confusedpuppy
@confusedpuppy@lemmy.dbzer0.com
- Comment on irl shiny 5 days ago:
I was staying at a hostel in Sydney and It was just me and English girl just chilling in the common area. It was sort of exposed to the outdoors since there was no doors, just an entrance. It just lead to the sheltered outdoor area but each dorm room had their own heavy door.
We both found out that day that the big roaches that roam there knew how to fly. Not well. Like it struggled to carry it’s own weight. We both had time to react and do something. We both just watched in horror as it flew right into her hair.
- Comment on Can't access exposed rootful podman container from outside of host device 2 weeks ago:
podman ps shows the following:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES daae60bdcc65 docker.io/library/caddy-caddy:latest caddy run --confi... 47 minutes ago Up 47 minutes 0.0.0.0:80->80/tcp, 0.0.0.0:5050->443/tcp, 2019/tcp, 443/udp caddy
netstat -tunpl
shows the following:Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:5025 0.0.0.0:* LISTEN 3270/sshd: /usr/sbi tcp 0 0 0.0.0.0:5050 0.0.0.0:* LISTEN 7342/conmon tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 7342/conmon tcp 0 0 10.89.0.1:53 0.0.0.0:* LISTEN 7336/aardvark-dns tcp6 0 0 :::5025 :::* LISTEN 3270/sshd: /usr/sbi udp 0 0 10.89.0.1:53 0.0.0.0:* 7336/aardvark-dns
The only difference for the netstat command between Docker and Podman is that Podman show’s entries for aardvark-dns and Docker does not which is something I expect.
- Submitted 2 weeks ago to selfhosted@lemmy.world | 5 comments
- Comment on Selfhosting Sunday - What's up to date, selfhosters? 2 weeks ago:
I finally got Caddy’s TLS working with a custom module to handle DNS challenges. Turns out all I had to do was wait 10-15 minutes and everything would sort itself out.
Now on to the next puzzle. I started with Caddy in a Docker container and it’s working as intended. Now I want to replicate that in Rootful Podman Compose but I’m running into an issue. With the exact same setup (docker-compose.yml, Dockerfile and Caddyfile) I can get my TLS cert without issue but I can’t seem to connect to my website from any external browser. Not through my domain name or even through my home’s local network.
Once I figure out how I can access my website, I’ll be one step closer to where I want to be. Next will be to get Rootless Podman working, then I can finally set up the file server and kiwix instance instead of the test page I am currently using.
After that, I can finally spend time doing what I want to do and focus my time looking into the Gemeni Protocol.
Down the road I’ll look into hosting an IRC server and Snikket instant messenger but that’s super low priority. I like tinkering with my Raspberry Pi and my constant backup/restores wouldn’t be good for reliability for such services.
- Comment on Caddy + DeSEC.io + DNS Challenge 2 weeks ago:
I sat down and managed to get wildcard certs working.
I figured I would leave my Caddyfile here in case anyone in the future needs a working reference. This is based off the Caddyfile mentioned in the original post.
Caddyfile
# GLOBAL ENCRYPTION - DESEC.IO { acme_dns desec { token “DeSEC.io Token Number” } } *.samplesite.ca { # SITE WIDE ENCRYPTION tls { dns desec { token “DeSEC.io Token Number” } } # SUB DOMAIN #1 @files host files.samplesite.ca handle @files { root * /srv file_server { hide misc browse } } # FALLBACK FOR UNHANDLED DOMAINS handle { abort } }
- Comment on Caddy + DeSEC.io + DNS Challenge 2 weeks ago:
Thanks for sharing that.
It’s nice to get extra context, it helps me understand how I can protect my devices and myself a bit better as I learn more about self hosting.
- Comment on Caddy + DeSEC.io + DNS Challenge 2 weeks ago:
Oh no, I was just about to move forward and then you gave me another rabbit hole.
I didn’t know Let’s Encrypt had a public database, that does sound like a good idea to use wildcard certs instead.
I assume this is what I can use as a reference for wildcard certs.
How do you keep track of probing? I’ve been curious about that but haven’t put much effort into that as I’ve been focused on getting things working.
- Comment on Caddy + DeSEC.io + DNS Challenge 2 weeks ago:
That worked. I can finally see the padlock that says Verified by Let’s Encrypt.
I can’t believe all I had to do was wait. Thanks so much for sharing your experience.
- Submitted 2 weeks ago to selfhosted@lemmy.world | 8 comments
- Comment on Techrights — Internet Relay Chat and Gemini Protocol Help Us Relive the Net of the Dial-Up Era 2 weeks ago:
I was considering a single user instance but I noticed just how much data was being transferred throughout the day and decided against it.
I’m drawn to IRC and Gemeni because it seems to use far less data. I’ve lately been into lowering my electrical power usage while still being able to use the internet. That also includes the type of programs my computer and devices use.
Practical or not, it’s been an interesting hobby for myself to learn.
- Comment on Techrights — Internet Relay Chat and Gemini Protocol Help Us Relive the Net of the Dial-Up Era 2 weeks ago:
It will only be for a select number of people I know and am comfortable with being there. This is going to be hosted on a Raspberry Pi so it’s not going to be set up for a large number of people.
I don’t want to moderate images or videos which is my main concern when it comes to moderation.
I read the experiences of moderators from the initial CSAM attack on Lemmy and that was already discouraging. I also spent time in PieFed’s matrix channel and hearing the additional tools being requested made me realize I just don’t want to deal with that at all.
- Comment on Techrights — Internet Relay Chat and Gemini Protocol Help Us Relive the Net of the Dial-Up Era 2 weeks ago:
I have plans to set up both an IRC server and a Gemeni site on my Raspberry Pi if I can figure out how to get security working on my preferred reverse proxy program.
The internet today is so overwhelming and all I want is the simplicity I felt when I first made my way online as a teen.
I tried hosting a lemmy/piefed instance but I soon learned that I’d have to be a moderator. After hearing stories from other moderators and seeing the types of tools required/requested by moderators, I decided that it’s just not worth the effort and loss of sanity.
- Comment on I Tried Every Todo App and Ended Up With a .txt File 3 weeks ago:
I use Tasks.org android app on my phone’s home screen that displays Appointments with 3-days before, 1-day before and 8-hours before reminders, unscheduled To-Do tasks and Shopping/Grocery needs.
All other notes are kept using Termux where I can sync my notes with my computer using rsync.
It took me at least a year to get into the habit of using my notes and reminders like that but it’s worked great so far.
The only downside to my system is that if I lose my phone, all my appointments will disappear into the void. Win some, lose some. Fortunately I keep a simple life which reduces the chances of unwanted
human contactappointments. - Comment on Your favourite piece of selfhosting - Part 1 - Operating System 4 weeks ago:
I’ve been using Alpine Linux. I’ve always leaned towards minimalism in my personal life so Alpine seems like an appropriate fit for me.
Since what is installed is intentional, I am able to keep track of changes more accurately. I keep a document for complete setup by hand, then reduce that to an install script so I can get back to the same state in a minimal amount of time if needed.
Since I only have a Laptop and two Raspberry Pi’s with no intention of expanding or upgrading, this works for me as a personal hobby.
I’ve even gone as far as to use Alpine Sway as a desktop to keep everything similar as well.
I wouldn’t recommend it for anyone who doesn’t have the time to learn. It doesn’t use systemd and packages are often split meaning you will have to figure out what additional packages you may need beyond the core package.
I appreciate the approach Alpine takes because from a security point of view, less moving parts means less surface area to exploit. In today’s social climate, who knows how or when I’ll become a target.
- Comment on What's up, selfhosters? It's self hosting Sunday! 4 weeks ago:
I finished setting up my personal computer with Sway on Alpine so now I can’t procrastinate anymore on getting TLS working with Caddy for my RPi 5.
I decided to ditch Cloudflare since using that service makes me feel uncomfortable. TLS is a bit of a pain because I am using an uncommon port so I need to do a DNS challenge. I still haven’t been able to get it working with DeSec.io but I hope maybe sometime this week.
I might look into using a tunnel service in the future but if I can figure this out, I’ll at least be able to adapt to changes in the future if I need to deal with any changing situations.
When I figure that out, I’ll look into Gemeni protocol and host something there. I don’t want anything big, just a little space of my own in the corner of the internet. Maybe I’ll look into hosting an irc server for a small group of people too.
- Comment on What are some of your favourite lesser known awesome lists that are useful for selfhosting? 1 month ago:
github.com/rothgar/awesome-tuis
It has a list of Text User Interfaces for terminals. Handy since I work in a terminal mostly with my network devices. A TUI for file management made life a lot easier for myself.
- Comment on The Way Ubuntu Boots on Raspberry Pi is Changing 1 month ago:
Sounds like what I’ve been doing manually for a while now as I learn more. For my desktop I have three scripts. One to install Alpine on full disk encryption. One for the initial setup up to the first required reboot and the last for the remaining setup plus transferring files.
I’ve been learning how to edit files with sed, cat, echo and tee commands to help automate everything from a fresh install.
Similar process for my Pi’s except I just copy-paste blocks of commands through a terminal instead of a script.
To transfer files to all their proper directories, I have a whole system for that using rsync. I basically keep a bare-bones directory tree with only the files I have worked on. Then I have an rsync command to send all those files onto the Pi’s file system in a way that retains all the files and folder’s attributes.
I wrote an rsync tool for myself to help me keep all these commands in files that I can neatly organize. I use that tool so much that it’s now my entire backup system. With a bunch of files organized with numbers, I can automate the backup of my phone, two pi’s and laptop to a partition on my laptop, then an additional copy to my external SSD in one command. And I have very high confidence in my restores since I do that frequently while testing new stuff. I also failed a lot before to get that much confidence.
I have issues with over organization if you couldn’t tell by now hahaha.
- Comment on What are the advantages/disadvantages of the different backup solutions? 1 month ago:
I personally use rsync since I do most my work by command line these days. It’s taken nearly half a year really understand it but it offers the flexibility I desire.
I have a small network with only a handful of devices. I keep all my incremental backups on encrypted partitions and encrypted detachable SSD’s which I manually decrypt. Rsync is set up to use SSH so there’s some form of encrypted transfers but that’s not actually a priority for me, just an added benefit.
I also use rsync to sync files and directories while maintaining additional system attributes across multiple systems. That is to say, what’s root or user accessible stays root or user accessible after the transfer is complete.
If I desired more protection, I’d probably look into Borg backup. Currently I just use encryption as an annoyance deterrence method. I also stick to the base Rsync command because every other option I tried brought with it complexities which have all failed me. I at least have a high level confidence in my backup/restore process now.
- Comment on The Way Ubuntu Boots on Raspberry Pi is Changing 1 month ago:
How do you think Ansible can help me? I’ve read about it a few times but it’s hard for me to understand it’s actual usage without spending time playing with it.
I can possibly look into it a bit more in the future. I’ve got a few things I’m working on like learning how to do TLS with Caddy so I can reduce my dependency with Cloudflare.
- Comment on The Way Ubuntu Boots on Raspberry Pi is Changing 1 month ago:
I haven’t tried arch at all. I used Linux Mint for a year, LMDE for a year and only really started working with command line since last December. I think I chose to try Alpine because I wanted my web facing devices to have the least amount of software installed. Security-wise it made sense to me to have less surface area to exploit.
It took a bit extra effort for me to learn how to use OpenRC as the init system. As well as learning Linux from a bare bones linux perspective.
I actually found using Busy-box Ash interesting to work with and that’s the only shell I currently use. I even wrote a whole script around Rsync in a POSIX friendly way because I liked the idea portable scripting.
If you’re interested, I can send you a link that contains the setup notes for my server. It’s about 85% of my setup process, the rest being some files that are mostly customization that I rsync into place towards the end of the setup process. That can give you an idea of what Alpine on ARM is like.
- Comment on The Way Ubuntu Boots on Raspberry Pi is Changing 1 month ago:
I can appreciate that about Debian. Common tools and stability can be both convinient and reliable. Learning linux is already overwhelming with choices.
Even though I use Alpine for all my Pi boards and laptop, I keep a live usb partition of Linux Mint Debian Edition as my emergency backup. It just works.
- Comment on The Way Ubuntu Boots on Raspberry Pi is Changing 1 month ago:
My frustration with Raspberry Pi OS is that the packages available were constantly out of date. Some were 2 to 3 years out of date.
I eventually started using Alpine linux on my Pi boards and have been happy since then. Now I can use the latest Docker and Podman packages without manually adding new repositories.
If I didn’t prefer Alpine’s minimal approach, I would have probably gone with Debian because of it’s history in stability.
- Comment on What is the best way to sync images to my NAS? 1 month ago:
I can’t remember a time where I didn’t have issues with syncing apps. They always just seem to stop working and it’s always frustrated me. It feels like to me there’s too much complexity under the hood and it exhausts me when something goes wrong.
As a result I’ve been using
rsync
commands as a way to sync files and folders. After the initial setup, I haven’t experienced any issues and it’s been consistent and reliable. I even created my own tool which simplifies eachrsync
command into a file for easier syncing/restoring of my data. I use it to sync between my laptop, android phone using Termux terminal and my two Raspberry Pi’s.Rsync does have limitations like not being able to do two-way syncing but for my usage I am okay with that. I’m generally backing up data in most cases. Rsync does offer more flexibility since it’s a command line tool so I’m able to create backups of my entire system or sync specific files and folders. I can also set up cron jobs to have syncs performed periodically but I mainly do all my syncing manually because I like to see where all my data is moving.
As long as all my devices have static IP addresses within the network and I don’t mess around with any directory names/locations, everything just works and I’ve had a lot less headaches managing my data and backups. I also have a lot more confidence in my backup/restore process when compared to when I used other syncing programs/apps in the past.
- Comment on Hosting a Web server on a RPi Model B 1 month ago:
I have a few small services I’ve been hosting on a Raspberry Pi 5 but ever since I saw a list of no JavaScript/CSS/HTML sites, I’ve been interested in hosting some simple pages just for myself. I’ll probably look into something that can create simple pages with markdown because it’s something simple that I’m already comfortable with.
- Comment on Docker Backup Stratagy 2 months ago:
I created my own script/tool using rsync to handle backups and transferring data.
My needs are quite smaller with just a computer and two Raspberry Pi’s but I found rsync to be really useful overall.
My backup strategy is to make a complete backup on the local device (Computer / RPi4 / RPi5) then copy all those backups to a Storage partition on my computer, then make a whole backup from the partition to an externally attached SSD.
The RPi’s both use docker/podman containers so I make sure any persistent data is in mounted directories. I usually stop all containers before performing a backup, especially things with databases.
Everything in the docker containers is either hit or miss when it comes to restoring. The simple docker images restore as it they were untouched and will launch like nothing happened. I have a PieFed instance that must be rebuilt after restoring a backup. Since PieFed’s persistent data is in mount points, everything works perfectly after a fresh build.
I can send a link to my rsync tool if that’s any interest to anyone. I’ve found it super useful for backups and minimizes so much headache for myself when it comes to transferring files between different network connected devices.
- Comment on No JS, No CSS, No HTML: online "clubs" celebrate plainer websites 2 months ago:
Maybe it’s something sightly outside no js/ccs/html but I am curious if there are any super minimal social media sites.
I want to do something locally within my town and it would be nice to host something simple and tiny with my raspberry pi as the server.
I’m assuming bulletin boards are quite minimal in comparison to other types of social media but I’ve never been a fan of how they handle previous replies with those boxed quotes.
I’ve also been nostalgic for irc lately. Everything on the internet these days has become overwhelming. Over the past 1.5 years I’ve been turning to simplicity and it’s a craving I that’s hard to ignore.
- Comment on tattoo printer 2 months ago:
I think I’ve worked in automation long enough to feel super uncomfortable with the idea of a tattoo print machine being anywhere near my body.
Even if I had a kill switch in hand, it still makes me uncomfortable. In general machines don’t care about fleshy bits at all. If something happens, for example a sensor ages and becomes defective, the printer has the potential to cause serious harm.
I probably also hold a bit of bias, I prefer the imperfections of human, hand made art over digitized perfection from machines.
- Comment on Do people confuse your nationality? 2 months ago:
I was born in Canada and was essentially raised Canadian. Both my bio parents were born in Guyana. Go back in history and their relatives were from India. My stepdad is from a Scottish background.
In Canada I lived in a city with a noticeable Indian and Pakistani population. People there assume I am Indian.
When I travelled Europe, everyone assumed I was African, French or French Canadian. I can’t speak French. In Germany, people assumed I was German or Muslim. I know being Muslim isn’t a nationality but the Turkish people in Berlin would greet me all the time. While I was in Australia, I was just treated like I was exotic… Yeah… And in Cuba, people thought I was Cuban. Luckily I had a pasty white, Spanish speaking Californian guy with me for a short time to speak to the locals.
It’s such a trip what people assume about me. Even more trippy with the amount of people who thought I was a local when I was abroad in Europe, especially in Germany where I only had a year with a work/travel visa.
Even though I have no pride in being Canadian, that’s what I am. That’s the culture I was born in and raised up as. The people who ask “Where are you from? No, where are you really from?” Tend to be closed minded people who I actively avoid.
- Comment on Where Have All My Deep Male Friendships Gone? 3 months ago:
I met someone at a Halloween party last year. She’s queer. In the short time we’ve known each other, we’ve become very close.
We seem to have similar minds and are very generous with the space we give each other when it comes to being ourselves. Not physical space but in an understanding way. For example, I know she’s terrible at time management so I never pressure her for being late but I’m also able to do things that can encourage her to be less late. She ends up spending more time doing the things she enjoys without the pressures or guilt of being late.
That sort of space has created this feeling of comfort and safety between us. She feels safe and comfortable with me and shows it all the time. She tells me she loves me all the time. She gives me the tightest hugs all the time. She rests her head on my shoulders or leans into me while we are sitting next to each other. None of this is sexual but it is very much full of love. Other people seem to notice too. Some people have called us cute. Others just seem to smile more and are happier when we are around. It feels really nice.
As a person who is very difficult to touch and does not touch other people very often, this has been such a different experience for me. I like it though, it feels so cozy. I wish had more of this throughout my life. I wish others had more of this throughout their lives.
To me it feels as though modern, north American expectations around love are too much and too high. There’s so many ways to feel and express love. Love doesn’t need to end with sex and marriage. There doesn’t need to be an end goal. It can just be love. I’m very greatful to have met someone who can express their love so freely. It gives me a chance to learn more.
- Comment on Where Have All My Deep Male Friendships Gone? 3 months ago:
I’ve struggled my entire life with male friends. They all seemed to really appreciate how I would listen to them and their problems. Yet when it came time for me to open up, they would just turn the conversation back to about themselves or just skip past what I was trying to talk about.
I’ve never been competitive and rarely had the energy to make myself heard. It all felt so shallow and there was no depth to these relationships. It didn’t feel worth the effort to put up a with the fight.
I’m very fortunate that a number of women, who have come and gone in my life, were able to listen or guide me in so many important ways. Even with my newest friend, she has been showing me new ways to open up and feel safe.
It makes me a bit sad that I’ve never really had men in my life who could show me how to open up the same way women have. It would be so much easier to relate since we would have similar experiences growing up as men. With my female friends, I can only relate with them so far. They are women, I am not.
The hurtful things that men have said to me and the hurtful things they have done to me makes it incredibly hard for me to make male friends now. I wish that weren’t the situation. I absolutely crave variety, diversity and connection.