Lem453
@Lem453@lemmy.ca
- Comment on Single Sign in for Home Assistant now possible with OpenID 1 week ago:
Authentik handles SSO for all my apps like immich, linkwarden, owncloud etc. Jellyfin uses LDAP via authentik but isn’t sso.
Other than me, no one else mounts samba shares directly. All personal files are synced to server and other devices with owncloud (OCIS).
- Comment on Single Sign in for Home Assistant now possible with OpenID 1 week ago:
Yes its config file only, but if you get the File editor app, it’s quite easy to just copy and paste a few lines into the editor.
- Comment on Single Sign in for Home Assistant now possible with OpenID 1 week ago:
I’ve not looked for an LDAP solution but stuff like this is why i went with authentik over other solutions. Because authentik has LDAP built in, i can use this when needed (jellyfin) but then use openid for other apps (which us superior in almost every way for home lab use)
- Comment on Single Sign in for Home Assistant now possible with OpenID 1 week ago:
There are auth libraries that you can just plug into your app so you don’t even have to worry about that part yourself and just focus on the app
- Comment on SSL certificates for things inside the lab 1 week ago:
I use this tutorial to setup external only and internal only URLs both with SSL
- Submitted 1 week ago to selfhosted@lemmy.world | 20 comments
- Comment on Motorola GrapheneOS devices will be bootloader unlockable/relockable 2 weeks ago:
- Comment on Google settles with Epic Games, drops its Play Store commissions to 20% 2 weeks ago:
privsec.dev/…/banking-applications-compatibility-…
Check compatibility here.
- Comment on Simple inexpensive cloud backup? 3 weeks ago:
Borgbase has good options for Borg and restic backups.
I highly recommend using one of these 2 for proper backups. Borg with borgmatic scripts are fantastic
- Comment on Remember my kubernetes devolver ? It has breached containment 4 weeks ago:
You have angered the helmsman Charon. Your misdeeds have been noted.
- Comment on 700+ self-hosted Git instances battered in 0-day attacks 3 months ago:
If i remember correctly on my gitea (now forgejo) the default is open registration which really shouldn’t be the case for projects that are targeted towards self hosters.
My inital install was a long time ago so I don’t remember for sure
- Comment on Bad experience on selfhosting nextcloud 3 months ago:
I ran nextcloud for years on good hardware and its always been the weakest self hosted app I have. I moved to seafile for a bit and then ultimately owncloud OCIS
- Comment on Nextcloud -> Owncloud (ocis) 4 months ago:
I don’t think this is the same thing.
Opencloud.eu seems to have been started so they could offer hosting services to EU clients and essentially compete with MS teams and others. You can download and run their version directly. This isn’t a fork the way that opencloud > nextcloud was a change in governance.
OCIS seems to have a great open source product that I’m also hoping to switch over to. I’ve been trying to get it connected to my authentik SSO (which I have) and just need to figure out how to get admin users on authentik to show up as admin users on ocis.
That’s the last thing I need to migrate over fully.
I used to be on owncloud then switched to nextcloud at the fork. In all that time through 3 different servers nextcloud has always been the most brittle app I’ve hosted
- Comment on Immich 2.1 Released with Better Slideshow Shuffle, New Notifications 5 months ago:
Borg backup runs every hour on all my docker folders
- Comment on can we now "safely" auto upgrade immich? 5 months ago:
I definitely don’t need to but it also costs nothing and retention policy only keeps 5 minute backups for an hour. Then I really back up for a day. Daily backups for a week, etc. Up to 2 years
- Comment on Anyone had any luck running Fusion 360 on Linux? 5 months ago:
I think I remember people saying they got it working with this
github.com/winapps-org/winapps
That being said, stuff like Fusion 360 changes quite often and even if it works now it might break compatibility with the future update.
FreeCAD has come a long way since with the 1.0 release and the 1.1 release also has lots of good quality of life improvements.
- Comment on can we now "safely" auto upgrade immich? 5 months ago:
Exactly this, I have hourly Borg backups and also since my install is entirely on a zfs array I have zfs autosnapshot every 5 mins with retention policy. Takes almost zero cpu or memory overhead extra and means and can do just about anything via command line and revert it back with ease.
- Comment on What's the real danger of opening ports? 5 months ago:
Traekif can reverse proxy just about anything include ssh.
That being said I don’t. For stuff like ssh I connect with wireguard first then ssh. For stuff like immich I directly expose that behind traefik so I can share images with others. For stuff like vaultwarden I have that behind traefik but internal only so you need wireguard first then you connect to vaultwarden.local.domain.com
- Comment on In Praise of RSS and Controlled Feeds of Information 5 months ago:
FreshRSS self hosted. Just navigate to the website in your browser, install it to android via a browser ‘app’. Assign the app to a gesture.
Now i swipe from the left and my RSS opens. Fully self hosted with no tracking beyond the websites you visit.
- Comment on Immich mobile app sync V2 5 months ago:
I’m on version 1.143.1
About 30k photos and 2k videos
The web interface was great, the android app (pixel 8) was very slow. Even local assets were slow.
Since update, its way faster. Feels really good, responsive, low latency. Sync and backups have been no issue at all.
Sync on android turned itself off after updating, but I turned it back on, selected the same folders to watch and it processed for a few mins and then everything continued to work with no issues.
- Comment on mkdocs for recipe catalogue 6 months ago:
The main feature I want is portion scaling. So I can type the number of servings and everything gets multiplied. Is that possible in obsidian via a plugin or with mkdocs?
- Comment on Linkwarden v2.12 - open-source collaborative bookmark manager to collect, read, annotate, and fully preserve what matters (tons of new features!) 🚀 6 months ago:
This is great. Thanks!
- Comment on Linkwarden v2.12 - open-source collaborative bookmark manager to collect, read, annotate, and fully preserve what matters (tons of new features!) 🚀 6 months ago:
Couldn’t the attacker just drop a dangerous binary into the data volume then?
- Comment on Linkwarden v2.12 - open-source collaborative bookmark manager to collect, read, annotate, and fully preserve what matters (tons of new features!) 🚀 6 months ago:
How would you add new links if its read only?
- Comment on Linkwarden v2.12 - open-source collaborative bookmark manager to collect, read, annotate, and fully preserve what matters (tons of new features!) 🚀 6 months ago:
I’ve been using this which works great.
f-droid.org/packages/com.sbv.linkdroid/
Works with my single sign on setup as well which was critical. Creates a nice share target on android so any share button gives the option of sending the link to linkwarden
- Comment on Am I corrupting my data? 6 months ago:
One thing to consider is that once zfs is setup there really is no significant intervention that is needed. I probably haven’t done anything to my proxmox zfs array in years.
I know its almost a meme to say just learn command line, but unfortunately in this case it will really help you understand what is happening and it also just takes a few commands to setup up once and then never worry about it again.
After the inital setup, the zfs GUI will be pretty much unused.
For commands I don’t use often, i use a note taking software to keep track of commands I used during setup because years go by before I use it again. I find the GUI often changes in that time making it harder to replicate whereas command line is the same and easier to document.
- Comment on Selfhosting Sunday - What's up to date, selfhosters? 7 months ago:
Keeping 80 open is useful so that traefik can redirect all traffic to 443 (https)
- Comment on Securely Expose your Homelab Services with Mutual TLS - YouTube 8 months ago:
I didn’t know what this was until now. It seems like the beta bitwarden app supports this. Would be interesting to get it setup for that.
- Comment on What are the advantages/disadvantages of the different backup solutions? 8 months ago:
This along with borg warehouse is the GOAT setup. Many others exist of course.
- Comment on Outgrown my Synology NAS, time for a proper dedicated machine 8 months ago:
I did his when I moved from unraid because I wanted better infra as code for my dockers etc. Kept unraid with all my drives and use NFS mounts