Lem453

@Lem453@lemmy.ca

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨Linkwarden v2.12 - open-source collaborative bookmark manager to collect, read, annotate, and fully preserve what matters (tons of new features!) 🚀⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
This is great. Thanks!
⁨Comment⁩ on ⁨Linkwarden v2.12 - open-source collaborative bookmark manager to collect, read, annotate, and fully preserve what matters (tons of new features!) 🚀⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
Couldn’t the attacker just drop a dangerous binary into the data volume then?
⁨Comment⁩ on ⁨Linkwarden v2.12 - open-source collaborative bookmark manager to collect, read, annotate, and fully preserve what matters (tons of new features!) 🚀⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
How would you add new links if its read only?
⁨Comment⁩ on ⁨Linkwarden v2.12 - open-source collaborative bookmark manager to collect, read, annotate, and fully preserve what matters (tons of new features!) 🚀⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
I’ve been using this which works great.

f-droid.org/packages/com.sbv.linkdroid/

Works with my single sign on setup as well which was critical. Creates a nice share target on android so any share button gives the option of sending the link to linkwarden
⁨Comment⁩ on ⁨Am I corrupting my data?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
One thing to consider is that once zfs is setup there really is no significant intervention that is needed. I probably haven’t done anything to my proxmox zfs array in years.

I know its almost a meme to say just learn command line, but unfortunately in this case it will really help you understand what is happening and it also just takes a few commands to setup up once and then never worry about it again.

After the inital setup, the zfs GUI will be pretty much unused.

For commands I don’t use often, i use a note taking software to keep track of commands I used during setup because years go by before I use it again. I find the GUI often changes in that time making it harder to replicate whereas command line is the same and easier to document.
⁨Comment⁩ on ⁨Selfhosting Sunday - What's up to date, selfhosters?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Keeping 80 open is useful so that traefik can redirect all traffic to 443 (https)
⁨Comment⁩ on ⁨Securely Expose your Homelab Services with Mutual TLS - YouTube⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
I didn’t know what this was until now. It seems like the beta bitwarden app supports this. Would be interesting to get it setup for that.
⁨Comment⁩ on ⁨What are the advantages/disadvantages of the different backup solutions?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
This along with borg warehouse is the GOAT setup. Many others exist of course.
⁨Comment⁩ on ⁨Outgrown my Synology NAS, time for a proper dedicated machine⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
I did his when I moved from unraid because I wanted better infra as code for my dockers etc. Kept unraid with all my drives and use NFS mounts
⁨Comment⁩ on ⁨goodbye plex⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
The best and most versatile system is having domains and a reverse proxy that has internal and external domains. Ie jelly.example.com and Vaultwarden.internal.example.com

Then you add authentik which does SSO for many app like nextcloud, immich, linkwarden etc. For apps that don’t integrate, you can still use his with reverse proxy authentication (sonarr).

Naturally this is more complex to setup but nothing beats the versatility.

I can choose extra protection for things like vaultwarden (need to connect via wiregaurd). Make things external for other users to access easily (immich, jellyfin, etc). Everything is based on users that are made in authenticatik and they all have the same password with single sign on.

You would approach this is pieces. get the domain and reverse proxy working first. Then authentik. this is only realistic with docker compose.
⁨Comment⁩ on ⁨goodbye plex⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Assuming this is all true, sure its not great but how much does it matter?

Most have jellyfin in a docker. My jellyfin can’t only has read only accses to the media folder. Only the config folder has write access. Assuming the worst case scenario here, how much damage can than do?
⁨Comment⁩ on ⁨goodbye plex⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
I’ve been using jelly since just after the emby fork and never had an update issue on docker.
⁨Comment⁩ on ⁨A sovereign Microsoft 365 alternative: Nextcloud and IONOS join forces - Nextcloud⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Owncloud infinite scale seems, well, much more scalable
⁨Comment⁩ on ⁨CrowdSec vs Fail2Ban - What to use?⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
I have traefik running with all config done via the docker compose files and I just couldn’t figure out how to get the bouncer middleware to work without causing problems. Doesn’t help that most examples seem to be based on the static yaml based config so I’m trying to convert jt. Would appreciate anyone who might know of a resource that explains with docker compose environment tags.

I also have middle ware for things like authentik which complicates things.
⁨Comment⁩ on ⁨Why is everyone using Tailscale?⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
Others have already mentioned the question makes no sense but for others that are curious.

Headscale is a self hosted tailacale alternative and for a small number of devices plain wireguard is as well. I use plain wireguard on my router to allow LAN access from my mobile devices.

I want rock solid stability and simplicity since I use this for to debug issues if they crop up while I’m away.
⁨Comment⁩ on ⁨Manage things "To be Read"⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
The thing I like most about linkwarden is that it integrates with my existing single sign on (authentik). After you get to a certain number of apps, it becomes extremely annoying to not have this so I now look for SSO as a major factor when deciding what app to use.
⁨Comment⁩ on ⁨Fully self-hosted password manager options⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
The native rewrite of the Android app is butter smooth. I think it’s still technically in beta, but I’ve been using it for more than a year.
⁨Comment⁩ on ⁨Monitoring OPNSense Logs with Grafana Loki⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:
Do you mind putting some screenshots of what the final dashboard looks like?

Also, how much IO wear and tear does this put on a solid-state drive?
⁨Comment⁩ on ⁨Traefik with Socket Activation via Podman Quadlets⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:
What’s the advantage of socket activation? Is it more secure than exposing a docker port?
⁨Comment⁩ on ⁨How do you handle absolutely critical alerts on your Android phone?⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:
Mine works instantly on a pixel 8. There is a notification that is always active for the gotify app. I believe an always on notification is required for instant pushing with non google apps. Maybe you haven’t enabled it in the settings somewhere?
⁨Comment⁩ on ⁨How do you handle absolutely critical alerts on your Android phone?⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:
Gotify along with an external email service. I get each notification twice, immediately
⁨Comment⁩ on ⁨Nextcloud (PHP) vs OpenCloud (Rust)⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:
From the website, i can’t see how it’d different than owncloud.
⁨Comment⁩ on ⁨Nextcloud (PHP) vs OpenCloud (Rust)⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:
This is what you’re really looking for:

github.com/owncloud/ocis
⁨Comment⁩ on ⁨How do I host Jellyfin in the most secure manner possible?⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:
No reason not to have both. Things like vaultwarden do warrant an extra layer so setup wildcard domain for internal services x.local.example.com and then normal certs for external stuff like y.example.com.

To get internal stuff you then need your vpn as well to access it. You can now easily choose what risk you want on a per app basis.

Technotim has a good video on this
⁨Comment⁩ on ⁨Backups made easy: btrfs + snapper + snapborg⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:
Oh i see.

that is a good point. Being about the mount the borg repo and pull out a specific file is very useful. Not sure I would do it as a bloc device since I don’t think there is an easy way to see specific files.
⁨Comment⁩ on ⁨Backups made easy: btrfs + snapper + snapborg⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:
With snapshots it costs nothing if the OS files don’t change much
⁨Comment⁩ on ⁨Developing a self-hosted alternative to Google Keep⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:
Self host radicale if you don’t want the whole nextcloud suite
⁨Comment⁩ on ⁨New Jellyfin Server/Web release: 10.10.7⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:
If I in traefik and jellyfin in docker, so I add the docker IP of traefik as the trusted proxy?
⁨Comment⁩ on ⁨Best Back Up Solution For Multiple Servers⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:
I use self hosted borg repo to backup to a local server and then also borgbase is a service that allows remote backup.

Borgmatic automates all of this.
⁨Comment⁩ on ⁨How to secure Jellyfin hosted over the internet?⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:
He’s saying that while there is no benefit to being connect to WG at home, there is also no downside so many people just stay connected all the time.