Skip Navigation

A Mouse

@ mouse @midwest.social

Posts
6
Comments
49
Joined
3 yr. ago

  • Nobara 42: SteamOS alternative updated with better driver manager, custom app store, and new Linux kernel

    Jump

  • From the Nobara changelog: https://nobaraproject.org/category/changelog/

    plasma-discover and gnome-software have both now been replaced with flatpost. Flatpost is a new in-house developed one-stop shop for flatpaks. It is able to handle installation, removal, upgrading, and permissions of flatpaks as well as flatpak repository management. You should find it provides all of the same permission toggles as flatseal. It is a simple application built on python and gtk, and is meant to be a desktop environment agnostic solution (meaning it should run in any DE). We did this because while we only support Gnome and KDE, we understand users still want to install their own environments and will do so regardless of whether or not it’s supported. If they are going to do that, again we prefer users to install flatpaks where possible for their software needs, and not all environments have a flatpak shop. For example if I’m using hyprland or labwc, now I have a shop I can use with them: https://github.com/GloriousEggroll/flatpost. Users can still manually install plasma-discover or gnome-software if they prefer.

  • This Week in Self-Hosted (11 April 2025)

    Jump

  • How do I use HTTPS on a private LAN without self-signed certs?

    Jump

  • Unfortunately that's one area I am bad with, I tend to use reverse_proxy for most such as Baikal running with the ckulka/baikal Docker image (which runs Nginx or Apache), otherwise I only static sites.

    I'd start by looking at Baikal's config for Apache and Nginx, https://sabre.io/baikal/install/ and comparing to the directives for Caddy, https://caddyserver.com/docs/caddyfile/directives and

    Since it uses PHP, it will need that, https://caddyserver.com/docs/caddyfile/patterns#php

    Upon my searches I came across this, it talks about running Baikal with Caddy specifically. https://github.com/caddyserver/caddy/issues/497

    I hope that this provided some helpful directions.

  • How do I use HTTPS on a private LAN without self-signed certs?

    Jump

  • I use Caddy for this. I'll leave links to the documentation as well as a few examples.

    Here's the documentation for wildcard certs. https://caddyserver.com/docs/automatic-https#wildcard-certificates

    Here's how you add DNS providers to Caddy without Docker. https://caddy.community/t/how-to-use-dns-provider-modules-in-caddy-2/8148

    Here's how you do it with Docker. https://github.com/docker-library/docs/tree/master/caddy#adding-custom-caddy-modules

    Look for the DNS provider in this repository first. https://github.com/caddy-dns

    Here's documentation about using environment variables. https://caddyserver.com/docs/caddyfile/concepts#environment-variables

    Docker

    A few examples of Dockerfiles. These will build Caddy with DNS support.

    DuckDNS

     
        
FROM caddy:2-builder AS builder
RUN xcaddy build --with github.com/caddy-dns/duckdns

FROM caddy:2
COPY --from=builder /usr/bin/caddy /usr/bin/caddy

    Cloudflare

     
        
FROM caddy:2-builder AS builder
RUN xcaddy build --with github.com/caddy-dns/cloudflare

FROM caddy:2
COPY --from=builder /usr/bin/caddy /usr/bin/caddy

    Porkbun

     
        
FROM caddy:2-builder AS builder
RUN xcaddy build --with github.com/caddy-dns/porkbun

FROM caddy:2
COPY --from=builder /usr/bin/caddy /usr/bin/caddy

    Configure DNS provider

    This is what to add the the Caddyfile, I've used these in the examples that follow this section. You can look at the repository for the DNS provider to see how to configure it for example.

    DuckDNS

    https://github.com/caddy-dns/cloudflare?tab=readme-ov-file#caddyfile-examples

     
        
tls {
	dns duckdns {env.DUCKDNS_API_TOKEN}
}

    CloudFlare

    https://github.com/caddy-dns/cloudflare?tab=readme-ov-file#caddyfile-examples Dual-key

     
        
tls {
	dns cloudflare {
		zone_token {env.CF_ZONE_TOKEN}
		api_token {env.CF_API_TOKEN}
	}
}

    Single-key

     
        
tls {
	dns cloudflare {env.CF_API_TOKEN}
}

    PorkBun

    https://github.com/caddy-dns/porkbun?tab=readme-ov-file#config-examples Global

     
        
{
        acme_dns porkbun {
                api_key {env.PORKBUN_API_KEY}
                api_secret_key {env.PORKBUN_API_SECRET_KEY}
        }
}

    or per site

     
        
tls {
	dns porkbun {
			api_key {env.PORKBUN_API_KEY}
			api_secret_key {env.PORKBUN_API_SECRET_KEY}
	}
}

    Caddyfile

    And finally the Caddyfile examples.

    DuckDNS

    Here's how you do it with DuckDNS.

     
        
*.example.org {
        tls {
                dns duckdns {$DUCKDNS_TOKEN}
        }

        @hass host home-assistant.example.org
        handle @hass {
                reverse_proxy home-assistant:8123
        }
}

    Also you can use environment variables like this.

     
        
*.{$DOMAIN} {
        tls {
                dns duckdns {$DUCKDNS_TOKEN}
        }

        @hass host home-assistant.{$DOMAIN}
        handle @hass {
                reverse_proxy home-assistant:8123
        }
}

    CloudFlare

     
        
*.{$DOMAIN} {
        tls {
	        dns cloudflare {env.CF_API_TOKEN}
        }

        @hass host home-assistant.{$DOMAIN}
        handle @hass {
                reverse_proxy home-assistant:8123
        }
}

    Porkbun

     
        
*.{$DOMAIN} {
        tls {
	        dns porkbun {
			api_key {env.PORKBUN_API_KEY}
			api_secret_key {env.PORKBUN_API_SECRET_KEY}
	        }
        }

        @hass host home-assistant.{$DOMAIN}
        handle @hass {
                reverse_proxy home-assistant:8123
        }
}

  • Replacing router with OpenWRT on Proxmox

    Jump

  • It can be used as a VPN router, any VM that needs a VPN can be connected to a network bridge that is forward through the VPN. This could also be done on the primary router and a VLAN.

  • Self hostable gif database?

    Jump
  • Removed

    Windows VM without Microsoft Account

    Jump

  • It says no such command found.

    Make sure you use a back slash and not a forward slash. oobe\bypassnro

  • Bitwarden is now verified on Flathub for Linux

    Jump

  • It looks like they are working on fixing that with this pull request.

  • Project that rates Big tech EULA's

    Jump

  • AMD Linux Graphics Driver To Switch To More Aggressive Power Heuristics By Default

    Jump

  • I just checked myself and it's card1 too, now I am curious why it's not card0. 🤷

  • AMD Linux Graphics Driver To Switch To More Aggressive Power Heuristics By Default

    Jump

  • I believe it's cat /sys/class/drm/card0/device/pp_power_profile_mode.

    There's also the power_dpm_force_performance_level.

  • Firefox added ad tracking and has already turned it on without asking you

    Jump

  • I agree with this. I understand that the majority of users also don't read release notes and some don't even install add-ons, with this being enabled by default this would provide them with a more anonymous ad experience.

  • Pros and cons of Proxmox in a home lab?

    Jump

  • As a small homelabber I agree with this. I started with a baremetal and using Docker, and switched to Proxmox, and now over to Incus, actually currently I am using Debian with cockpit + cockpit-machines. I do like Incus, I keep hopping back and forth between cockpit, I need to settle on one.

  • Just booted fresh Debian install with 7900 XTX: Getting errors at boot

    Jump

  • Yeah, Debian has older firmware found in the firmware-amd-graphics package which doesn't include the firmware. You'll need to download it from https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/ I believe anything from linux-firmware-20231030 and newer should work.

    20231030 tag: https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tree/amdgpu?h=20231030 or newest(20240410) tag: https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tree/amdgpu?h=20240410

    These files need to be placed in /lib/firmware/amdgpu/

  • Do you encrypt your data drives?

    Jump

  • It's a relatively low performance hit and it benefits me when having to replace a failing/old disk. I can just toss the drive without having to erase the data first, that is as long as the key is a secure length.

  • Deleted

    deleted by creator

    Jump

  • Quickly skimming the readme, it states:

    • OAuth token spoofing: To circumvent rate limits imposed by Reddit, OAuth token spoofing is used to mimick the most common iOS and Android clients. While spoofing both iOS and Android clients was explored, only the Android client was chosen due to content restrictions when using an anonymous iOS client.
    • Token refreshing: The authentication token is refreshed every 24 hours, emulating the behavior of the official Android app.
    • HTTP header mimicking: Efforts are made to send along as many of the official app's headers as possible to reduce the likelihood of Reddit's crackdown on Redlib's requests.

  • Quad9 DNS in Pihole blocks catbox.moe

    Jump

  • Tesla scraps its plan for a $25,000 Model 2 EV

    Jump

  • You can block instances. Go to settings, blocks, in block instance section search for the instance that you want to block.

  • This Week in Self-Hosted (22 March 2024)

    Jump

  • It is very useful! It's also slightly customizable in that you can have it not save duplicate commands.

    More information can be found on the Arch Wiki or the man page

  • Btw

    Jump