Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)I

IanTwenty

@ IanTwenty @lemmy.world

Posts
5
Comments
74
Joined
2 yr. ago

  • Why I Ditched Spotify, and How I Set Up My Own Music Stack | LeshiCodes

    Jump

  • I see what you're saying but nowhere else in that table is cost mentioned. Below the table they say maintanance is minimal. If you're already looking after storage, containers and server(s) I guess that could be true.

  • Why I Ditched Spotify, and How I Set Up My Own Music Stack | LeshiCodes

    Jump

  • Author says "one-time server setup + storage" but there are a few moving parts and always updates to handle so I'm sceptical this could be truly called 'one time' (or any selfhosting). Time will tell I guess. I enjoyed the article though and gave me food for thought.

  • Markor is quite cool. Found that it supports templates, Mermaidjs charts and KaTex

    Jump

  • Markor is great! It's a small thing but I like its one tap to mark a todo done in markdown list. Often make lists then walk around with my mobile checking things off. Syncthing keeps it all up to date.

    p.s. I didn't know about those features either so thank you

  • Deleted

    Permanently Deleted

    Jump

  • 10Gb is not a big file relatively speaking - both ext4 and btrfs (for example) can handle 16TiB and larger. If this was your only reason for choosing exFAT then you can definately migrate.

  • Knowing Where You Stand - Jurisdiction, Legal Entities, and Liability in FOSS

    Jump

  • This was an interesting read - not often I'ke seen orgs talk about this side of things openly. It would be good for FOSS orgs to share knowledge and threats to help all defend from spurious legal attacks.

  • Zigbee Temp + Humidity Sensors

    Jump

  • What's a reliable filesystem for long term data archival that also supports transparent file compression?

    Jump

  • Are you using RAID at all? If so ZFS is probably the way to go. If not I think it matters less whether you use either btrfs or ZFS.

    Regarding btrfs and power loss:

    https://unix.stackexchange.com/questions/340947/does-btrfs-guarantee-data-consistency-on-power-outages

    ...btrfs is designed to only experience data loss not corruption, assuming well behaving hardware in power outage scenario. In practice ZFS has more maturity overall (definately) so may be better (my speculation).

    Beyond direct comparisons if you already have on and offline backups then you are protected from power corruption and only have to worry about data loss anyway?

  • Securing a 'public' service for family

    Jump

  • Was this comment meant for a different conversation? We're talking about VPNs here.

  • Securing a 'public' service for family

    Jump

  • I've got probably 30+ households of people and multiply that by number of devices....this is also something that will only be live for 12 months maybe. I think if I was doing something long-lived it might be worth the effort to get everyone onto VPN but for this....just can't justify the time. Thanks anyway.

  • Securing a 'public' service for family

    Jump

  • Hey thanks for this. Yep I've got too many users and most are not technical so it's just a huge headache to get them all onto VPN not matter how simple. That said I'd consider tailscale/funnel for other projects and it's always good to hear what others are using.

  • Securing a 'public' service for family

    Jump

  • 👍 looks like its fairly easy to add something like ModSecurity WAF to nginx

  • Securing a 'public' service for family

    Jump

  • Thought process is: Peertube or some other service’s first job is the purpose for the service, so security likely won’t be as good as a service who’s first job is security.

    Really good point. I see many selfhost instructions now that say 'we don't bother with HTTPS, just use a proxy to handle that' and maybe auth should go the same way as in there's good solutions that specialise in auth so it's not worth each project doing it themselves.

    apps can’t deal with hitting Authentik 1st afaik

    Another good consideration. There is an early Peertube app but I doubt my users will be using it, web access is fine for this. Perhaps apps for things like Lemmy/Mastodon/Peertube etc will need to work better with these auth frontends in future.

  • Securing a 'public' service for family

    Jump

  • Thanks for this suggestion - this is interesting because it looks like pangolin combines almost all the measures mentioned so far here apart from Anubis: auth provider with one-time email passcodes, geoip blocking, crowdsec plus bonus automated cert handling. It does look like it does nearly everything in one package and I can pay for them to host it for me if I don't want to selfhost those parts. Strong contender!

  • Securing a 'public' service for family

    Jump

  • Really good point. I can definitely restrict to one country and anyone using their own VPNs/TOR/whatever will be sophisticated enough to understand why its restricted and how to keep their access.

  • Securing a 'public' service for family

    Jump

  • Super useful thanks!

  • Securing a 'public' service for family

    Jump

  • Good to hear Anubis is effective - I would hope that takes the site out of the 'easy target' sort of category and most bots give up. Yeah I think monitoring is gonna be key to keep an eye on threats. Thanks!

  • Securing a 'public' service for family

    Jump

  • I had to look up NPM as in my head it's NodeJS Package Manager but TIL there's also Nginx Proxy Manager!

    I like your VPN solution for a small group and actually tying it to their home network/router could make sense and further restrict attacks I have to deal with. However in my case I could be dealing with 30+ households of users and as others say I am bound to get people on mobiles complaining they can't access it. However noted for future projects.

  • Securing a 'public' service for family

    Jump

  • That's a great suggestion, then I'm not relying just on the app/service to have super secure auth.

  • Securing a 'public' service for family

    Jump

  • Hey thanks for these links I will check them out! Magic links would be great actually as then I am not relying on them to set decent passwords or giving them burden of TOTP/etc which some may not have used before.