Short answer: a lot 😉 its an authentication protocol to have a single identity provider take care of all your users passwords, access rights etc., like those "login with Facebook" buttons.
It's a bit of advanced topic, but a solid way to minimise authentic based alley on username and password.
Just tried it, and liked it. Too bad there isn't support for OICD right now.
I'm really curious about Papra, but don't see the benefits it provides over paperless. Besides, I won't migrate unless there is a tool to brings over the tags, metadata etc...
It's a matter of when, not if, that happens. And in that situation there's headscale but also Netbird, among other services. And of course, there's also just plain wireguard 😏
Proton 2025 sping roadmaps
Good to see so many planned improvements. One thing I'd like wish for (and seems to be rather forgotten) is improvement on accessing and editing contacts. Right now it's very cumbersome in the browser, let alone that there is no way to access it from the phone.
Would be happy to share feedback and testing if you need detailed user experience reports, @[email protected]
I wanted to use this on my RPI2 buy I think the CPU is too old 🙃 I to however have a openWRT router and I suppose I can achieve similar functionality with a bit of hacking on the OS.
Thank you for taking the time to write this! Well, first stage of my project (getting openwrt my router) has gone according to plan, and now to strive for the next objective 😏
Thank you for taking the time to answer throughly! I noted your advice and chunked up my goals into "mini-projects", once I have all the configurations set and all devices connected to the new router. I did check what I bought is a router, not a switch (I find the naming of the device acting as the gateway between the LAN and WAN to be a bit ambigous: switch, router, gateway...).
As for the IDS capability, this is something that would be done by a raspberry pi being fed packets from the router. I don't know if I will ever undertake that task, but I keep it in mind if I'll feel adventorous 🙃
(for those wondering: Linux Magazine #279 has a guide on how to accomplish this with a Fritz!Box 7583).
Thank you for all the questions to help me clarify my use case 🙂
At the very basic, I'd like to:
Once the basics are in place, I'd like to elevate my netsec game and implement:
The NAS part is just for convince, it would be nice to have a samba / NFS with my files available when I need them.
From the GH issue:
"There are multiple privacy and telemtry issues with this browser. Please see the discussion forum for people raising these issues. It seems telemetry is very much still enabled (not just a we missed some things problem)."
Calling this a backdoor is way overblown?
Just got my OpenWrt switch - what configurations / preparations should I do?
I have solid experience configuring and maintaining Linux, but my knowledge in networking is quite basic. What should my first configurations and preparations should I do before flashing Openwrt and setting it up for my home network?
PS. If I can use the switch as a NAS, I'd be delighted.
Welcome to the deep rabbit hole :-) how much do you know about how computers work? In general, you're going to need to understand some basic networking and general Linux administration, but if you already have a grasp on that then I'd say you just need to start small (simple service, aim to have a resilience goal with backups and restoration) and other metrics that motivates you. Perhaps you want to learn something new with every service you host? You decide, this is your hobby :-)
Hey, don't forget unciv :-) it may not look amazing but that game is a very fun 4x to play.
This is a very solid (if not the best) roguelike to play on phone.
Scholz and Merkel have their flaws, but they're not fascist buffoons. Yep, that's where the bar is right now.
Devin Townsend was without a doubt one of the best artists I've seen live last year. I limed his music for the longest time, and got tickets the day before the concert, and it was so damn good. It wasn't anything fancy, just awesome interaction with the crowd and amazing music.
I saw them two years ago, and I was amazed by how radically the stage shifted between songs. The band members were struggling bouncing around though 😅
I think for matrix to be usable in a homelab setting, Matrix needs to enable a way to handle these huge data storage with prune or something similar.
I found snikket to be quite decent, give it a whirl.
What sunglass brands do you recommend for its quality?
Hey Lemmies, I want to buy a new pair of sunglasses without contributing to Luxotica dominance. I've had Shady rays, but I am looking for a non-american brand.
Look forward to hear your recommendations.
In the last year, I’ve spent about 200,000 words on a kind of personal journey where I’ve tried again and again to work out why everything digital feels so broken, and why it seems to keep getting worse, despite what tech’s “brightest” minds might promise. More
cross-posted from: https://beehaw.org/post/17602033
You are the victim of a con — one so pernicious that you’ve likely tuned it out despite the fact it’s part of almost every part of your life. It hurts everybody you know in different ways, and it hurts people more based on their socioeconomic status. It pokes and prods and twists millions of little parts of your life, and it’s everywhere, so you have to ignore it, because complaining about it feels futile, like complaining about the weather.
It isn’t. You’re battered by the Rot Economy, and a tech industry that has become so obsessed with growth that you, the paying customer, are a nuisance to be mitigated far more than a participant in an exchange of value. A death cult has taken over the markets, using software as a mechanism to extract value at scale in the pursuit of growth at the cost of user happiness.
These people want everything from you — to control every moment you spend working with them so that you m
Appriciation post - envlinks: ultraminimalist homepage / dashboard
I've seen a lot of posts for a lot of different homepage for selfhosters: homepage, homer, homarr (which has an 700 MB image!).
I was after something lightweight, simple and easy to configure and get up and running without all the frills and flashy features. And I found a hidden geml in envlinks - a really simple dashboard that is supersimple to configure (just env-variables in the compose file) and still customisable enough for my needs.
Hope it will satisfy the need of other minimalists out there :-)
creating an alias of a command with plenty special characters
Hello all, I wan to create an alias of this command:
alias dockps = "docker ps --format "table {{.ID}}\t{{.Names}}\t{{.Status}}\t{{.Ports}}""
The syntax for creating an alias is:
alias $COMMAND = "docker ps --format "table {{.ID}}\t{{.Names}}\t{{.Status}}\t{{.Ports}}""
However, since there are quote marks, I assume they neet to be escaped with \. But in the case above, I'm getting the errors in fish and bash.
Fish error:
$ alias dockps = "docker ps --format \"table {{.ID}} {{.Names}} {{.Status}} {{.Ports}}\""
alias: expected <= 2 arguments; got 3
Bash error:
$ alias dockps = "docker ps --format \"table {{.ID}} {{.Names}} {{.Status}} {{.Ports}}\""
bash: alias: dockps: not found
bash: alias: =: not found
bash: alias: docker ps --format "table {{.ID}} {{.Names}} {{.Status}} {{.Ports}}": not found
What am I doing wrong?
Thanks in advance!
Edit:
For fish shell users out there, this can be accomplished by using func:
`$ function dockerps
docker ps --
How do you monitor your servers / VPS:es?
Hello selfhosters.
We all have bare-metal servres, VPS:es, containers and other things running. Some of them may be exposed openly to the internet, which is populated by autonomous malicious actors, and some may reside on a closed-off network since they contain sensitive data.
And there is a lot of solutions to monitor your servers, since none of us want our resources to be part of a botnet, or mine bitcoins for APTs, or simply have confidential data fall into the wrong hands.
Some of the tools I've looked at for this task are check_mk, netmonitor, monit: all of there monitor metrics such as CPU, RAM and network activity. Other tools such as Snort or Falco are designed to particularly detect suspicious activity. And there also are solutions that are hobbled together, like fail2ban actions together with pushover to get notified of intrusion attempts.
So my question to you is - how do you monitor your servers and with what tools? I need some inspiration to know what tooling to sett
Experience with N100 / N200 CPUs?
Hello selfhosters.
I'm considering to buy a SFF PC to act as a docker host. The main services / applications I'm going to run is going to be Immich. Filebrowser, Samba-share and eventually Paperless-ngx. I've been eyeing PCs with a N100 / N200 specifically to run quiet, and to conserve on energy consumption. I am most likely going for an Asus PN42 and will have an SSD in it to keep the moving parts to a minimum.
To those who are running machines with this CPU and similiar workloads, how has your experience been?
Giveaway: subpar pool by Grapefrukt
Hey all, I got a giveaway promo code for this game. I'm not into the Apple ecosystem at all, so I won't have any joy out of it. Grapefrukt usually produces quality games, so whoever gets to this code first - enjoy!
More info about the game here: https://apps.apple.com/us/app/subpar-pool/id1546080553
To get the code:
PS: I miss the old "play it forward" community, so this will be my first contribution in that spirit here on Lemmy.
Ubuntu 23.10 is out
Ubuntu is an open source software operating system that runs from the desktop, to the cloud, to all your internet connected things.
New features in 23.10 Updated Packages
undefined
add-apt-repository now adds PPAs as deb822 .sources files (Improvements to PPA management in 23.10 116).
Linux kernel :penguin:
Ubuntu 23.10 includes the new 6.5 Linux kernel that brings many new features.
Notable upstream changes:
undefined
Intel’s “Topology Aware Register and PM Capsule Interface” (interface that provides better power-management features).
arm64 permission-indirection extension (technology to set special memory permissions).
RISC-V now supports ACPI.
The Loongarch architecture now supports simultaneous multi-threading (SMT).
Support for unaccepted memory (protocol by which secure guest systems accept memory allocated by the host - Seeking an acceptable unaccepted memory policy 5.
The io_uring subsystem can now store the rings and submission queue in user-space memory.
Ability to mount a file system underneath an exist
Post your favorite icon pack / cursor / theme for your DE
Let's be honest, the rankings of gnome-look are weird at best and there is no good resource to gauge what icons / cursors / themes people like to use in their everyday DE.
So please share what icon-pack / cursor theme / GTK|QT theme you use, and why.
Change SSH port: no route to host (Oracle Cloud)
Hello all. I'm trying to change the SSH port on an Oracle VM, but I'm getting nowhere and I don't know where to solve the issue.
I have changed the SSH port:
undefined
edit /etc/ssh/sshd_config
Entered the port info:
undefined
Port 5522
I restarted the service:
undefined
sudo systemctl restart ssh
And made sure that the port is open:
undefined
ss -an | grep 5522 tcp LISTEN 0 128 0.0.0.0:5522 0.0.0.0:* tcp LISTEN 0 128 [::]:5522 [::]:*
I also allow incoming traffic to 5522:
undefined
sudo ufw allow 5522/tcp comment 'Open port ssh tcp port 5522'
AND just to make sure, I allow 'routed':
undefined
sudo ufw default allow FORWARD
And make sure the FW config is valid:
undefined
sudo ufw status verbose Status: active Logging: on (medium) Default: deny (incoming), allow (outg
How to reverse proxy with caddy, tailscale and docker ?
Hello all, I'm taking my first steps in the realm of self-hosting and am learning as I go. I have a VM running ubuntu and I got it connected to tailscale network to fend off unwanted visitors. I also have discovered Docker and am using it to deploy two web applications: FreshRSS and Podfetch. I can deploy them through Docker and they both have their own ports which I can access through ipadrress:portnumber URL in my webbrowser. But, the connection is unsecured over HTTP. I'd like to take it a step further in order to make the connections go over HTTPS.
I thought to use Caddy to make a reverse proxy as it is supposed to have good support with Tailscale but I'm not being particularly successful. I can connect to the individual applications (FreshRSS, PodFetch) by using the given tailscale DNS name (machine.domain.ts.net) and port directly in the browsers URL, but goin
How do you deal with the logs on your servers?
I'm pretty new to selfhosting, but one thing that I know to take seriously is log collection. Since there are a lot of different type of logs (kernel log, application logs, etc) and logs come in many different formats (binary, json, strings) - it's no easy task to collect them centrally and look through them whenever neccessarly.
I've looked at grafana and tried the agent briefly, but it wasn't as easy as I thought (and it might be a too big tool for my needs). So I thought to ask the linuxlemmy community to get some inspiration.
A federated or FOSS variant of IMDB?
We have bookwyrm.social, which does an excellent job at replacing the need for goodreads (which is owned by Amazon). But is there an alternative to imdb.com?
which linux podcasts do you listen to?
A while ago I used to listen to the Linux outlaws which covered a lot of gtopics in Linux and FOSS. The show has discontinued and I'm looking for your recommendations.
What podcasts do you listen to, and what do you like about them?