brewery

@brewery@lemmy.world

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨TTeck (Proxmox Helper Scripts) has passed away. R.I.P.⁩ ⁨⁨6⁩ ⁨days⁩ ago⁩:
RIP from England. Those scripts helped me through some tough times when first trying proxmox, I remember being so happy to find them. I wouldn’t have stayed on proxmox without them
⁨Comment⁩ on ⁨Podman or rootless docker?⁩ ⁨⁨6⁩ ⁨days⁩ ago⁩:
Not sure if it makes a difference and not quite your question but I’ve just switched away from nextcloud-aio to just having my own docker compose, so I have better control and know what’s going on more. I always found it funny and when installing on a new VPS decided to try. It was surprisingly straightforward and Ive been able to install everything I need.

Let me know if my docker compose would help. I still need to add the backup solution but it’s going to be straightforward as well.
⁨Comment⁩ on ⁨Sweden, Norway rethink plans for cashless societies over fears that fully digital payment systems would leave them vulnerable to Russian security threats⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
I like my free healthcare, ambulances, fire fighters, roads, drivers requiring licences, drivers requiring insurance, police, trains, buses, general security, employee regulation, safety regulation, building codes, industry regulation, help overseas from consulates, so would prefer to pay a bit in taxes to get a lot back. It might not all be “perfect” but the idea of aiming for a happy and equal society is good.
⁨Comment⁩ on ⁨A new way to support open-source: OpenPledge⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Very investing! I think I would pay specifically to have SSO open ID implemented on different software where the developers have said it’s not a focus so definitely interested! Will check it out
⁨Comment⁩ on ⁨The Karma connection in Chrome Web Store.⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
To be honest, there are so many articles about Chrome over the last several months, I don’t get why anybody is staying with them if they care about things like this. Am I being naive or unaware?
⁨Comment⁩ on ⁨Sweden, Norway rethink plans for cashless societies over fears that fully digital payment systems would leave them vulnerable to Russian security threats⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
We have much tougher GDPR laws so I am more worried about American companies stealing my data than any based in the EU. I use different passmails for every account hoping to find a company breaching GDPR but (luckily?) unluckily, no hits so far.

Every company I have worked for, including a major bank, takes GDPR extremely seriously. So much so I often thought they went to far but understand their caution.
⁨Comment⁩ on ⁨Sweden, Norway rethink plans for cashless societies over fears that fully digital payment systems would leave them vulnerable to Russian security threats⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
In the EU and UK, heavy regulation, especially of Visa and MasterCard, means the fees are actually lower than the costs of handling cash. Lots of businesses want only card transactions because it works out better for them and most people don’t carry any cash so that need to offer card payments, and so it makes even less sense to offer both methods. The only industries who like cash are likely trying some form of tax evasion.

Cleverly, they banned businesses from charging any payment fees and suddenly, businesses negotiated and found suppliers offering low payment fees. We don’t have anything like these convenience fees for paying with cards over cheque that I hear about.

Amex still charges higher fees so many places still don’t take those cards. The value of benefits (air miles, cashback) have gone down significantly but in reality, it was essentially transferring wealth from the poor (who could never get these cards) to the rich, through these fees, so works out better overall.

The banks here advertise that they help everyone get bank accounts and social benefits are paid into bank accounts so I assume everyone is able to get an account. However, I do wonder if some people, especially the homeless, slip through the cracks.
⁨Comment⁩ on ⁨Sweden, Norway rethink plans for cashless societies over fears that fully digital payment systems would leave them vulnerable to Russian security threats⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
They seriously won’t issue one even though it’s faulty? Surely it’s their fault as suppliers of a defective product that is probably still owned by them in some legalise way!

My chip stopped working and after one quick phone call they sent a replacement one. Do all the banks you can access do this or worth changing over?
⁨Comment⁩ on ⁨Where to start as a beginner⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
My experience has taught me not to ‘apt autoremove’ unless im really sure what they are!

Take it one software at a time. See it’s running fine then move on to another. You’ll often realise something down the line will be helpful so will go back to make changes.

Keep a running list of software and the ports used.

With docker, do not automatically do :latest on important software (nginx proxy manager, SSO software, password database, anything you use regularly, etc). I did that and was burned a few times.

Also that at some point you’ll either mess up or realise it would just be easier and start again with a fresh OS install. Keep copying data (docker compose files and persistent storage) on working software before starting a new one, or before installing anything directly onto the OS, or before major updates.
⁨Comment⁩ on ⁨Will I ever be seen as truly British?⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
I am born and raised in England to Indian parents so always had some internal tension. Sometimes, I don’t understand my patents culture and sometimes I don’t understand English culture. However, I’ve realised I am who I am, and can take the best bits from both. There are some bits I don’t like so I’m the better for being / having that mix. I married an Irish person who moved over several years ago. Irish used to be the “other” and were screwed over, but now are sometimes considered “white”, so just shows the target moves.

There has always been racism in British society and unfortunately I have felt it pick up since the Brexit vote and Trump’s election (I think it empowered them). However, it is from a small minority of people. In some areas it comes from ignorance, which I can kind of forgive. Others will always see us as outsiders with our foreign names (and my brown skin) no matter what we do. I just think, screw them. I mean, can they trace themselves back before the Normans, the Romans or the Vikings etc? Where do you draw the line exactly?!? England has always been a mix of people and culture so they’re the ones missing out. I’m happy driving my Korean car to a German store to buy ingredients for a Thai green curry. Oh, I’ll grab a French pastry for breakfast, Chilean wine for the weekend and well, you get the idea! Let’s make the most of this multicultural place and ideas, and who cares about bigots who you can guarantee, like a cheeky korma and Belgian beer…
⁨Comment⁩ on ⁨Google is (still) losing the spam wars to zombie news-brands⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
Been using Duckduckgo for a few years now and found it very good, although it’s also on the downward SEO ruined path. Have tried Google occasionally and wow is it juat completely full of crap.
⁨Comment⁩ on ⁨Private health insurance market grows by £385m in a year amid NHS crisis⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
Capitalists
⁨Comment⁩ on ⁨Authelia + Bitwarden + other selfhosted stuff⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
I use authentik but believe it’s similar. You can create accounts for people and give them passwords, or send a welcome email asking them to register to create one. I would warn you though, not every service has the ability to use it and it does take quite some effort to get it working! It’s interesting to learn about though
⁨Comment⁩ on ⁨Jellyseer for ebooks?⁩ ⁨⁨7⁩ ⁨months⁩ ago⁩:
I tried the readarr and other options. They work sometimes but not enough to rely on it. As others mention, there’s no standard naming and also, lots of people use their library card for Libby access. I also think there’s a bit more of a direct link to authors so I’d prefer to buy the book unless theyre super well off anyway. To be honest, I can’t see the arr’s working with LibGen having looked at the open issues on integrating it, it just doesn’t allow for scraping in the same way.

For me, I self host openbooks (uses IRC) and select a download straight away, which to be fair, is about the same time as searching / finding a TV show if you are after one book. I have exposed it behind an SSO so can access it on my phone and download the book straight away when someone gives me a recommendation. Most of the time I just add to a running note on phone and go through it every few months when I need more books.

It’s fairly quick for multiple books but not sonarr levels of ease. The downloads go into a calibre monitored folder which then does the automation (naming, conversion if needed etc). I bulk email the new books to my kindle with one click. Calibre-web is on read only for a nice browsing experience and to read on other devices if I need to (althogh no page sync). It’s a bit of manual work but I find it is not too bad and in 10 minutes I can load up enough books for months.

Occasionally IRC does not have the book so try manually searching on prowlarr, and download on sab or transmission. The downloads are almost instant so I then just wait and copy them to my downloads folder (I could probably automate this step too with tags but it’s so infrequent).
⁨Comment⁩ on ⁨‘Definitive proof’ of second Post Office IT scandal found in 30-year-old floppy disks⁩ ⁨⁨7⁩ ⁨months⁩ ago⁩:
My parents had a Post Office which I effectively grew up in. I remember them having to report things on a desktop and loading these discs. I also remember when they got the Horizon system and how much trouble they were having trying to get it to work.

They moved to the city I was born and raised in just to buy the PO, and both worked full time in it. I feel so lucky they didn’t get caught up in it all. I have asked if they paid anything they weren’t sure about and they said there was nothing, although my mum paused before answering so think there might’ve been something.

It would have ruined our lives completely so all this scandal stuff really hits me hard. I couldn’t even watch the Norman Bates show past 20 minutes as I just got so upset and angry. Fuck all the people involved (at every level) and hope they suffer for all time…
⁨Comment⁩ on ⁨Eww, Copilot AI might auto-launch with Windows 11 soon⁩ ⁨⁨7⁩ ⁨months⁩ ago⁩:
I just tried it out on a couple of random questions (one on docker, the other on proxmox networking) and it looks very promising. I didn’t even have to login, it showed the sources, it gave step by step instructions, and suggested follow up questions that were helpful. Thanks for sharing!
⁨Comment⁩ on ⁨NUC, Proxmox and HA (a noob seeking for help)⁩ ⁨⁨7⁩ ⁨months⁩ ago⁩:
I have dynamic IP and there are several ways around it. I use Cloudflared (updates DNS records regularly) and a script I found to update duck DNS as a backup. Both very simple.

Accessing the services is not the problem, the problem is keeping them safe. I’ve tried lots of different ways (although not tailscale yet) and have a few services exposed directly to the internet behind authentik \ NPM \ Cloudflare \ fail2ban \ ufw. Others, I access through my router openvpn server, with keys for my laptop and phone as clients. There are so many guides online for all VPN types. Its just finding the right approach between ease of use vs safety
⁨Comment⁩ on ⁨NUC, Proxmox and HA (a noob seeking for help)⁩ ⁨⁨7⁩ ⁨months⁩ ago⁩:
I’m hesitant about it too for the same reason but not sure if I’m being unreasonable given that I rely on so many other free services. However, this is one that would potentially have access to everything I do.

I’m watching headscale with interest until its safe enough for me to try breaking it!
⁨Comment⁩ on ⁨Looking for a good, cheap backup solution.⁩ ⁨⁨7⁩ ⁨months⁩ ago⁩:
Would you trust rsync.net to be around for a long time? They’re doing a $540 lifetime 1TB offer which is interesting as I’m luckily in a position to do but would take 6 years plus to “pay off”.
⁨Comment⁩ on ⁨Docker - what use is it?⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
I only use docker images supplied by the devs themselves or community maintained (e.g. Linux server.io) so they essentially tell docker what needs to be installed in the container, not me. It takes the hassle out of trying to figure out what I need to do to get the service running. If they update their app, they’ll probably know best what else needs to be updated and will do that in the image. I guess you are relying on them to keep everything updated but they are way more knowledgeable than me and if there is a vulnerability, it is only in that container and not your other services.
⁨Comment⁩ on ⁨Appreciation / shock at workplace IT systems⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
Lots of little things really. Obviously I couldn’t say for certain but they seemed to on top of it without causing us too much difficulty in doing our jobs.

Sometimes things were blocked like if a new email, or questioned after to check it was expected and followed policy. Policies were clear, and there were helpful prompts or warnings.

We were involved in something where we had to copy a sh*t load of files from a shared folder to a hard disk. There were like three automatic blocks that kicked in at different times, which was a pain at first to figure out but because we had a good reason, someone in IT just kept at it to get it done and looking back, that should have raised flags given the size of it all.

They changed from passwords changing every 6 months to no changes but had to be longer and mandatory 2FA. We were told to use keepass for all passwords for things that weren’t SSO for various reasons.
Appreciation / shock at workplace IT systems
Submitted ⁨⁨8⁩ ⁨months⁩ ago⁩ to ⁨selfhosted@lemmy.world⁩ | ⁨50⁩ ⁨comments⁩
⁨Comment⁩ on ⁨What advice can you give to a beginner?⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
Don’t provide services to others, including your own family, actually especially your own family, until you are quite comfortable with what is going on and what might be causing issues. Focus on helping yourself or keeping whatever other services you were using before just in case.

Trying to fix something at night, with a fuming partner who’s already put up with a difficult to use service, because of your want for privacy even though they don’t care care, whilst saying “it should work, I don’t know what’s wrong”, is not a great place to be 😁.

Overall though, I found it so interesting that I am doing a part time degree in computer science in my 30s, purely to learn more (whilst being forced to do it to timelines and having paid for it).

I have a very comfortable and ‘forget about it’ setup my family are now using. Every now and then I add new services for myself, and if it works out, will give access to others to use, keep it just for me or just delete it and move on.
⁨Comment⁩ on ⁨What's the deal with Docker?⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
I have a reason I don’t think is covered. A few programs I have come across that I want to try recommend docker and some only provide instructions for docker. They can spend less time trying to help you with dependencies and installations knowing they’ve included everything you need in the docker file. I don’t have a background in Linux or programming so unless they tell you exactly how to install something, I can struggle. Their installation page is then just the docker compose file with a note on the environment variables you can change.
⁨Comment⁩ on ⁨Should I use authentik with or without nginx proxy manager?⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
Either try to work out how to pass headers through to get around the service login or give up and find another app. On some services, the service auto logs onto one account so anybody who gets through Authentik sees the same stuff which is fine. I definitely don’t have two levels of login!

I should say I use Plex’s and vaultwarden’s own login systems.
⁨Comment⁩ on ⁨Should I use authentik with or without nginx proxy manager?⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
They serve two different purposes. You can have one, both or neither. Sorry if you already know all this below but thought it might be good to explain in detail.

NPM is a proxy provider so passes subdomains to the right service (e.g. service1.url.com passes to service 1 at IP x.x.x.x on port 5050). This allows you to only open one port to NPM but access other services through subdomains. I have NPM in front of myexternal apps so I can access each through a subdomain (e.g. service1.url.com). You could also use it for accessing internally if you setup your internal DNS to pass (e.g. service1.internal) to the IP address and port of your service, and set NPM only to allow access from internal IPs.

Authentik provides single sign on so instead of having different usernames and passwords for every user on every service, you have one set of users and it manages the passwords.

There are at a high level two levels of using it.

Some services have proper SSO integration so you setup Authentik to replace it’s own login system. For instance, with Nextcloud you are going to the Nextcloud homepage but it then goes out to Authentik to do the login process and once passed, Authentik will tell Nextcloud user B has successfully logged in, I vouch for them and here are their details. You can do this for internal and external access. Obviously with Nextcloud you need to login either through it’s own login system or via SSO so even if I go directly to the internal IP and port (and therefore don’t need NPM to access it), I still need Authentik to login so it knows it’s me and not my partner trying to access her account

Some services don’t have SSO integration or have no login required. For instance, I have Stirling PDF which doesn’t need user details or login. However, you don’t want to just allow anyone to access so I have setup NPM to use Authentik as a proxy pass. If I go to stirlingpdf.url.com then it sends me to Authentik to login. You can only ever get to the Stirling app if you successfully log in. You can also set Authentik so that only certain users or groups of users can access certain apps but that’s more than I need.

It does take some effort to get SSO working correctly for each service and it’s only really worth it if you do have multiple users or services that need logins.

You don’t want just NPM unless you trust the service to have a secure login.

Others will probably say, you shouldn’t have anything facing externally. You can setup Tailscale or Wireguard tunnels so you always appear to be on the local network. That way, you don’t need NPM to be open externally. However you might still want it so you can type the address service1.internal instead of 192.168.1.1:8063 each time. You probably also want Authentik to make the login shared.

In terms of network access to get them working, NPM needs to be able to access Authentik internally on your network. You could either put them on the same shared Docker network or in my case, they are both on the same server so share an internal IP. I have opened the individual ports on Docker so they can access each other internally just like I can access both from my laptop. If I’m accessing away from home, I have my domain pointing my home external network ID, port 443 open on my router pointing to my home server with NPM. NPM then “talks” to Authentik through the home network so I login through that but I don’t have to open the Authentik port externally.

In my case, in the NPM settings, instead of using the docker created network for Authentik (like 172.3.1.1 or something that might change), I use the internal IP of the machine (like 192.168.1.1:4443 {if 4443 is the Authentik port}). I also have an NPM entry auth.url.com that points to Authentik which some apps need instead of the internal address. It took some playing around to get it right but once you do, it’s essentially copy and paste for new services.
⁨Comment⁩ on ⁨I'm a US citizen, people in other countries, what do you think when you read stories like these about the US health care system?⁩ ⁨⁨8⁩ ⁨months⁩ ago⁩:
Honestly, I am so glad my parents didn’t move to the USA and moved to the UK instead. Me and my sister had several health issues including asthma, food allergies, broken bones playing sports, and as a result several hospital and doctor visits. Considering my parents were self employed shop keepers, I don’t know if we’d be alive, let alone what sort of life we would have had. Then also having to pay for college would’ve been tricky. Having so few work holidays also completely sucks!

We are now both professionals with great jobs, paying lots of taxes and volunteer a lot to try to give back. Would that be possible in the USA - I honestly have no idea! Would we move to the USA - absolutely no way! We’d both actually earn lots more money in the USA in the same role but factoring in health and happiness, it’s not worth it.

When you hear “greatest country on earth” and “the American dream”, I think anybody in Western countries really roll their eyes. It’s not a utopia here in the UK but nobody claims it to be, and stories like this just prove we are better off here.

However, we know the people themselves are great and don’t deserve this position. We feel sorry for you and wish part of your population would travel and see things for themselves to push for changes back home.

In the UK, we are terrified that we will end up in the same position as our out of touch political elite and ultra wealthy would love to copy this.
⁨Comment⁩ on ⁨Amazon Prime Video won't offer Dolby Vision and Atmos on its ad-supported plan | The company is now facing a lawsuit over its decision to charge $3 more for ad-free viewing.⁩ ⁨⁨9⁩ ⁨months⁩ ago⁩:
It never went away but lots of people I know who did all that stopped bothering.

When the range in netflix went down, fees went up and everybody launched different services, I was really thinking of sailing but it was Netflix blocking sharing that was the final straw.
⁨Comment⁩ on ⁨EU passes law to blanket highways with fast EV chargers by 2025⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:
It says in the article ‘Lightly trafficked roads or locations that just don’t make socio-economic sense can be excluded from the requirement’ for the comprehensive network.

It’ll be up to each country how they decide to implement it. In some countries the core roads are managed by a central government agency so they would need to arrange it. In others it is the the local municipalities or privatised. Some countries will offer to private companies. Others will provide it themselves. The governments would be ultimately responsible but Im sure they can manage this given they already have responsibilities about maintaining the roads and rest areas. In the worst case they might have to pay for some infrastructure themselves but can make it back with the charges.