philpo

@philpo@feddit.org

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨Self hosting Sunday! What's up, selfhosters?⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:
Mealie is far superior to Tandoor,imho.
⁨Comment⁩ on ⁨Goodnight sweet prince⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
No, power line is “on top” of the normal power distribution - it does not actually change frequency, etc.
⁨Comment⁩ on ⁨Goodnight sweet prince⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Funny enough yeah,you can trans mit data long range via powerlines.

I am old enough to remember the older career firefighters having devices at home that basically listened to the frequency shift. If a certain signal was given (via the substations) that frequency shift was observed by the devices and an electric alarm bell was activated so people knew shit had hit the fan and they probably should head to work.

It was already phased out,thought, back then.
⁨Comment⁩ on ⁨Should Newcastle to Sydney bullet train really be first link built of Melbourne to Brisbane route?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Oh,don’t get me wrong, I am all against privatized railway systems and literally fighting against that where I currently live. (Currently living jn Europe and the difference is very obvious) BUT: That doesn’t mean letting politicians plan things is a good idea either.

Why? Because then you get the worst of both worlds - because their interested is not the optimal system for everyone but the optimal result for them. So you get stops, expensive detours or “solutions” that do not benefit 98% of the users but are a nice gift/benefit for their constituents in their small electoral districts. (Germany is a very good example for that. They have a lot of high speed lines that could be 30-40% faster if the trains would not “need” to stop in bumfucknowhere towns and have literally build expensive tunnels for billions that are now not used for most connections as they need the extra stop or their semi private railway system would need to repay subsidies)

The same can be seen in the US, etc.

Railway systems need to be planned by a very large scale - and by people who have the optimal solution for the railway system and the population in mind,not local interests.
⁨Comment⁩ on ⁨Should Newcastle to Sydney bullet train really be first link built of Melbourne to Brisbane route?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Never let politicians run a railway system.
⁨Comment⁩ on ⁨Backups of Backups⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Thanks a lot. I expanded it a little bit.
⁨Comment⁩ on ⁨Backups of Backups⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Basically:
- Small proxmox node (Zima) that basically does only operate a Proxmox Backup Server for local clients and fast backup.
- Offsite ZFS send to a VPS I operate for that purpose. As well as Proxmox Backup Server for VMs,etc. Basically meant as a fast recovery option.
- Offsite S3 storage backup to a different provider from above. Meant for a medium term backup.
- Portable HD: I have two different portable HDs. One is hooked up to the Backup server, the other one is in a lock box in my banks safe. The “connected one” does a weekly backup (and is switched off in between). Once in a while (around 6 to 12 weeks, with 12 weeks being the hard maximum) I take the active one to the bank and both drives switch places. That provides a full backup.
- Last line of defence: The real real important things (photos of life events-weddings,etc.- important documents,Password DBs) etc.) get burned on a M-disc Archive blue ray. They are also in the bank safe and at a secure third location. They are more meant for “shit hit the fan and I might not be there anymore,but maybe the kids want these”.
This is another thing to consider: Have detailed descriptions for others how to retrieve your data in case something happens.
⁨Comment⁩ on ⁨[deleted]⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Cyberpower OR600ERM1U or similar are nice - or the OL1000ERTXL2U if you want a online usv.

Not that the Eatons are bad,they are a little bit nicer in a few things, but often also more expensive.
⁨Comment⁩ on ⁨podman quadlets on lxc⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Privileged or unprivileged container?
⁨Comment⁩ on ⁨xAI used employee biometric data to train Elon Musk’s AI girlfriend⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
He can’t have regular sex anymore most likely due to his ketamine abuse.
⁨Comment⁩ on ⁨Safebox: Open-source framework for managing self-hosted apps (Beta)⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Just like Cloudron.
⁨Comment⁩ on ⁨US Government Urges Total Ban of Our Most Popular Wi-Fi Router⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Yeah,does not reflect the actual situation.

Currently especially their SDN capable stuff (Omada) is far better than e.g. the Ubiquiti stuff - we are relatively surprised by the build quality for the bucks you pay,tbh. (And unlike Ubiquiti they can be run stand alone and SDN).

Not defending their China-issues btw, we absolutely recommend to all our clients that they put a OPNsense in front of it. But it does it job and has it’s place in small businesses. (And tbh,their Wifi gear is good enough that I have seen it in fairly large deployments)

Sadly there’s not too much alternative for that sector atm.
⁨Comment⁩ on ⁨US Government Urges Total Ban of Our Most Popular Wi-Fi Router⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Yeah, especially router wise I tend not to recommend them as well, but we widely use OPNsense as FWs now. Switching wise they are good and tbh, their track record got much better. (And everyone elses got worse, looking at you,Forti)

We tend to recommend Omada for smaller clients that would otherwise use ubiquiti (their track record is…far worse) and simply put a OPNsense in front of it. These are small healthcare establishments - the alternative is often far worse (cousin John doing the network or some antique Zyxel the local IT shithead service sold them as new) and with the OPN we can do due dilligence IT security wise.
⁨Comment⁩ on ⁨US Government Urges Total Ban of Our Most Popular Wi-Fi Router⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Considering they recently also complained about Mikrotik I would,well, not give to much merit on that shit.
⁨Comment⁩ on ⁨US Government Urges Total Ban of Our Most Popular Wi-Fi Router⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Bullshit.

It depends on what you buy from them and always has been. Their Omada line is on par with Ubiquiti, some other gear is similar to other commercial grade gear.

If you buy their cheap shit, yeah,it’s cheap. But they,as most manufacturers, have a broad spectrum…
⁨Comment⁩ on ⁨⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Sadly Affinity Studio isn’t one of them - it runs barely, if at all in emulators and believe me we tried. Especially for larger files it’s still unusable.
⁨Comment⁩ on ⁨After police used Flock cameras to accuse a Denver woman of theft, she had to prove her own innocence⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
At this point I need a shrine saying “hail to the GDPR” soon.
⁨Comment⁩ on ⁨How to keep track of system temps and hardware health indicators via dashboard with a proxmox installation?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Tbh, I have given up on Proxmox Helper Scripts for more demanding things recently as I had similar issues.

You can use the fully packed VM appliance or iso as well. Or Docker.

Or,tbh,try the manual install,it’s somewhat straight forward. If you need help let me know.
⁨Comment⁩ on ⁨How to keep track of system temps and hardware health indicators via dashboard with a proxmox installation?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Another option: Zabbix.

Sounds like overkill initially, but works fine and can be automated fairly well. Once installed (as a LXC/VM or on a seperats device if you want independent monitoring), you can setup a API acess for monitoring Proxmox (which will monitor all LXCs,etc. automatically) and then add the agent on top to monitor the underlying machine. There are dozens of ways to monitor Zabbix hosts temps, HDDs,etc. available online.

In theory you could also let a zabbixproxy collect all your hosts data (e.g. your Proxmox Host, your switch,etc.) in your network and then send it to a VPS outside your network so you monitor offsite and can be alerted when not at home.
⁨Comment⁩ on ⁨Internal domain and reverse proxy⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
ZeroSSL has unpaid plans (for non wildcards) that have a few advantages that LE doesn’t:
- No Ratelimits,
- A WebDashboard
- More ways to validate
- They have a RestAPI
And, first and foremost, they are European and it’s always good tk have an alternative ready.

But as said before, I totally missed the wildcard issue, as I haven’t touched these for a long time and recently had more to do with my public services (which get a ACME single domain cert via zeroSSL)
⁨Comment⁩ on ⁨Internal domain and reverse proxy⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Sorry, then proceed with LE.
⁨Comment⁩ on ⁨Internal domain and reverse proxy⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
It is absolutly possible, but oersonally I would highly recommend getting yourself a proper public domain for that,even if you won’t use it otherwise (it’s even somewhat saver if you use a designated one for it).

To make it really easy get the domain with someome who also provides DNS with it (Hetzner is a solid choice, so are others, has to have an API). (E.g. “mydomain.casa”.)

Now get an internal DNS server that can handle it’s own zones. I always recommend technitium, but there are other choices. Pihole is not a good choice here.

Next thing is a reverse proxy,as you mentioned. If you want it easy, NginxProxyManager is a good choice, but limits what one can do later. But it kind of works out of the box. Traefik and caddy are both often named,but I found none of them as “fire and forget” as NPM is - and caddy can’t do a lot of things either. Traefik is what I currently use,but even using Manatrae or similar GUIs it’s sometimes a pain. But it’s absolutely powerful especially when you run a lot of docker container on the same host. Tbh, if I had not some special requirements I would still use NPM.

Now, what to do? (Not a full manual, more like a ovrview that it’s not that complicated)
1. Install all of the above on docker.
2. Setup NPM with a wildcard certificate, register with zerossl.com (has advantages over LetsEncrypt), add them as a provider and get a wildcard(!) certificate. (*.yourdomain.casa).
3. Setup a proxy host. You simply add the domainname (nextcloud.mydomain.casa),point it to the actual container ("192.168.1.10:3000) and choose the wildcard certificate as a SSL and switch on “force SSL”.
4. Go to the DNS server, create a DNS zone “mydomain.casa” and then simply add “nextcloud.mydomain.casa” and point it to the Reverse proxy IP. Done.
For good practice I would recommend to also keep a zone that links directly to the services so you can use that whenever necessary. (mydomain.internal)
⁨Comment⁩ on ⁨Banana⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Get an allergy test. Banana allergies (even though that doesn’t necessarily sound like one) are associated with other allergies,including some medications.

So…you might want to know in advance.

If it is not that then try biobananas once. A lot of people are sensitive to the pesticides used.
⁨Comment⁩ on ⁨Mini pc for home server?⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
I would avoid a Raspi/ARM at all costs. But there is a third alternative: A x86 SBC like a Zima Board or blade might be exactly what you are looking for. Small, powerful enough and far easier than an ARM to maintain.
⁨Comment⁩ on ⁨a sight to behold⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Haha. I’ve seen worse. Wait. I was hit by worse in worse areas and stool is by far not the worst thing that hit me.

…starts sobbing

I know why by now I prefer my desk and only ocassionally venture back into patient facing work.
⁨Comment⁩ on ⁨Beyond Pi-Hole⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
I have expanded my setup over the years. And tbh, I reached so many stages where I read up how pi-hole or adguard achieved this and that. And every time it was like “damn,if you want more than the basics they are actually more complicated. I just have to look up this and this and Technitium does it by the book.”. That’s so refreshing.
⁨Comment⁩ on ⁨Beyond Pi-Hole⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Yeah, came here to write about Technitium. It is rock solid. Absolutely. It looks intimidating at first but you soon figure out you hardly need 10% of the options in the beginning.
⁨Comment⁩ on ⁨Backup recommendations⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Duplicati is probably one of the easier options.
⁨Comment⁩ on ⁨TIL about Wiki.js⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Afaik bluestack is the best option for that but I might be mistaken
⁨Comment⁩ on ⁨TIL about Wiki.js⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Tbh: I haven’t found a really good replacement yet (we are simultaneously coming off confluence as well and that is even harder)

What we tried:
- Bookstack: I.can.not.understand.what.people.like.about It.Period. From my point of view it’s one of the worst systems on the market. Why? The fact that it only allows three different levels of hierarchy, the fact that by default all your images are public and their recommended solution is security by obscurity instead of proper handling it(which it can do) or their absolutely abhorent permission handling.
- Xwiki: It’s… Clumsy. Possibly the most capable one, but it’s Java and munshes resources like they are free and it’s bothersome to setup/get working. Once it works it’s extremely capable,especially from a business point of view. It’s one of the close contenders for my confluence customers atm.
- DokuWiki has become pretty capable,but takes a good theme and a few modules to be “up to modern standards”. The second close contender.
- Last but not least outline is also an idea. Currently looking into that.
- For my personal reference,especially for everything self hosted I used to maintain a fairly extensive Wiki.js,but I have found it more and more bothersome as a split between the configuration assets and the wiki was always there. So nowadays it’s often more integrated and stringent to use my GIT repository (forgejo) to keep my documentation as well.
- The same approach is also a nice one for my work and we still discuss if we might “make it work” with our project management (Redmine) and it’s wiki component.
- Lastly for a personal wiki Tiddly might be enough, btw.