frongt
@frongt@lemmy.zip
- Comment on How much do you secure a home server that's only accessible with VPN? 21 hours ago:
Tenable owns Nessus. But they have a free tier.
The FOSS equivalent is Greenbone OpenVAS: greenbone.github.io/docs/latest/
- Comment on Is they're an easy way to make my Jellyfin accessible outside of my home network 1 day ago:
Plus it enables you to access everything. If you have radarr or sonarr or whatever, you can get to those and add media while out and about.
Personally I use Mealie and pull up ingredient lists while I’m im at the grocery store.
- Comment on Is they're an easy way to make my Jellyfin accessible outside of my home network 1 day ago:
Assuming their ISP and everything else supports ipv6. An even so it’ll still be visible through scanning, through brute force, or if anyone is reading cert transparency reports anf scanning the domains that show up.
- Comment on Is they're an easy way to make my Jellyfin accessible outside of my home network 1 day ago:
Yes, it works great for me. Probably not for a TV though, for that you’d probably need some travel router VPN client. But I don’t know how often you’d be at a random TV and need to get to jellyfin.
- Comment on LLM on Nintendo DS Lite 1 day ago:
Yes but this isn’t a full browser, just an API client.
- Comment on New here - excited to join the selfhosted community 1 day ago:
The newer versions let you hit d to detach.
- Comment on Internal resolution of gateway 1 day ago:
Run a local DNS server with local records.
- Comment on Is they're an easy way to make my Jellyfin accessible outside of my home network 1 day ago:
Yes, a VPN. And dynamic DNS if you don’t have a static IP address.
- Comment on Using a NAS to redirect to another NAS for streaming ? 1 day ago:
I found Netbird significantly easier to set up
- Comment on LLM on Nintendo DS Lite 1 day ago:
Client on DS Lite. LLM on Mac.
- Comment on Help with my Proxmox-Setup 2 days ago:
Install one pbs on the big server. If you have the space, set up replication so you have another local copy. Best practice is to also keep an offsite copy, either with cloud storage or external drives you rotate, in case something happens to the stuff at your house.
- Comment on How I backed up and booted locally my entire VPS 4 days ago:
Yeah that’s a reasonable way to take a backup. I mean I would have recommended an actual backup tool, but dd is perfectly good. Especially since you zeroed as much as you can, since you didn’t have a tool skipping unused blocks.
But the Wi-Fi bit was pretty gross, yeah. Fine to test but never ever for something I actually wanted to use.
- Comment on How secure is my local backup drive with ssfhs? 4 days ago:
If it’s not connected to the internet, the only way someone could reach it would be if they are already inside your network. If they are inside your network, either they are on one of your devices (and if it’s your computer, you can consider your keys compromised) or they have physical access and they can just take the drive. (Is the data on the drive encrypted?)
- Comment on I finally bought a domain! Now what 4 days ago:
If you really want to, you can use tailscale to home, then route your outbound traffic over the other VPN. But that’s a bit tricky to set up and it’ll probably be pretty slow.
Using a VPN for privacy is overrated, unless you have a government or ISP that is actively snooping on your traffic. The majority of connections are already encrypted with https.
- Comment on Setting Up OPNsense on Proxmox: Doubts regarding NIC setup 5 days ago:
Enable pci passthrough for the card, use the onboard interface for proxmox management. It will only cause a loop if you bridge the interfaces or enable routing in proxmox, which is really hard to do accidentally. Don’t worry about it too much. Even if it happens, just unplug one of the connections and reboot the switch, then go back in and fix it.
- Comment on I finally bought a domain! Now what 5 days ago:
I would strongly encourage continuing to use tailscale or another VPN. The more you expose to the Internet, the more opportunities you present to an attacker. If you family also uses the VPN client, they can access the systems in the same way.
Plenty of learning material out there on DNS. But no, you don’t have to pay extra for subdomains. You can put the records up on cloudflare or host them internally. Generally it’s considered bad practice to put local records in public DNS, but it doesn’t actually matter that much.
You can set up a reverse proxy to route traffic to each service based on the domain name used. Most people use caddy, some use traefik, and some use nginx proxy manager.
- Comment on Self-hosted keypass fork recommendation 6 days ago:
It’s on your server, and whenever you keep your backup. I don’t know if it keeps a local copy on your phone when you log out or not. Generally I just don’t log out.
- Comment on Self-hosted keypass fork recommendation 6 days ago:
Vaultwarden?
You can write notes all day with no server at all. The server just Synchronizes it all.
Yes, that’s exactly how it works right now. Clients will keep a local copy of the database, so even if the server goes away for a while, you can still use it.
But you had the backup, you restored it, everything worked properly. I’m not sure what the issue is here.
- Comment on Selfhosted & AI 1 week ago:
I don’t have a problem with AI. I have a problem with vibe-coded apps released as a one-shot and then never maintained or supported. That’s slop.
I also have a problem with the trace apps (lifttrace, nutritrace, etc.) because while they’re entirely vibe-coded, they are actively developed, but they’re posted here by a brand promotion account that doesn’t otherwise contribute to the community. If there’s any “x% self-ptomotion” threshold, they fail it, because it’s 100% self-promotion.
I know I also reported another post as slop recently but I don’t remember what it was.
- Comment on How my AI Agent views and maintains "our" homelab 1 week ago:
Yes. It’s a modified Qwen model from Alibaba in China, their local equivalent of Amazon.
- Comment on My entire production website runs on a Raspberry Pi 4B + Orange Pi Zero 3 — real traffic, public dashboard, zero cloud 1 week ago:
The AI is writing for you. None of your words are coming through. While I’m sure that Google translate runs on AI these days, it’s miles better than chatgpt.
Even if your English is terrible, I’d still rather read broken English than AI slop. (Or you can post the short top-line summary in English and the rest in Italian, or even just the whole thing in Italian; this isn’t an english-only community!)
- Comment on Is there a solution to use tailscale (or pangolin) alongside a traditional VPN on grapheneos? 1 week ago:
VPN to home, then route outbound traffic over the other VPN.
- Comment on Help me fix my dad’s home internet setup. Does my plan make sense? 1 week ago:
Putting random stuff into AP mode is sketchy, but usually works. Modern equipment in particular usually supports proper roaming, and clients are smart enough to change BSSID based on strength. Old and/or cheap equipment is less reliable because of poor or nonexistent roaming support.
If you want to do it the right way, get a couple real APs and pull Ethernet back to a switch. Ubiquiti is fine for prosumer, and you’re less likely to get “help my wifi stopped working and you need to come fix it” calls.
How many APs depends on house layout and what it’s built out of.
- Comment on Tools for selecting the best pictures 2 weeks ago:
The problem I see here is that the best images are those that have been edited, i.e. rotated, cropped, and adjusted brightness/contrast/saturation/white balance. Like I can have a thousand snaps from my camera, but they’ll only look good once I pick them out and edit them.
I suppose, if you have a consistent camera with photos in consistent conditions, you could apply edits in bulk. And I know Google has automated crop/rotate/etc features in the Google Photos app, so maybe you could find a self-hosted tool smart enough to do that across all your photos, then make a review pass to pick out the good ones.
- Comment on Help with MonicaHQ notifications 2 weeks ago:
Anything in the logs?
- Comment on How do you protect a remote backup from a compromised account? 2 weeks ago:
WORM: write once, read many. Any good backup software supports this.
You could also keep offline backups. You can’t compromise what you can’t reach.
- Comment on Voiden - CLI runner (update) 2 weeks ago:
I don’t have a use case right now, else I would.
If English isn’t your first language, “void” has a connotation of emptiness, nothingness. APIs are about constructing, not emptying.
- Comment on Voiden - CLI runner (update) 2 weeks ago:
Why the name “voiden”? Making things void is the opposite of what I want to do with apis.
- Comment on Self hosting Dotmakeup 2 weeks ago:
I find it a lot easier to just clone the repo instead of cherry-picking files one by one. Especially if you think you only need one and then need to go back for more. Or if you want to pull updates in the future, or remember where you got it from. Or you want to include the documentation or examples or whatever else is in the repo.
- Comment on Self hosting Dotmakeup 2 weeks ago:
Look at the repo. There’s at least the variables.yml file.