux distro for selfhosting server⁩ ⁨⁨10⁩ ⁨months⁩ ago⁩:
Cockpit is a good web ui