N0x0n

@N0x0n@lemmy.ml

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:

50 AI generated website that give a similar bulletpoint presentation of what search item X is according to the AI that generated the site.

Yeah that’s what I meant by “random” shit ! 😁
⁨Comment⁩ on ⁨⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
Ohoho? That’s interesting. I don’t have the horse power to selfhost an AI, but that’s good to know !

Thanks for the pointer !!!
⁨Comment⁩ on ⁨⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
Yeah you’re right ! However, ages ago, I still remember how you could go to page 20+ and still find some really interesting things !

Here, past page 2 it’s just some random shit…
⁨Comment⁩ on ⁨Best way to browse and share files between hoarders?⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
The documentation gives me yt-dlp PTSD 😶
⁨Comment⁩ on ⁨Decreasing Certificate Lifetimes to 45 Days⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
3 letter organisms: NSA - CIA. People tend to think that as conspiracy theory… Even though we have so many real life examples about how the US and the 3 letters agencies have their hands all over the web and privacy and encryption is just a wet dream !
⁨Comment⁩ on ⁨⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
I used to self-host searxng for a while, but somehow the search results where always off and mixed with to much non-relevant results :/.

It’s not about searxng itself… Rather how the most relevant info gets drown into AI slope and non-sense bullshit. The best blogposts/info are transmitted from people to people…

I’m kinda sad to admit that stupid AI “solved” this issue and had better results :/
⁨Comment⁩ on ⁨Finding a private self hosted Google Photos alternative that doesn’t profit from my photos⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
For those who want a minimal no bullshit alternative: lychee is your best bet !
⁨Comment⁩ on ⁨!@$& Homelab Networking⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Yeah, same here ! Can’t believe how useful it is to have a git repo to keep track of changes, even as a non coder/sysadmin.

Simple pull/push commands and I’m now able to keep track of my bash scripts and specific .dot/config files.

To bad there isn’t a way to keep side notes a la Obsidian. Comments in the code are okay, but sometimes I wan’t to breakup the whole command with some notes to get a better understanding !
⁨Comment⁩ on ⁨Tempus v4.2.4 android subsonic client release⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Why is the Tempus logo green on the phone’s homescreen but red in the application itself? Is this to differentiate the “degoogled version”?

Btw, thanks for keeping Tempo alive !
⁨Comment⁩ on ⁨⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Oh yeah I was aware that it won’t change from 1080 to 720 :p.

But I thought the movie would just be corrupted an unplayable not lose quality bits !
⁨Comment⁩ on ⁨⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:

start to lose quality

Wait… That’s a thing? You can lose video quality off a video file on a HD over time?
⁨Comment⁩ on ⁨Promised myself I will support them after they go stable. They kept their promise and so did I⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Yeah :) Maybe give lychee a try :) it’s minimalistes and does one thing, but it does it well !!!
⁨Comment⁩ on ⁨Reducing Homelab Laptop energy consumption⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Oh nice tip, thank you ! It won’t be that much of a difference I guess, but why would you let a wifi module on if it’s never used !
⁨Comment⁩ on ⁨Google flags Immich sites as dangerous⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Thanks for sharing this nice blocklist :)
⁨Comment⁩ on ⁨Linkwarden downloaded the whole flipping Internet ...⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Same here ! Although, sftpgo is a bit overkill if you only need it for webdav !
⁨Comment⁩ on ⁨Custom Firewall⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
I still need to find a “$35 Raspberry Pi” 🤣
⁨Comment⁩ on ⁨[Question] Visual feedback of my Linux homelab setup/system?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
This seems cool and is not off topic at all :) It does seem to answer to my “question” and seems a nice thing to have :) However, someone suggested Terraform but after some reading it’s not the tool I was looking for… Ansible seems more the like I guess ! But coolify seems also very interesting ! Different and more similar to my current setup.

I think Terraform, Ansible, Tofu are the next generation tool to solve my current issue… They are declarative tools ! But I don’t want to rush things and have another dead setup lying arround !

Thanks for your reply !
⁨Comment⁩ on ⁨issues setting up nginx as an https proxy⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
This is indeed similar ! And looks like a working certificate :) (You even use as .csr file).

The book adds something (Not very useful but kinda neat to have): a certificate revocation setup and an IntermediateCA signed by your rootCA. So you can keep your rootCA out of your system :)
⁨Comment⁩ on ⁨issues setting up nginx as an https proxy⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
(Thanks to darkan15 for explaining that).

I have to look at his answer to have a better understanding :P

The diagram would be useful. Considering that rn I’m losing my mind between man pages.

I’m working on it right now :) I’m a bit overwhelmed with my own LAN setup, and trying to get some feedback from other users :P

As for the book… I can’t accept. Just give me the name/ISBN and I’ll provide myself. Still. Thanks for the offer.

Good. If you have the money to spare please pay for it otherwise you know the drill :) (Myself I’m not able to pay the author so it’s kinda hypocrite on my end… But doing some publicity is also some kind of help I guess?)

Demystifying Cryptography with OpenSSL 3 . 0 by Alexei Khlebnikov <packt>

ISBN: 978-1-80056-034-5

It’s very well written, even as a non-native it was easy to follow :). However, let me give you something along the road, something that will save you hours of looking around the web :) !

Part 5, Chapter 12: Running a mini-CA is the part you’re interested in and that’s the part I used to create my server certificates.

HOWEVER: When he generates the private keys, he uses the ED448 algorithm, which is not going to work for SSL certificates because not a single browser accepts them right now (same thing goes for Curve25519). Long story short, If you don’t want to depend on NIST curves (NSA) fall back to RSA in your homelab ! If you are interested in that story go to p123:

Brainpool curves are proposed by the Brainpool workgroup, a group of cryptographers that were dissatisfied with NIST curves because **NIST curves were not verifiably randomly generated, so they may have intentionally or accidentally weak security. **

Here is a working example for your certificates:

Book:
```
$ mkdir private
$ chmod 0700 private
$ openssl genpkey \
    -algorithm ED448 \
    -out private/root_keypair.pem
```
But should be:
```
$ mkdir private
$ chmod 0700 private
$ openssl genpkey \
    -algorithm RSA \
    -out private/root_keypair.pem
```
You have to use RSA or whatever curve you prefer but accepted by your browser for EVERY key you generate !

Other than that, it’s a great reading book :) And good study material for cryptography introduction !
⁨Comment⁩ on ⁨[Question] Visual feedback of my Linux homelab setup/system?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Sorry, what do you mean by physical/logical diagrams :S! You mean something like Excalidraw ?

I did It for sometimes, but If I do some changes in my setup I always have to keep that update also… So I have to think about it… I do like drawing those diagrams, but keeping those updated is sometimes not directly possible and I can get forgetful !
⁨Comment⁩ on ⁨[Question] Visual feedback of my Linux homelab setup/system?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Thanks for the pointer :). I’m more into open source, so TrueNAS is maybe more fitting, however I’m not sure I do understand it right… Those are OSes? Not some application I can host in a container right? More like Proxmox ?
[Question] Visual feedback of my Linux homelab setup/system?
Submitted ⁨⁨2⁩ ⁨months⁩ ago⁩ to ⁨selfhosted@lemmy.world⁩ | ⁨10⁩ ⁨comments⁩
⁨Comment⁩ on ⁨issues setting up nginx as an https proxy⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Sorry I didn’t respond earlier :S !

To let me access the services both from the desktop and the laptop. I’d need to have two DNS resolvers, since for the laptop it needs to resolve to the 192.168.0.* address of the homelab router. While for the desktop it needs to resolve directly to the 10.0.0.* address of the server.

I’m not entirely sure if I get what you mean here. If you have a central DNS resolver like pihole In your LAN it can resolve to whatever is there. I have a pihole which resolve to itself (can access it as pihole.home.lab) and resolves to my server’s reverse proxy, which handles all the port shenanigan and services hosted on my server. I think I can try to make a diagram to show how it works in my LAN right now, not sure if this can be helpful by any mean, but this would allow me to have a more visual feedback of my own LAN setup :P. However, I do use Traefik as my reverse proxy for my docker containers, so I won’t apply to nginx and I’m not sure if this is possible (It probably is, but nginx is a mystery for me xD)

Also, little question. If I do manage to set it up with subdomains. Will all the traffic still go through port 1403? Since the main reason I wanted to setup a proxy was to not turn the homelab’s router into Swiss cheese.

Your proxy should handle all the port things. Your proxy listens to all :80 :443 Incoming traffic and “routes” to the corresponding service and it’s ports.

While I do have my self-learned self-hosted knowledge, I’m not an IT guy, so I may be mistaken here and there. However, I can give you a diagram on How it works on my setup right now and also gift you a nice ebook to help you setup your mini-CA for your lan :)
⁨Comment⁩ on ⁨issues setting up nginx as an https proxy⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Subpaths are things of the past (kinda) ! SSL wildcards are going to be a life saver in your homelab !

I have a self-signed rootCA + intermediateCA which are signing all my certificates for my services. But wait… It can get easier just put a wildcard domain for your homelab (*.home.lab) and access all your services in your lan with a DNS provider (pihole will be your friend!).

Here is an very simplified example:
1. Create a rootCA (certificate authority) and put that on every device (Pc, laptop, android, iphone, tv, box…)
2. Sign a server certificate with that rootCA for the following wildcard domaine: *.home.lab and put that behind a reverse proxy.
3. Add pihole as DNS resolver for your local domain name (*.home.lab) or if you like you can manually add the routes on all devices… But that"s also a thing of the past !
4. Let your proxy handle your services
Access all your services with the following url in your lan
This works flawlessly without the need to pay for any domain name, everything is local and managed by yourself. However, it’s not that easy as stated above… OpenSSL and TLS certificates are a beast to tame and lots of reading ^^ so does Ngnix or any other reverse proxy !

But as soon as you get the hang of it… You can add a new services in seconds :) (specially with docker containers !)
⁨Comment⁩ on ⁨If I use Caddy for reverse-proxying into another local machine... is my local connection not HTTPS?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
www.amazon.com/…/1800560346

It’s really a good book :) And the last part is all about a mini-ca for your homelab !

However, don’t use the ED448/ED25519 algorithm based certificates for TLS as mentioned in the example… They are still not supported by any browser !

If you can support the author, please do ! If you’re on a budget, it’s really easy to find in the piracy corner.
⁨Comment⁩ on ⁨If I use Caddy for reverse-proxying into another local machine... is my local connection not HTTPS?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Yeah thats correct !

I Wouldn’t say heavy though (maybe I see it that way because I got a bit better with bash and the like :p) because you can make use of CLR to revoke your certificates and renew them very easily with your intermediate and ready to use config files.

But yeah, there isn’t any automated way to manage certificates like Smallstep does :)
⁨Comment⁩ on ⁨If I use Caddy for reverse-proxying into another local machine... is my local connection not HTTPS?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Or simply create your rootCA, IntermediateCA, keys and certifictes with openSSL.

Neither of those are begginer friendly but openSSL is probably a bit easier to get started. There’s a nice book with openSSL (if you are interested I migh look how it’s called) and the last chapter is all about how to create your mini-CA and everthing else to serve your proxy with valid certificates for your homelab.

⁨Comment⁩ on ⁨retiring the pigeon homelab⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

Them probably uses a special plugin device in the outlet.

I have this bash script you can use and have a general overview but I’m not totally sure if I fully understand it and if it’s the whole system’s wattage or only the CPU 🤷‍♂️

#! bash
time=5
sum_1=$(cat /sys/class/powercap/*/energy_uj | awk 'BEGIN { sum = 0; } { sum += $1; } END { print sum; }' "$@");
echo "before" $sum_1
sleep $time;
sum_2=$(cat /sys/class/powercap/*/energy_uj | awk 'BEGIN { sum = 0; } { sum += $1; } END { print sum; }' "$@");
echo "after" $sum_2

sum_1f=$(printf "%.0f" $sum_1)
sum_2f=$(printf "%.0f" $sum_2)

final_sum=$(echo "(($sum_2f - $sum_1f) / 1000000) / $time" | bc -l)
#echo $final_sum | bc -l | xargs printf "%.2f\n"

formated=$(echo $final_sum | bc -l | xargs printf "%.2f\n")
echo $formated "w"

⁨Comment⁩ on ⁨mkdocs for recipe catalogue⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Haha ! Good to keep your brain cells functioning 👍
⁨Comment⁩ on ⁨mkdocs for recipe catalogue⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Wow ! I will still try mealie /Tandoor for family purpose and ease of use. If it doesn’t work as expected, I will totally try this out !!

One question if you don’t mind,

servings Indicates how many people the recipe is for. Used for scaling quantities. Leading number is used for scaling, anything else is ignored but shown as units.

Does this function work well? I didn’t saw any examples so maybe you could tell me :)

Thanks !