Scholars_Mate
@Scholars_Mate@lemmy.world
- Comment on Jellyfin on rootles docker access to encrypted drive 2 weeks ago:
If you’re worried enough to encrypt the drive, you shouldn’t be auto mounting it.
This really depends on your threat model. If you are only concerned about the drive getting stolen, or wanting to keep the data on it private if you need to RMA the drive, mounting it automatically on boot with a key stored on the rootfs can be perfectly fine. If you are a journalist in a hostile country and protecting your sources from state level actors is a matter of life and death, then yeah, this would be woefully insufficient.
- Comment on Framework’s first desktop is a strange—but unique—mini ITX gaming PC 2 months ago:
Apparently Framework did try to get AMD to use LPCAMM, but it just didn’t work from a signal integrity standpoint at the kind of speeds they need to run the memory at.
- Comment on How do I give Jellyfin permanent access to an external drive? 2 months ago:
What filesystem are you using on the external drive? If it is NTFS or FAT, they won’t store permissions on the filesystem, which would explain why the owner/group changes are not persistent. To fix that, you can set the uid/gid on mount in your fstab.
/dev/mapper/YOUR_DRIVE /path/to/mnt <fstype> rw,uid=<jellyfin_uid>,gid=<jellyfin_gid>,dmask=0002,fmask=0113 - Comment on I've set up docker services behind nginx proxy manager so they're accessible with https, but the http services are still open. How do I close them? 3 months ago:
Are you using the default bridge? I have a similar setup (with Traefik instead of NPM), and for each compose file am using separate networks for the internet, proxy, and backend services.
services: some_service: ... networks: - frontend_network - proxy_network - backend_network backend_service: ... networks: - backend_network networks: frontend_network: driver: "bridge" proxy_network: driver: "bridge" internal: true backend_network: driver: "bridge" internal: true