ohshit604
@ohshit604@sh.itjust.works
- Comment on Trump team leaks AI plans in public GitHub repository 1 week ago:
Interesting that you chose Reddit as an example.
I was in a rush! Honestly it was the quickest thing I could come up with on the spot, plus database tools are something I lack a lot of knowledge about so I really couldn’t go in depth even if I wanted to.
Appreciate the history behind Reddit’s database!
- Comment on Trump team leaks AI plans in public GitHub repository 1 week ago:
Postgres, SQLite, etc are tools for database management, things like user data, application data and so on are collected here.
Take Reddit’s Karma system or Upvotes/Downvotes for example, they’re stored in a database and however Reddit wants to utilize that data Postgres makes it easy to call upon it.
I’m sure others can give more detailed responses.
- Comment on Matrix.org is Introducing Premium Accounts 1 week ago:
The Matrix.org Foundation is a non-profit and only relies on donations to operate. Its core mission is to maintain the Matrix Specification, but it does much more than that.
Non-profit… only relies on donations…
- Comment on YouTube rolls out more unskippable ads that make viewers wait even longer to watch videos - Dexerto 1 week ago:
- Comment on Half of companies planning to replace customer service with AI are reversing course 1 week ago:
I spent 25 years on this planet without the need for an actual Ai, I’ve used Siri when she was dumb to make quick phone calls or to turn lights off but other than that I really don’t need to know the last digit to Pi.
- Comment on The current system of online advertising has been ruled illegal 1 week ago:
Depends on how many sites comply, most will likely block Belgian IP’s
- Comment on Building a slow web 2 weeks ago:
Once again, thank you for your insight! It truly does help a lot.
Today I learned the VPN routing is the cause of my issues, I opted to expose my homelab to WAN and tried to connect over LTE/5G and was surprised to see it actually resolve!
Unfortunately this now throws a wrench in my plans In regard to security so now I’m debating on getting another piece of hardware and labelling one as “front end” and the other as “back end” so that the “back end” doesn’t share the same public IP as the front end.
This has ignited a spark to rework my homelab!
- Comment on Friendly reminder that Tailscale is VC-funded and driving towards IPO 2 weeks ago:
So glad my router supports WireGuard/OVPN server hosting.
- Comment on Building a slow web 2 weeks ago:
While i appreciate the detailed response here i did make another comment letting OP know i’m in a similiar situation as them, i use Docker Engine & Docker Compose for my self-hosting needs on machine running Proxmox with a Debian 12 VM. My reverse proxy is traefik and i am able to receive SSL certificates on port :80/:443 (also have Fail2Ban setup) however, i can’t for the life of me figure out how to expose my containers to the internet.
On my iPhone over LTE/5G trying my domain leads to an “NSURLErrorDomain” and my research of this error doesn’t give me much clarity.
This is a snippet of my docker-compose.yml
``` services: homepage: image: ghcr.io/gethomepage/homepage hostname: homepage container_name: homepage networks: - main environment: PUID: 0 # optional, your user id PGID: 0 # optional, your group id HOMEPAGE_ALLOWED_HOSTS: my.domain,* ports: - ‘127.0.0.1:3000:3000’ volumes: - ./config/homepage:/app/config # Make sure your local config directory exists - /var/run/docker.sock:/var/run/docker.sock #:ro # optional, for docker integrations - /home/user/Pictures:/app/public/icons restart: unless-stopped labels: - “traefik.enable=true” - “traefik.http.routers.homepage.rule=Host(
my.domain
)” - “traefik.http.routers.homepage.entrypoints=https” - “traefik.http.routers.homepage.tls=true” - “traefik.http.services.homepage.loadbalancer.server.port=3000” - “traefik.http.routers.homepage.middlewares=fail2ban@file” # - “traefik.http.routers.homepage.tls.certresolver=cloudflare” #- “traefik.http.services.homepage.loadbalancer.server.port=3000” #- “traefik.http.middlewares.homepage.ipwhitelist.sourcerange=127.0.0.1/32, 192.168.1.0/24, 172.18.0.0/16, 208.118.140.130” #- “traefik.http.middlewares.homepage.ipwhitelist.ipstrategy.depth=2” traefik: image: traefik:v3.2 container_name: traefik hostname: traefik restart: unless-stopped security_opt: - no-new-privileges:true networks: - main ports: # Listen on port 80, default for HTTP, necessary to redirect to HTTPS - target: 80 published: 55262 mode: host # Listen on port 443, default for HTTPS - target: 443 published: 57442 mode: host environment: CF_DNS_API_TOKEN_FILE: /run/secrets/cf_api_token # note using _FILE for docker secrets # CF_DNS_API_TOKEN: ${CF_DNS_API_TOKEN} # if using .env TRAEFIK_DASHBOARD_CREDENTIALS: ${TRAEFIK_DASHBOARD_CREDENTIALS} secrets: - cf_api_token env_file: .env # use .env volumes: - /etc/localtime:/etc/localtime:ro - /var/run/docker.sock:/var/run/docker.sock:ro - ./config/traefik/traefik.yml:/traefik.yml:ro - ./config/traefik/acme.json:/acme.json #- ./config/traefik/config.yml:/config.yml:ro - ./config/traefik/custom-yml:/custom # - ./config/traefik/homebridge.yml:/homebridge.yml:ro labels: - “traefik.enable=true” - “traefik.http.routers.traefik.entrypoints=http” - “traefik.http.routers.traefik.rule=Host(traefik.halstead.host
)” #- “traefik.http.middlewares.traefik-ipallowlist.ipallowlist.sourcerange=127.0.0.1/32, 192.168.1.0/24, 208.118.140.130, 172.18.0.0/16” #- “traefik.http.middlewares.traefik-auth.basicauth.users=${TRAEFIK_DASHBOARD_CREDENTIALS}” - “traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https” - “traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https” - “traefik.http.routers.traefik.middlewares=traefik-https-redirect” - “traefik.http.routers.traefik-secure.entrypoints=https” - “traefik.http.routers.traefik-secure.rule=Host(my.domain
)” #- “traefik.http.routers.traefik-secure.middlewares=traefik-auth” - “traefik.http.routers.traefik-secure.tls=true” - “traefik.http.routers.traefik-secure.tls.certresolver=cloudflare” - “traefik.http.routers.traefik-secure.tls.domains[0].main=halstead.host” - “traefik.http.routers.traefik-secure.tls.domains[0].sans=*.halstead.host” - “traefik.http.routers.traefik-secure.service=api@internal” - “traefik.http.routers.traefik.middlewares=fail2ban@file”Image of my port-forwarding rules (note; the 3000 internal/external port was me “testing”) Image
- Comment on Building a slow web 2 weeks ago:
I’m in the same boat (sorta)!
Follow up question, did you have trouble exposing port :80 & :443 to the internet? Also are you also using Swarm or Kubernetes?
I have the docker engine setup on a machine along side Traefik (have tried Nginx in the past) primarily using Docker Compose and it works beautifully on LAN however can’t seem to figure out why I can’t connect over the internet, I’m forced to WireGuard/VPN into my home network to access my site.
No need to provide troubleshooting advice, just curious on your experience.
- Comment on Microsoft’s Recall feature is still threat to privacy despite recent tweaks 2 weeks ago:
around the 12 week mark.
Not all computers need to tell time, just uninstall clock.exe.
- Comment on Building a slow web 2 weeks ago:
If you don’t mind me asking, how do you host your site?
- Comment on uBlockOrigin is porting uBOL to iOS 2 weeks ago:
Waiting on the day Firefox extensions support the iOS app.
- Comment on Microsoft announces new Windows changes in response to the EU's (DMA) Digital Markets Act for EEA users, including Edge not prompting users to set it as the default unless opened 3 weeks ago:
So… they’re doing exactly what apple was forced to do.
- Comment on Twitch is getting vertical livestreams 3 weeks ago:
Is a third party front end for YouTube, more private, no ads and if you pair it with freetubeapp.io you can even skip in video advertisements/sponsors.
- Comment on Twitch is getting vertical livestreams 3 weeks ago:
I’ll just leave this video guide here to cure world of this cancer
Fixed that for you.
- Comment on Forced E-Waste PCs And The Case Of Windows 11’s Trusted Platform 3 weeks ago:
As another person mentioned Proton is Linux’s compatibility layer for Windows applications, from my understanding it installs necessary .NET frameworks and other dependencies into a fake C:\ drive an then utilizes that fake C:\ to trick the game into thinking it’s running Windows.
Every windows applications I put through Proton has not once failed to open. Now the claims that Anti-Cheat for games isn’t supported is purely false, most popular anti cheat’s do support Linux however, it’s entirely up to the publisher to tick the checkbox to allow Linux users to play.
Battle eye, Punk Buster, Easy Anti-Cheat all support Linux natively.
- Comment on Russia to enforce location tracking app on all foreigners in Moscow 4 weeks ago:
or… better yet, not agree to the Russia’s terms and prevent the app outright?
- Comment on How to reverse proxy? 5 weeks ago:
Reverse proxying was tricky for me, I started with Nginx Proxy Manager and it started out fine, was able to reverse proxy my services in the staging phase however, once I tried to get production SSL/TLS certificates it kept running into errors (this was a while ago I can’t remember exactly) so that pushed me to SWAG and swag worked great! Reverse proxying was straight forward, SSL/TLS certificates worked well however, overall it felt slow, so now I’m using Traefik and so far have no complaints.
It’s honestly whatever works for you and what you prefer having.
- Comment on Need help with searxng docker compose 5 weeks ago:
I agree, hence why I left the note at the bottom of that comment, yes it does encourage bad practices but, if all OP cares about is that it works then it should be fine.
In my other comment I instructed OP to move the volume to their users home directory so they don’t run into permission issues like this again.
- Comment on Need help with searxng docker compose 5 weeks ago:
Taking a look at your
docker-compose.yml
I see this volume mount:volumes: - /volume1/SN/Docker/searxng-stack/searxng:/etc/searxng:rw
Whereas
/volume1/SN/Docker/searxng-stack/searxng
is the directory on your system docker is attempting to use to store the files inside the container from/etc/searxng
.Example of a volume mount that’ll likely work better for you;
volumes: - ~/docker/config/searxng:/etc/searxng
The tilde (~) acts as your current users home directory (not root) where docker volumes should be stored.
Apologies for the poor formatting, typing this on mobile.
- Comment on Need help with searxng docker compose 5 weeks ago:
have you checked the directory & file permissions with
ls -la /Your/SearXNG/WorkingDir
?The error is telling you that the container does not have permission to that directory/file, you can essentially bypass this with
sudo chmod 777 /Your/SearXNG/WorkingDir/*
andsudo chown 1000:1000 Your/SearXNG/WorkingDir/*
- Comment on Google Says iPhone Adoption Of RCS Has Led Users To Share 'More Than A Billion' Messages Daily, Yet SMS/MMS Still Reign Supreme In The U.S. 5 weeks ago:
Apple left this little note in their article;
*Note: To use read receipts, you and your recipient must turn on iMessage.
Which leads to believe the toggle is for iMessage only.
as I do not get read receipts from some people with iOS and some I do.
This is what I’ve heard from my Android homies as well, it’s very much a hit or miss it seems.
- Comment on Google Says iPhone Adoption Of RCS Has Led Users To Share 'More Than A Billion' Messages Daily, Yet SMS/MMS Still Reign Supreme In The U.S. 5 weeks ago:
TIL google developed the RCS protocol.
Another reason for me to leave it off.
- Comment on Google Says iPhone Adoption Of RCS Has Led Users To Share 'More Than A Billion' Messages Daily, Yet SMS/MMS Still Reign Supreme In The U.S. 5 weeks ago:
They’re referring to iOS devices, the Read Receipts toggle on iOS is for iMessage not RCS.
- Comment on Come to say thank you. Time to move from proprietary to Open Source 1 month ago:
Late to the party but I decided to pickup a 13th gen ASUS NUC with an i7 over a prebuilt NAS, bought a couple external hard-disk bays setup Proxmox running a headless Debian 12 VM however, this was a mistake on my part because the Debian 12 Linux kernel is pretty far out of date and does not support the CPU properly.
- Comment on Apple Eyes Move to AI Search, Ending Era Defined by Google 1 month ago:
The simple fact that I can only choose between 5 different search engines for Safari is infuriating, I self host my own SearXNG instance and have to use a bloody third-party extension to redirect my queries.
- Comment on Silent Hill 2 (remake) now on GOG 1 month ago:
i paid nearly $100 CAD for the game, will do it again.
Such a good campaign.
- Comment on Windows Is Adding AI Agents That Can Change Your Settings 1 month ago:
It’s unlikely but I’m hoping my company switches to Linux based operating systems.
- Comment on Grand Theft Auto VI Trailer 2 1 month ago:
GTA VII when?