Cyber
@Cyber@feddit.uk
- Comment on PSA Mint + Timeshift + KVM hosters: /var/lib/libvirt is excluded by default from snapshots 5 days ago:
Wow. Thanks for the detailed breakdown, that’ll take me a while to work through!
- Comment on PSA Mint + Timeshift + KVM hosters: /var/lib/libvirt is excluded by default from snapshots 6 days ago:
I was looking into this recently and un-convinced myself that rsync was handling all the symlinks and permissions correctly.
What’s your command options? I was using
-Prvtzfor ages, then thought I needed anAatoo (from memory) - Comment on How much do you secure a home server that's only accessible with VPN? 6 days ago:
And, to be fair, you’ll know more about your setup when you don’t use the defaults as you have to learn more…
- Comment on Setting Up OPNsense on Proxmox: Doubts regarding NIC setup 1 week ago:
Nice. Thanks for the info on the fans
I guess you’re running the Fohdeesha firmware, I’ll have to look into this a little more…
Thanks
- Comment on Setting Up OPNsense on Proxmox: Doubts regarding NIC setup 1 week ago:
OT, but how are the Ruckus switches?
I’m using 2nd hand Ruckus WAPs with the Unleashed firmware and they’re great
- Comment on Immich v3.0.0 is out, with Workflows preview 1 week ago:
Yep, esp. as the Immich team (and most likely others) should be using automation for their builds anyway…
- Comment on Immich v3.0.0 is out, with Workflows preview 1 week ago:
Which distro are you using?
My NAS is running Arch (btw) and I have Immich installed baremetal because someone’s nicely maintaining it in the AUR… would need a little work to convert that script into something for another distro…
- Comment on The prices differences of different providers for the same domain is crazy. 1 week ago:
They don’t seem to be very accurate, or check availability… Amazon.com for ~$5 ?
- Comment on Are ISPs responsible for bots having residential IPs or is this a user problem? 2 weeks ago:
Yeah, a long time ago I started blocking outbound traffic to all but our laptops and it’s interesting how many things work perfectly well, but continually try to get out… the SolarPv inverter is VERY persistent to get to China due to an overly helpful installer setting it up on the wifi.
I now have a firewall alias to only allow certain devices out and then just update that alias, do whatever (usually updates) and then revert the alias.
- Comment on What apps do you use to listen music at work/on phone? 3 weeks ago:
Give New Pipe and / or PipePipe a go, I use them to download just the audio from youtube (can do the video too of course…)
I also use Ghost Commander and Material Files to help organise files…
All of these are on F-Droid if you wanted to try them out.
- Comment on What apps do you use to listen music at work/on phone? 3 weeks ago:
Ah, that I don’t know.
I spend a lot of time listening to a “Live” stream and that doesn’t seem to have thst problem… but if I listen to a playlist, yeah I have that problem.
However, I often have to stop to speak to someone / get coffee, so that seems to reset the timer so it’s not toooo bad for me
- Comment on What apps do you use to listen music at work/on phone? 3 weeks ago:
At work, youtube with ublock origin, adblock plus, etc, preventing the ads
Sometimes I’ll stream stuff from bandcamp
On the move, the SD card in my phone (with pairdrop.net to upload albums) playing through VLC
- Comment on Remote Tech Support services? 3 weeks ago:
Valid point, although OP doesn’t state CGNAT is in the way…
- Comment on Remote Tech Support services? 3 weeks ago:
No love for VNC here?
The remote user can even download & run a reverse VNC which connects back to the helper.
Cross-platform…
- Comment on Blackblaze B2 status and alternative 3 weeks ago:
TBH, I haven’t done a full-bore up/download.
I limit my backup bandwidth as the deltas don’t take long and they can upload during the day
I also don’t have a Gb internet connection, so I could only max at ~80Mb (down) anyway
- Comment on Blackblaze B2 status and alternative 3 weeks ago:
I moved from a Backblaze B2 bucket to a Hetzner storagebox and haven’t looked back.
Lower cost and - for me - just easier to use, so, better for restores.
I can’t help with your error messages, but I’m presuming you’re just restoring a backup of data you still have? If so, just upload to Hetzner and start again.
- Comment on Libre Closet v0.3 - 2x’d Performance 4 weeks ago:
“Ask partner out on date, and check their wardrobe to suggest an outfit for the outing”
Yeah, that’s probably about right 😁
- Comment on Libre Closet v0.3 - 2x’d Performance 4 weeks ago:
Yeah, I’m kinda, open wardrobe door, grab what looks about right for today, done.
But.
I can see another use case here…
- Partner "has nothing to wear"
- Mentions buying more clothes
- I open app, scroll, demonstrate how long the scrolling is still going for.
- Win argument.
- Purchase beer with saved money
- (pass some to devs for assisting)
- Comment on Radicale: Can someone please offer any guidance on usage and security. Om abit lost 4 weeks ago:
… because? … or, instead, do…?
- Comment on Radicale: Can someone please offer any guidance on usage and security. Om abit lost 4 weeks ago:
Nice wiki
Didn’t know about infCloud… thanks
- Comment on What to do after getting a domain name? 4 weeks ago:
No, I was referring to a separate DMZ host…
Physically separate firewall connection, with different firewall policies between internet<–> DMZ than DMZ <–> internal network.
Not a VLAN. VLAN Hopping makes it possible to jump between VLANs, so they should only be consided as an administration tool, not a security mechanism.
But, I agree with you, putting a device on the internet isn’t something that anyone should do without understanding the technical issues.
- Comment on What to do after getting a domain name? 4 weeks ago:
Kinda overlapping other replies, but to answer your question: A = your external IPv4 address
The rest could be empty AAAA = an external IPv6 address NS = a DNS server MX = Mail Server
TXT is just text, but it can be used by, ie Lets Encrypt to prove you own that domain for your SSL certificate
If you open TCP 80 / 443 on the open internet EVERYONE will probe you, but you want to run a Friendica server, so you kinda need that (disclaimer: I do not know how Friendica is setup)
So, you’ll need something (firewall, Fail2Ban, etc) to protect your server whilst also allowing it to federate to other servers.
I’d strongely suggest you put your server on a VPS with a provider that has some level of defense already setup for you.
I wouldn’t run this in your home network with putting it into a DMZ of some kind.
- Comment on What's your contingency plan for the apocalypse? 4 weeks ago:
Depends if they have Prime next day delivery…
- Comment on What's your contingency plan for the apocalypse? 4 weeks ago:
CGA? RS233?
I can sell them to you for the cost of 1 hour’s electricity from my petrol generator…
- Comment on What's your contingency plan for the apocalypse? 4 weeks ago:
It’s always good to have a plan…
- Comment on Anyone using twtxt? It is for posting entirely as plain text. 4 weeks ago:
Yeah, not heard of this either
Following the cross-post to the site: twtxt.dev it seems this has been going for ~10 years!
It’s basically plain text tweets
- Comment on Kittygram v1.1 has released 4 weeks ago:
You know, I’m gonna upvote you just based on the amount of brandnames you know 😁
It’s all good points, I’m just gonna pass on this one.
I’m not throwing anything at the project or questioning anyone’s parents… just gonna walk on by…
- Comment on Kittygram v1.1 has released 5 weeks ago:
I wouldn’t say most, but I do agree that I won’t be using this purely based on name.
- Comment on Revisiting Rule #3 Hey everyone, as I previously mentioned the rules here are 5 weeks ago:
TL;DR: I support the change in Rule 3
I think the only thing I’d start rolling my eyes at would be if the posts ended up being low effort photo posts of racks of equipment…
Sure, a nice background story might help, but I want to read about something that’ll help me, or help someone understand something I know.
I’m even half interested in cloud based offsite backups as that’s a (possibly) necessary safetynet for us.
I think we’re grown up enough to signpost OT posts elsewhere rather than cry to the mod(s).
(Oh, and thanks btw… I appreciate what you do)
- Comment on Continuwuity 5 weeks ago:
I can see a lot of opinions & comments on the QR part and, with respect, I’d like to add that I’m reading this post on a device where I’d like to view the site on the same device, so a QR isn’t best for this platform.
I’d go a little further and say that QRs and really only useful for a mediim where you want the user to use a 2nd device (printed media, BSODs, etc)
Also putting the URL in the (for my reader) non-clickable alt-text doesn’t help either
Again, with respect, you’re making it harder for your audience to reach you, not easier.