non_burglar

@non_burglar@lemmy.world

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨Introducing UniFi OS Server for MSPs⁩ ⁨⁨3⁩ ⁨hours⁩ ago⁩:
That’s the one. It’s a bit daunting and I have a caldav migration to complete and some offsite backups to get done first.
⁨Comment⁩ on ⁨Introducing UniFi OS Server for MSPs⁩ ⁨⁨18⁩ ⁨hours⁩ ago⁩:
I am, the UniFi Java blob that runs on MongoDB. I use it for my 802.11ac access points, although not very often.

I really want to move to openwrt on them (not a big fan of how Ubiquiti treats out-of-support hardware), but I’m scared of taking the big plunge of managing them all with a unified interface. There exist projects to do just this, I guess it’s the work to set it all up.
⁨Comment⁩ on ⁨Self-host Meshtastic Metrics in Grafana⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:
Very cool.

I wish I had a valid use case for my nodes, but they’re basically just toys at the moment.
⁨Comment⁩ on ⁨What are your VPN recommendations for accessing self-hosted applications from the outside?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
You wouldn’t be any more vulnerable to ddos attacks than without WG.
⁨Comment⁩ on ⁨Self-Host Weekly (18 July 2025)⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
It’s way worse than security being an “afterthought”, most of these projects have no afterthought at all. No human review, poor if any testing, rife with race conditions, bad or no error handling, bad or no human readability standards, etc.

But that isn’t even the problem. The deeper and more concerning issue is that these vibe coders iterate very quickly and drown out by volume any meaningful human review. Just like ai-driven content and web scraping, ai vibe coding is making human-generated code less viable because it iterates more slowly.
⁨Comment⁩ on ⁨Trouble setting Let's Encrypt certificates for Pangolin⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Its just port 80. And letsencrypt provides a CIDR block so us paranoids who still restrict with firewalls can limit the exposure.
⁨Comment⁩ on ⁨Just a little server⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
IDS, L4 firewall and video streaming from the same machine? It can be done.

Should you do it? That’s a lesson I’m gonna leave to you to learn yourself. For personal growth.
⁨Comment⁩ on ⁨Just a little server⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
If you’re talking about streaming steam games at 4k, then maybe. But at that point build a dedicated machine.

Sunshine works fine with n100 quicksync for 1080p streaming, plus frigate. I’m running both of these on an 11th gen i5 with a coral tpu for frigate.

Not sure what your “punishment” is for hardware, but your current list really isn’t that demanding.
⁨Comment⁩ on ⁨Just a little server⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Lots of ppl deploy sunshine on n100 mini PCs with quicksync, you dont really need a gpu that way.
⁨Comment⁩ on ⁨Just a little server⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Sr-iov is electrically expensive to implement. You can have it, you’ll just pay more.
⁨Comment⁩ on ⁨My Ultimate Self-hosting Setup⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
I’m a lifelong Linux user (or since 1999, so half my life), but I was a mixed mac and windows user before that. Anyway, I understand the reluctance you’re facing.

You don’t need to endanger any part of your current experience to start self hosting, you can just start adding to it. The stakes can be very low if you want to learn that way.
⁨Comment⁩ on ⁨Very large amounts of gaming gpus vs AI gpus⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
I guess. I don’t know why a person would do this, though… Especially just for an LLM.
⁨Comment⁩ on ⁨Very large amounts of gaming gpus vs AI gpus⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:

I don’t need to build a datacenter, i’m fine with building a rack myself in my garage.

During the last GPU mining craze, I helped build a 3-rack mining operation. Gpus are unregulated pieces of power-sucking shit from a power management perspective. You do not have the power requirements to do this on residential power, even at 300amp service.

Think of a microwave’s behaviour ; yes, a 1000w microwave pulls between 700 and 900w while cooking, but the startup load is massive, almost 1800w sometimes, depending on how cheap the thing is.

GPUs also behave like this, but not at startup. They spin up load predictively, which means the hardware demands more power to get the job done, it doesn’t scale down the job to save power. Multiply by 58 rx9070. Now add cooling.

You cannot do this.
⁨Comment⁩ on ⁨From Docker with Ansible to k3s: I don't get it...⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
K3s (and k8s for that matter) expect you to build a hierarchy of yaml configs, mostly because spinning up docker instances will be done in groups with certains traits applying to whole organization, certain ones applying only to most groups, but not all, and certain configs being special for certain services (http nodes added when demand is higher than x threshold).

But I wonder why you want to cluster navidrome or pihole? Navidrome would require a significant load before service load balancing is required (and non-trivial to implement), and pihole can be put behind a round-robin DNS forwarder, and also be weird to implement behind load balancing.
⁨Comment⁩ on ⁨Got my first script kiddy⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
I don’t think anyone here disagrees that port scanning is bad, nor that you even filed an aws ticket. And congrats on your live service.

But your answers to comments are weird, like this is not only your first server or vps experience with a public interface, but your first time exposing anything to the public web. And even if that’s true, there’s a first time for everyone.

But man, doubling down and insisting that “port scanning is unauthorized traffic” betrays a certain naivete about how tcpip works.

What you are seeing is not only normal, but AWS can’t do anything about it because that’s how IP source and destination sockets work.
⁨Comment⁩ on ⁨What network hardware should I get for my homelab?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Oh, OK. I moved to mikrotik 8 years ago and haven’t looked back.
⁨Comment⁩ on ⁨What network hardware should I get for my homelab?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
OpenWRT on a 5009? Why? You’ll lose the switch integration and a whole lot of speed, not to mention features…
⁨Comment⁩ on ⁨Got my first script kiddy⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

Port scanning is not authorized traffic.

Lol what

I think you should read the terms of your AWS contract. How do you think aws moves instances if not for agents gathering metrics?

And this case is Mandiant, so you’re fine.

Are you sure you’re ready for AWS?
⁨Comment⁩ on ⁨Got my first script kiddy⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Umm…

You know how that works, right? Like, if you don’t want to expose ports, just… don’t expose them. But you can’t prevent port scanning.

I would love to see the support request from AWS for this.
⁨Comment⁩ on ⁨Tailscale addressing concerns over potential enshittification of the platform⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Agree. The person who wrote the article is Avery Pennarun, co-creator of tailscale. I’ve heard him in interview ; he’s very smart, both technically, and in high picture thinking.

But… Missing the point that VC money is cursed because they don’t care if your product is good, successful or a boon to others, is a bit naive.
⁨Comment⁩ on ⁨Outgrown my Synology NAS, time for a proper dedicated machine⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Docker runs fine nested in lxc with uid/gid mapping.

The difficulties of running docker in lxc are particular to proxmox, I ran docker in lxc on proxmox for years, but I’m glad I moved incus; much more sensible approach.
⁨Comment⁩ on ⁨goodbye plex⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
I’m also 90% done migrating to jellyfin. I’ve had the instance running for 6 months now, the cultural change to watch jellyfin is complete, except for my wife’s iPad.

Heck, I should just retire Plex. That will force the change.

These are the thoughts of a cold and calloused sysadmin. Didn’t get the email about the change? Too bad.
⁨Comment⁩ on ⁨I've written a series of blog posts about a "hands-off" self-hosting setup intended for relative beginners.⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
You say this as though security is naturally a consideration for most docker images.
⁨Comment⁩ on ⁨Just a small question.⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
No reason why you can’t do it, but what do you mean by “good for normal people”?

You don’t need permission from anyone to try these things out.
⁨Comment⁩ on ⁨RETIRED: Readarr - Sonarr for Ebooks Book Manager and Automation⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Not that I’m happy about this or anything, I think competition is good.

But I never got readarr to work properly, it seemed to have a workflow that was unintuitive to me, compared to Radarr and Sonarr.
⁨Comment⁩ on ⁨PewDiePie: I'm DONE with Google⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Thank you, I will check these out!

If anything came from this conversation, then at least one more pair of eyes is away from yt.

Now if only I could figure out how to use peertube…
⁨Comment⁩ on ⁨PewDiePie: I'm DONE with Google⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
I’m sure these are accurate statements, but the fact remains that I’ve never heard of dropout or nebula. At all.

And the only reason I’ve heard of floatplane is via LTT and Jeff Geerling, and I don’t actually use the platform itself.

That’s what I mean about inertia, google has it now and can coast for years on people just being lazy and staying with YouTube. That alone will be a loooong hill to climb for any other platforms.

LTT seems to have enough clout and has worked out a survivable business model, but notice that they remain on YouTube to capture and keep new views.
⁨Comment⁩ on ⁨PewDiePie: I'm DONE with Google⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
You are correct. Websites, the stack to supply video encoding, even scalability is a solved problem.

The hard work isn’t technical, it’s getting people onto your platform in the first place (marketing), getting people to continue using your platform (retention) and the perennial problems of SaaS evolving with other SaaS platforms (how many dev hours are you willing to eat trying to keep up with the Joneses?).

SaaS, and in this case, SaaS offering content, is a losing game. You will either lose your shirt, sell your business, or become entrenched in a position whose inertia is difficult to break. How much of any of those you are willing to take a firehose of is the question.
⁨Comment⁩ on ⁨PewDiePie: I'm DONE with Google⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
The lift of running your own platform is big. You just won’t believe how vastly, hugely, mind-bogglingly big it is. I mean, you may think it’s a long way down the road to the chemist’s, but that’s just peanuts to creating your own video hosting platform.
⁨Comment⁩ on ⁨I'm the creator of Seedit and I'm here to share how it works and clear up some Concerns/FUDS⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
As with any new thing, it’s not the technology, it’s the implementation.