2xsaiko

@2xsaiko@discuss.tchncs.de

• ⁨Comment⁩ on ⁨Chaining routers and GUA IPv6 addresses⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:

  Most computers with (at least) two network interfaces will do. If it’s something too crappy your throughput will be limited by CPU speed but I can’t tell you exact recommendations here. Here’s OPNsense’s hardware recommendations for example, they’re not high at all. Off-the-shelf devices that allow you to do this should probably be fine too.

  I’d put Linux on it and use nftables but BSD PF seems to be very popular for firewalls (OPNsense/pfSense are built on this) which I have never used so consider that too.

• ⁨Comment⁩ on ⁨Chaining routers and GUA IPv6 addresses⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:

  Not a professional networking guy either but here’s my opinion.

  What I would do is use the ISP router as is, open all ports on it (except to itself, hopefully it doesn’t do that…), and put a firewall in between the router and everything else that controls the actual access to everything behind it (in bridge mode between the two network interfaces of the firewall, so you only have the one network).

  Could a potential second router also assign addresses to devices in that globally routable space directly?

  Devices in IPv6 assign addresses themselves via SLAAC, you just need one device advertising the prefix which the ISP router should already do. The firewall should be able to just purely be there for packet filtering. If you need fixed addresses for public facing servers I would just assign them manually to the respective boxes as you likely also need to add them to public DNS manually anyway.

• ⁨Comment⁩ on ⁨what do you use for screen sharing?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  Huh, I thought I looked through them all when I tried it last time. I’ll check again.

• ⁨Comment⁩ on ⁨what do you use for screen sharing?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  Do you self-host Jitsi? The public instance has absolutely unusable FPS for streaming gameplay which is pretty much the only thing I still use discord for because it’s the only thing that seems to do it well. I read somewhere you can turn up the FPS on a self-hosted Jitsi though.

• ⁨Comment⁩ on ⁨Peter Todd Was ‘Unmasked’ As Bitcoin Creator Satoshi Nakamoto. Now He’s In Hiding⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  Irresponsible and malicious journalism like this is why I have an immediate distrust against any sort of reporter that tries to talk to me. Probably irrational but still.

  I hope your balls explode.

  I wish him the very same.

• ⁨Comment⁩ on ⁨Syncthing Android app discontinued⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  Yup!

• ⁨Comment⁩ on ⁨NFS mount disappearing⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  Never seen this before, but you can enable NFS debugging with ‘rpcdebug -m nfs -s all’ (or nfsd on the server, or rpc for the underlying protocol). It prints to dmesg.

• ⁨Comment⁩ on ⁨Syncthing Android app discontinued⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  IIRC Keepass2Android does have that feature.

• ⁨Comment⁩ on ⁨Publicly routable IPv6 addresses behind CGNAT in home environment using Tailscale and VPS⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

  What they suggest sounds like setting up a bridge interface between your LAN and the VPN interface to connect the VPS with your LAN. That’s actually a good idea since it would not need you to have a separate /64 for your local network. In this case I’m pretty sure that your VPN needs to be a layer 2 VPN, i.e. transports whole ethernet frames instead of TCP/UDP only, for this to work correctly. Wireguard doesn’t do this, OpenVPN can for example.

  To make the VPS a gateway, you need to configure it to forward packets between networks and then set it as your default route on the clients (with IPv6, default route is usually published using router advertisements, set up radvd service on your VPS for that). That’s pretty much it IIRC except for the firewall rules. Here’s an article that’s some cloud stuff but is also applicable to your situation: www.linode.com/…/linux-router-and-ip-forwarding/#…

• ⁨Comment⁩ on ⁨Publicly routable IPv6 addresses behind CGNAT in home environment using Tailscale and VPS⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

  I had the network before moving here (created it when I did have a public IPv4). Can’t test creating one new since it will only allow me to make one per IP.

• ⁨Comment⁩ on ⁨Publicly routable IPv6 addresses behind CGNAT in home environment using Tailscale and VPS⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

  Hm, it doesn’t? I’m not behind CGNAT but I’m in a network I don’t control (university dorm) so my gateway is just another device in the local network and I don’t have a public IP which I control, which I feel like should effectively be the same thing as CGNAT, and it works for me. Maybe it isn’t the same.

• ⁨Comment⁩ on ⁨Publicly routable IPv6 addresses behind CGNAT in home environment using Tailscale and VPS⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

  The easy way is to just use tunnelbroker.net, that is what I currently have (this would use one of their assigned net blocks, not the one from the VPS). Set it up on the Pi, set up IP forwarding with appropriate firewall rules, make the Pi serve RA so clients can assign themselves an IP, done (IIRC).

  If you want to set up the v6/v4 gateway yourself, I would do this with a /64 you can fully route to your home network like you would get with tunnelbroker.net because then you don’t have to deal with the network split and essentially two gateways for the same network (your Pi and the VPS), because otherwise your clients would assume the VPS is directly reachable since it’s in the same network when in reality it would have to go through the gateway (you would have to set up an extra route in that case on every client, I think). You’d need a second network from Oracle for this.

  But it’s pretty much the same thing I would assume plus the setup on the VPS side, make the VPN route your /64 block (or use 6in4 which is what tunnelbroker.net uses), configure IP forwarding on the Pi and the VPS between the VPN interface and local/WAN respectively.

• ⁨Comment⁩ on ⁨Authentication for external sevices⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

  You’re looking for an OAuth-compatible identity provider (personally I use Kanidm, if Keycloak does that too that works, I’ve never used it). And then set it up as the auth mechanism for Immich, and whatever else you want: immich.app/docs/administration/oauth

• ⁨Comment⁩ on ⁨static website generator⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

  How about GNU M4 + Make (output)?

  (to be clear this is a joke suggestion. but yes it is what I legitimately use)

• ⁨Comment⁩ on ⁨Does leaving a single board computer caseless can be a problem or not?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

  I killed 3 Raspberry Pis by putting them onto a metal surface while turned on (first two times I didn’t know what was happening and the third time was accidental). Do not recommend.

• ⁨Comment⁩ on ⁨Amazon's Monopoly of the tech industry is ruining the US economy⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

  I like to order tech stuff from mindfactory.de

• ⁨Comment⁩ on ⁨Student dorm does not allow wifi routers⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  I’m in a similar situation. Before I had to move all was fine, I had a single ethernet port I plugged my router into. It even had a static IPv4 (even though no IPv6 but I could just use tunnelbroker). Literally perfect.

  After I moved I’m now stuck in this horribly designed network that has a stupid internet cafe tier login portal even for wired devices, unencrypted wifi, seemingly every single device from every student on the same network (I am getting blasted with other people’s broadcast packets and I’m pretty sure the network congestion from that is where my weird intermittent packet loss comes from). And now I don’t have any public IP address at all.

  Whoever they hired to set this up is an absolute moron who has no idea about network security or how to make an efficient network and considering the internet cafe login portal probably likes to cause as much suffering as possible. (Not saying I’m necessarily qualified but the fact alone that I can connect to other people’s AirPlay devices means they failed at both.)

  And the reason all of this is a problem is that they also don’t allow putting a router/firewall in front so I can get a sane network. Had to tear down pretty much all the infrastructure I set up in the old place because a lot of it was relying on me having control over the network. Of course, I knew none of this before I moved in, I was explicitly looking for internet shenanigans in the contract.

  I now have a janky Wireguard mesh network setup with one of the machines being the IPv6 gateway. Awful but at least I have public addresses and IPv6 (and with that a bit of my own network space) again.

• ⁨Comment⁩ on ⁨"Concord servers are now offline. Thank you to all the freegunners who have joined us in the Concord galaxy"⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  People paid for that original game too, it wasn’t free. I don’t assume they got refunded. It was basically a massive bait and switch.

• ⁨Comment⁩ on ⁨Nissan develops paint that keeps cars cool in summer heat⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  Just one more lane will fix traffic bro

• ⁨Comment⁩ on ⁨Recommendation engine: Downvote any game you've heard of before⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  I’ve got it already from the itch.io page the other user posted. But thanks!

• ⁨Comment⁩ on ⁨Recommendation engine: Downvote any game you've heard of before⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  I did not realize this game was this well known! It has a super low player peak and at least last time I looked after I first played it years ago no big YouTube channels had a let’s play of it either.

• ⁨Comment⁩ on ⁨Recommendation engine: Downvote any game you've heard of before⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  Lorn’s Lure (currently demo only, releases in 3 weeks)

  An android is led through a vast structure by a glitch in his visual system. Lorn’s Lure is an atmospheric narrative first-person platformer with novel climb-anything mechanics and modernized retro 3D graphics.

• ⁨Comment⁩ on ⁨Recommendation engine: Downvote any game you've heard of before⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  CONCLUSE

  Concluse is an atmospheric horror game which features puzzles, outstanding cutscenes, and something a little twisted…

  This one is free! Unfortunately a lot of my niche games are horror, not sure how broad of an appeal that is, but hopefully there’s some horror fans here :^)

• ⁨Comment⁩ on ⁨Recommendation engine: Downvote any game you've heard of before⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  This item is currently unavailable in your region

  Piss off Steam, this sounds hilarious

• ⁨Comment⁩ on ⁨Recommendation engine: Downvote any game you've heard of before⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  MOTHERED

  An immersive first-person horror adventure where you play the role of LIANA - a young girl who arrives home after major surgery and is met with a strange mannequin claiming to be her mother.

  This is part of a trilogy which I highly recommend checking out. All three of these are great.

• ⁨Comment⁩ on ⁨Recommendation engine: Downvote any game you've heard of before⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  Evoland 2

  Evoland 2 is an unique RPG, with its graphic style and gameplay changing as you progress through a deep storyline based on time travel.

• ⁨Comment⁩ on ⁨It’s time to retire the term “user”⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  Recently, I met with a founder who cringed when his colleague used the word “humans” instead of “users.” He wasn’t sure why.

  Yeah because it sounds super weird. Who says “humans” instead of “people”.

  • “my app has 2000 users” - yes
  • "2000 people use my app" - yes
  • "2000 humans use my app" - you’re definitely an alien

  Either way what a stupid article. The AI angle pretty much makes me dismiss it outright because I refuse to let AI dictate anything I do except for adding AI crawlers to my website’s robots.txt. And then you’ve got the corporate focus which is also really strange since that’s not the only place where there’s “users”. Open-source software also has users (and developers, so if you want to replace “users” with “people”, does that mean developers are not people?) and I would be insulted if someone implied I “depersonalize” the people who use my software by calling them users. It’s just a descriptive word and this article and everyone quoted here seems like they’re trying to pull a bad connotation to the word out of thin air.

• ⁨Comment⁩ on ⁨European iPhones are more fun now⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  The more they get regulated, the better their stuff becomes*. It’s wild that people are on the side of Apple for a lot of this stuff, most prominently probably with third party app stores supposedly “decreasing security”.

  Sent from my MacBook :^)

  * At least when it comes to consumer rights regulations. I’m still mad about China demanding they remove the option to accept AirDrop from everyone without a time limit on iPhones and Apple then implementing that restriction globally for whatever godforsaken reason.

• ⁨Comment⁩ on ⁨Microsoft backtracks on deprecating the 39-year-old Windows Control Panel | Microsoft has either backtracked or clarified its language to remove the note about Control Panel being deprecated⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  I’d classify that as under “less usable UI”. There’s two different concepts in interface design: utility (i.e. can it do what you need it to) and usability (i.e. how easy and effective to use is it).

  With utility/“less functionality” I was thinking about people saying they have to still open Control Panel because the “new” Settings still can’t do everything Control Panel can do after what, 12 years?

• ⁨Comment⁩ on ⁨Microsoft backtracks on deprecating the 39-year-old Windows Control Panel | Microsoft has either backtracked or clarified its language to remove the note about Control Panel being deprecated⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  the Settings app, which offers a more modern and streamlined experience.

  tl: “modern” means “less usable UI” and “streamlined” means “less functionality”