confusedpuppy
@confusedpuppy@lemmy.dbzer0.com
- Comment on Looking for a simple personal homepage 2 days ago:
I found BashWrite which is just a very simple static site generator written completely in
bashas a single file script.The only dependency is having an up-to-date
sedcommand which most systems should have. I use Alpine Linux which comes with a minimalsedcommand so I had to download the full command through my package manager.It’s simple, basic and had support for the majority of markdown formatting. There’s some limitations due to it being written in Bash only but I am personally okay with that.
I found it on this list of static site generators if you’re curious to see more options.
- Comment on Selfhosting Sunday! What's up? 2 days ago:
It looks interesting and seems like it would be easy to set up. I’ll play with it and see how I like it. Thanks for the suggestion
- Comment on Selfhosting Sunday! What's up? 3 days ago:
Since my logs barely move, I just made aliases to where the logs are so it’s quick display and scan them within the terminal. I’m basically just viewing the system logs, fail2ban log and Caddy’s log so it’s fairly quick and simple for me.
The only change I’d like to do is change the output of Caddy’s log file so it’s not a long single line of information per output. I’ll have to do a bit more reading on that so I know what information I want to keep and how I want to visually organize it. At least for the moment, I am familiarising myself with what I am looking at and am slowly figuring out what information is relevant to me.
I like to keep my systems as simple and lean as possible which seems to strongly reflect my general approach to life. I find that kind of interesting.
- Comment on Selfhosting Sunday! What's up? 3 days ago:
I feel like my little Pi server is set up nicely now. At least I’m at the point where I’m not concerned about technically maintaining it. It’s as secure as I want it to be and I’ve tweaked my maintenance scripts slightly to avoid any unexpected issues.
I tried installing snikket but I couldn’t figure out how to get it to work with my Caddyfile using my current wildcard domain cert configuration. I’ll try again another time when I’m motivated again. It’s a low priority to me.
The last changes I made were adding logs and making them accessible to myself. So far they are all boring and predictable. Which is good news. It’s also nice to see that I’m the only person accessing it. The bots haven’t found my little corner of the internet yet.
Right now I’m taking a break from self-hosted stuff to work on my gardens and two artsy projects. A wooden carving for a friend’s birthday and an overly complicated shell script that has no real purpose. Although I’ve learned lots from it already so it’s not a complete waste of time.
- Comment on Data Backup Solutions 2 weeks ago:
I use rsync too. It’s older and from what I understand was designed at a time when data storage was much smaller so it may not be as fast as other backup options. It also doesn’t have encrypted backups like other backup options (I think).
Rsync has been the most reliable option for me though. Every syncing option I’ve tried seems too complicated and breaks down every time I look away. Since my entire backup size is around 550gb and I’m not concerned with encrypted backups, I think rsync just works just fine.
I even created my own tool that puts my rsync commands into easy to read/modify files so I can organize my most common transfers. I can easily backup my phone, HomeAssistant server, home server and computer to my two backup locations in a single alias or cronjob now.
A bit of a pain to learning how to make proper backups that restore successfully every time, but once I figured it out, I’ve been very confident in my backup strategy.
- Comment on Selfhosting Sunday - slrpnk edition 2 weeks ago:
I was planning on using weechat and the relay extension for a simple, all-in-one package. Currently I just use IRC for tech support, especially with Alpine linux.
Biboumi seems like a good idea if I wanted to set up a server and I’ll keep it bookmarked. I’m still back and forth about an IRC server so that idea has gone into the bonus category for now. I think Snikket would be a service that’s far more accessible and easier to share with the people I want using it.
I do like that it has xmpp support. I assume it would go well with Snikket.
- Comment on Selfhosting Sunday - slrpnk edition 2 weeks ago:
I’ve decided to stop using Podman for the moment since it was not allowing me internet to access my services. I’ll try again later when the motivation comes back.
Other than that, I’ve been slowly working on security, reliability and maintenance. For the moment I am happy with my device’s own security which I just finished last week. If I need extra securitybat this point, it will most likely be from a third party service but I don’t intend on having a known presence so I may get by just being unknown and obscure.
Ddclient on Alpine linux works very strangely so I made a script to check that it’s still updating my IP address and force restart it if necessary. Combined it with my targetted backups script to make the beginning of a maintenance script.
The last two steps are to setup an IRC client + IRC bouncer and a Snikket service and I’ll be happy. Anything I add after that is simply a bonus I can tinker with for fun but I’m looking forward writing for my blog without technical issues floating in the back of my mind.
- Comment on irl shiny 3 weeks ago:
I was staying at a hostel in Sydney and It was just me and English girl just chilling in the common area. It was sort of exposed to the outdoors since there was no doors, just an entrance. It just lead to the sheltered outdoor area but each dorm room had their own heavy door.
We both found out that day that the big roaches that roam there knew how to fly. Not well. Like it struggled to carry it’s own weight. We both had time to react and do something. We both just watched in horror as it flew right into her hair.
- Comment on Can't access exposed rootful podman container from outside of host device 5 weeks ago:
podman ps shows the following:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES daae60bdcc65 docker.io/library/caddy-caddy:latest caddy run --confi... 47 minutes ago Up 47 minutes 0.0.0.0:80->80/tcp, 0.0.0.0:5050->443/tcp, 2019/tcp, 443/udp caddy
netstat -tunplshows the following:Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:5025 0.0.0.0:* LISTEN 3270/sshd: /usr/sbi tcp 0 0 0.0.0.0:5050 0.0.0.0:* LISTEN 7342/conmon tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 7342/conmon tcp 0 0 10.89.0.1:53 0.0.0.0:* LISTEN 7336/aardvark-dns tcp6 0 0 :::5025 :::* LISTEN 3270/sshd: /usr/sbi udp 0 0 10.89.0.1:53 0.0.0.0:* 7336/aardvark-dns
The only difference for the netstat command between Docker and Podman is that Podman show’s entries for aardvark-dns and Docker does not which is something I expect.
- Submitted 5 weeks ago to selfhosted@lemmy.world | 5 comments
- Comment on Selfhosting Sunday - What's up to date, selfhosters? 5 weeks ago:
I finally got Caddy’s TLS working with a custom module to handle DNS challenges. Turns out all I had to do was wait 10-15 minutes and everything would sort itself out.
Now on to the next puzzle. I started with Caddy in a Docker container and it’s working as intended. Now I want to replicate that in Rootful Podman Compose but I’m running into an issue. With the exact same setup (docker-compose.yml, Dockerfile and Caddyfile) I can get my TLS cert without issue but I can’t seem to connect to my website from any external browser. Not through my domain name or even through my home’s local network.
Once I figure out how I can access my website, I’ll be one step closer to where I want to be. Next will be to get Rootless Podman working, then I can finally set up the file server and kiwix instance instead of the test page I am currently using.
After that, I can finally spend time doing what I want to do and focus my time looking into the Gemeni Protocol.
Down the road I’ll look into hosting an IRC server and Snikket instant messenger but that’s super low priority. I like tinkering with my Raspberry Pi and my constant backup/restores wouldn’t be good for reliability for such services.
- Comment on Caddy + DeSEC.io + DNS Challenge 5 weeks ago:
I sat down and managed to get wildcard certs working.
I figured I would leave my Caddyfile here in case anyone in the future needs a working reference. This is based off the Caddyfile mentioned in the original post.
Caddyfile
# GLOBAL ENCRYPTION - DESEC.IO { acme_dns desec { token “DeSEC.io Token Number” } } *.samplesite.ca { # SITE WIDE ENCRYPTION tls { dns desec { token “DeSEC.io Token Number” } } # SUB DOMAIN #1 @files host files.samplesite.ca handle @files { root * /srv file_server { hide misc browse } } # FALLBACK FOR UNHANDLED DOMAINS handle { abort } } - Comment on Caddy + DeSEC.io + DNS Challenge 5 weeks ago:
Thanks for sharing that.
It’s nice to get extra context, it helps me understand how I can protect my devices and myself a bit better as I learn more about self hosting.
- Comment on Caddy + DeSEC.io + DNS Challenge 5 weeks ago:
Oh no, I was just about to move forward and then you gave me another rabbit hole.
I didn’t know Let’s Encrypt had a public database, that does sound like a good idea to use wildcard certs instead.
I assume this is what I can use as a reference for wildcard certs.
How do you keep track of probing? I’ve been curious about that but haven’t put much effort into that as I’ve been focused on getting things working.
- Comment on Caddy + DeSEC.io + DNS Challenge 5 weeks ago:
That worked. I can finally see the padlock that says Verified by Let’s Encrypt.
I can’t believe all I had to do was wait. Thanks so much for sharing your experience.
- Submitted 5 weeks ago to selfhosted@lemmy.world | 8 comments
- Comment on Techrights — Internet Relay Chat and Gemini Protocol Help Us Relive the Net of the Dial-Up Era 5 weeks ago:
I was considering a single user instance but I noticed just how much data was being transferred throughout the day and decided against it.
I’m drawn to IRC and Gemeni because it seems to use far less data. I’ve lately been into lowering my electrical power usage while still being able to use the internet. That also includes the type of programs my computer and devices use.
Practical or not, it’s been an interesting hobby for myself to learn.
- Comment on Techrights — Internet Relay Chat and Gemini Protocol Help Us Relive the Net of the Dial-Up Era 5 weeks ago:
It will only be for a select number of people I know and am comfortable with being there. This is going to be hosted on a Raspberry Pi so it’s not going to be set up for a large number of people.
I don’t want to moderate images or videos which is my main concern when it comes to moderation.
I read the experiences of moderators from the initial CSAM attack on Lemmy and that was already discouraging. I also spent time in PieFed’s matrix channel and hearing the additional tools being requested made me realize I just don’t want to deal with that at all.
- Comment on Techrights — Internet Relay Chat and Gemini Protocol Help Us Relive the Net of the Dial-Up Era 5 weeks ago:
I have plans to set up both an IRC server and a Gemeni site on my Raspberry Pi if I can figure out how to get security working on my preferred reverse proxy program.
The internet today is so overwhelming and all I want is the simplicity I felt when I first made my way online as a teen.
I tried hosting a lemmy/piefed instance but I soon learned that I’d have to be a moderator. After hearing stories from other moderators and seeing the types of tools required/requested by moderators, I decided that it’s just not worth the effort and loss of sanity.
- Comment on I Tried Every Todo App and Ended Up With a .txt File 1 month ago:
I use Tasks.org android app on my phone’s home screen that displays Appointments with 3-days before, 1-day before and 8-hours before reminders, unscheduled To-Do tasks and Shopping/Grocery needs.
All other notes are kept using Termux where I can sync my notes with my computer using rsync.
It took me at least a year to get into the habit of using my notes and reminders like that but it’s worked great so far.
The only downside to my system is that if I lose my phone, all my appointments will disappear into the void. Win some, lose some. Fortunately I keep a simple life which reduces the chances of unwanted
human contactappointments. - Comment on Your favourite piece of selfhosting - Part 1 - Operating System 1 month ago:
I’ve been using Alpine Linux. I’ve always leaned towards minimalism in my personal life so Alpine seems like an appropriate fit for me.
Since what is installed is intentional, I am able to keep track of changes more accurately. I keep a document for complete setup by hand, then reduce that to an install script so I can get back to the same state in a minimal amount of time if needed.
Since I only have a Laptop and two Raspberry Pi’s with no intention of expanding or upgrading, this works for me as a personal hobby.
I’ve even gone as far as to use Alpine Sway as a desktop to keep everything similar as well.
I wouldn’t recommend it for anyone who doesn’t have the time to learn. It doesn’t use systemd and packages are often split meaning you will have to figure out what additional packages you may need beyond the core package.
I appreciate the approach Alpine takes because from a security point of view, less moving parts means less surface area to exploit. In today’s social climate, who knows how or when I’ll become a target.
- Comment on What's up, selfhosters? It's self hosting Sunday! 1 month ago:
I finished setting up my personal computer with Sway on Alpine so now I can’t procrastinate anymore on getting TLS working with Caddy for my RPi 5.
I decided to ditch Cloudflare since using that service makes me feel uncomfortable. TLS is a bit of a pain because I am using an uncommon port so I need to do a DNS challenge. I still haven’t been able to get it working with DeSec.io but I hope maybe sometime this week.
I might look into using a tunnel service in the future but if I can figure this out, I’ll at least be able to adapt to changes in the future if I need to deal with any changing situations.
When I figure that out, I’ll look into Gemeni protocol and host something there. I don’t want anything big, just a little space of my own in the corner of the internet. Maybe I’ll look into hosting an irc server for a small group of people too.
- Comment on What are some of your favourite lesser known awesome lists that are useful for selfhosting? 2 months ago:
github.com/rothgar/awesome-tuis
It has a list of Text User Interfaces for terminals. Handy since I work in a terminal mostly with my network devices. A TUI for file management made life a lot easier for myself.
- Comment on The Way Ubuntu Boots on Raspberry Pi is Changing 2 months ago:
Sounds like what I’ve been doing manually for a while now as I learn more. For my desktop I have three scripts. One to install Alpine on full disk encryption. One for the initial setup up to the first required reboot and the last for the remaining setup plus transferring files.
I’ve been learning how to edit files with sed, cat, echo and tee commands to help automate everything from a fresh install.
Similar process for my Pi’s except I just copy-paste blocks of commands through a terminal instead of a script.
To transfer files to all their proper directories, I have a whole system for that using rsync. I basically keep a bare-bones directory tree with only the files I have worked on. Then I have an rsync command to send all those files onto the Pi’s file system in a way that retains all the files and folder’s attributes.
I wrote an rsync tool for myself to help me keep all these commands in files that I can neatly organize. I use that tool so much that it’s now my entire backup system. With a bunch of files organized with numbers, I can automate the backup of my phone, two pi’s and laptop to a partition on my laptop, then an additional copy to my external SSD in one command. And I have very high confidence in my restores since I do that frequently while testing new stuff. I also failed a lot before to get that much confidence.
I have issues with over organization if you couldn’t tell by now hahaha.
- Comment on What are the advantages/disadvantages of the different backup solutions? 2 months ago:
I personally use rsync since I do most my work by command line these days. It’s taken nearly half a year really understand it but it offers the flexibility I desire.
I have a small network with only a handful of devices. I keep all my incremental backups on encrypted partitions and encrypted detachable SSD’s which I manually decrypt. Rsync is set up to use SSH so there’s some form of encrypted transfers but that’s not actually a priority for me, just an added benefit.
I also use rsync to sync files and directories while maintaining additional system attributes across multiple systems. That is to say, what’s root or user accessible stays root or user accessible after the transfer is complete.
If I desired more protection, I’d probably look into Borg backup. Currently I just use encryption as an annoyance deterrence method. I also stick to the base Rsync command because every other option I tried brought with it complexities which have all failed me. I at least have a high level confidence in my backup/restore process now.
- Comment on The Way Ubuntu Boots on Raspberry Pi is Changing 2 months ago:
How do you think Ansible can help me? I’ve read about it a few times but it’s hard for me to understand it’s actual usage without spending time playing with it.
I can possibly look into it a bit more in the future. I’ve got a few things I’m working on like learning how to do TLS with Caddy so I can reduce my dependency with Cloudflare.
- Comment on The Way Ubuntu Boots on Raspberry Pi is Changing 2 months ago:
I haven’t tried arch at all. I used Linux Mint for a year, LMDE for a year and only really started working with command line since last December. I think I chose to try Alpine because I wanted my web facing devices to have the least amount of software installed. Security-wise it made sense to me to have less surface area to exploit.
It took a bit extra effort for me to learn how to use OpenRC as the init system. As well as learning Linux from a bare bones linux perspective.
I actually found using Busy-box Ash interesting to work with and that’s the only shell I currently use. I even wrote a whole script around Rsync in a POSIX friendly way because I liked the idea portable scripting.
If you’re interested, I can send you a link that contains the setup notes for my server. It’s about 85% of my setup process, the rest being some files that are mostly customization that I rsync into place towards the end of the setup process. That can give you an idea of what Alpine on ARM is like.
- Comment on The Way Ubuntu Boots on Raspberry Pi is Changing 2 months ago:
I can appreciate that about Debian. Common tools and stability can be both convinient and reliable. Learning linux is already overwhelming with choices.
Even though I use Alpine for all my Pi boards and laptop, I keep a live usb partition of Linux Mint Debian Edition as my emergency backup. It just works.
- Comment on The Way Ubuntu Boots on Raspberry Pi is Changing 2 months ago:
My frustration with Raspberry Pi OS is that the packages available were constantly out of date. Some were 2 to 3 years out of date.
I eventually started using Alpine linux on my Pi boards and have been happy since then. Now I can use the latest Docker and Podman packages without manually adding new repositories.
If I didn’t prefer Alpine’s minimal approach, I would have probably gone with Debian because of it’s history in stability.
- Comment on What is the best way to sync images to my NAS? 2 months ago:
I can’t remember a time where I didn’t have issues with syncing apps. They always just seem to stop working and it’s always frustrated me. It feels like to me there’s too much complexity under the hood and it exhausts me when something goes wrong.
As a result I’ve been using
rsynccommands as a way to sync files and folders. After the initial setup, I haven’t experienced any issues and it’s been consistent and reliable. I even created my own tool which simplifies eachrsynccommand into a file for easier syncing/restoring of my data. I use it to sync between my laptop, android phone using Termux terminal and my two Raspberry Pi’s.Rsync does have limitations like not being able to do two-way syncing but for my usage I am okay with that. I’m generally backing up data in most cases. Rsync does offer more flexibility since it’s a command line tool so I’m able to create backups of my entire system or sync specific files and folders. I can also set up cron jobs to have syncs performed periodically but I mainly do all my syncing manually because I like to see where all my data is moving.
As long as all my devices have static IP addresses within the network and I don’t mess around with any directory names/locations, everything just works and I’ve had a lot less headaches managing my data and backups. I also have a lot more confidence in my backup/restore process when compared to when I used other syncing programs/apps in the past.