|
I've formerly used apache, then nginx, then traefik. These days I think caddy is the pro option for https reverse proxying.
|
#
¿
Feb 18, 2023 19:20
|
|
|
|
| # ¿ May 15, 2024 00:30 |
|
|
hogofwar posted:I would recommend looking into VPS services, I use Hetzner for example. It will give you a small server you can SSH into and not really worry about. DigitalOcean is another option, and they have a decent amount of guides as well (which apply to most VPS services). I'm a big fan of Linode, who just got acquired by Akamai.
|
|
#
¿
Feb 18, 2023 20:44
|
|
|
Immich seems to be the rising star of photo album software. I'm currently writing a combination WebDAV server and image thumbnailer, to be used in conjunction with the CubilceSoft File Explorer because I'm tired of having to install some new thing and re-index all my photo albums every 2 years. WebDAV winds up being a pretty badass way to make my files available on the Internet. It's a shame there aren't any really high-quality WebDAV phone clients right now. But I've been able to cobble together a working solution with PhotoSync and DAVx5.
|
|
#
¿
Feb 22, 2023 20:29
|
|
|
Well Played Mauer posted:Yeah, I've been wanting try it out, but Synology Photos is covering me for my local backup. My latest project has been trying to make a switch over to desktop linux for my day to day poo poo. Gnome made some pretty polarizing UI desicions. I personally love Gnome 3, but it is definitely not for everyone.
|
|
#
¿
Feb 23, 2023 01:38
|
|
|
I don't suppose anybody in here knows whether btrfs mirroring (as opposed to btrfs on mdraid level 1) is something OpenMediaVault can handle? If that isn't the nerdiest thing I've ever posted, I don't know what is.
|
|
#
¿
Feb 23, 2023 19:46
|
|
|
Heck Yes! Loam! posted:don't expose your plex instance to the internet folks  e.pilot posted:I’m not a target of a state actor, I’m fine How were you able to determine this? I might be, I just don't know. I wonder if there's a way to convince Jellyfin to work with the HTTP Basic auth that I have in front of literally everything else...
|
|
#
¿
Feb 28, 2023 17:44
|
|
|
Cenodoxus posted:Plex having an exploitable RCE is the least BYOD, baby. Seems like this must have been the Plex client?
|
|
#
¿
Feb 28, 2023 19:54
|
|
thing about this incident.
|
BlankSystemDaemon posted:"I'm fine because I'm not important" only works right up until it's no longer a tool of APTs - once an exploit gets to the level of script kiddies who run it against /0, you're just as hosed as someone getting targeted by an APT. It is a naïve take for sure, and in my experience as a professional computer security educator, it tends to lead people into overly-risky decisions.
|
|
#
¿
Feb 28, 2023 21:05
|
|
|
e.pilot posted:I’m also running it in a container on its own vlan through nginx, so meh Right, so let's talk about what else we can do to try and limit risk! Running it in a container is something you've done. How restricted is this container? Does it have write permissions to any important files? How often do you apply software upgrades? (Plex, to its credit, does a good job nagging you about needing to upgrade.) Let's pretend an attacker were able to get a local shell inside your Plex container. What could they do with that? They could ruin your Plex state for starters, there probably isn't much you can do to defend against that one other than scheduling regular backups so you can get back quickly. Could they also delete your library? Could they launch an attack against other machines on your network? Now let's say there's some second script they could run to become root in that container. We call this "privilege ecalation". What would that allow them to do? What if they're able to break out of the container and access things in the host operating system? I'm using you (e.pilot) as a sort of strawman for my own thinking here. I have to admit I haven't done much more than what you've outlined, and I'm increasingly worried that this exposes me way more than I'd like. Especially since my career makes me a target for grey and black hats.
|
|
#
¿
Mar 1, 2023 15:18
|
|
|
e.pilot posted:you could also just keep everything closed off on your network and only access it via wireguard, but you wouldn’t be able to share with anyone unless you used plex relay which limits to 720p Aye, there's the rub.
|
|
#
¿
Mar 1, 2023 19:14
|
|
|
fletcher posted:For the security topic that was discussed recently and avoiding running things as root - is it ok to start as root and relying on an apps ability to switch user? I would consider that good enough for your homelab. Like, most apps (not all) drop root super early in the process, after opening whatever privileged doodads they need root for. The need to start anything as root should be reduced quite a bit by providing capabilities to the process when it starts, if you want to go next level.
|
|
#
¿
Mar 2, 2023 21:18
|
|
|
Nitrousoxide posted:Most stuff runs just fine with rootless Podman, which has way less authority over the system than Docker and is a drop in replacement for it. Is there a way to orchestrate Podman that isn't kubernetes or their "generate a systemd service file to start the container" command? I'm using Docker Swarm right now and it's just so nice. But it has some CPU overhead and is frankly overkill for a single-node swarm. I've tried a couple times to move everything over to podman or docker-compose and always fall back to swarm after a couple hours of struggle. e: if I'm being honest, systemd services to start podman containers wouldn't be that bad.
|
|
#
¿
Mar 2, 2023 22:30
|
|
|
Nitrousoxide posted:It's by no means *terrible*, but you're going to be using the CLI rather than a GUI which is a barrier to entry for a lot of folks. NOT ME, BUDDY! I've been using Unix since before Windows had its own kernel! Hell, sometimes I use ed, just for nostalgia. But this is good general advice 
|
|
#
¿
Mar 3, 2023 00:12
|
|
|
cruft posted:Hell, sometimes I use ed, just for nostalgia. Then I go out back and shape my massive beard with a couple rocks I've chipped at until they have sharp edges, and walk home barefoot through the forest with a smug look on my face.
|
|
#
¿
Mar 3, 2023 00:14
|
|
|
e.pilot posted:google changed something with api access to drive a bit ago that’s made rsync kind of broken, it works but only for a week at a time Do you mean rclone? Did rsync ever work with drive?
|
|
#
¿
Mar 24, 2023 18:45
|
|
|
e.pilot posted:this I'd been considering trying to run my own mail server again, and it's encouraging to read that, actually, it's every bit as horrible as I thought it might be. I was saying back in 2009 (when I was the SMTP administrator for a pretty large site) that email was irreparably broken. It seems like since then it's become this horrible mess that only big players with volumnous and well-paid staff can play in. I have yet to read any even modestly competent admin write something that convinces me otherwise. Actually, it seems like nobody's even trying to convince me: everybody's saying "yeah, it's awful".
|
|
#
¿
Mar 26, 2023 00:48
|
|
|
What's everyone using for photos? What would you recommend I run on my Raspberry Pi, with three users, one outside the LAN?
|
|
#
¿
Apr 1, 2023 16:40
|
|
|
Spent yesterday coding up a WebDAV server and JavaScript front-end to make it look like Google Drive and/or a photo gallery. https://git.woozle.org/neale/webfs. Then I discovered that somebody had already made this exact thing, and also the UI is working: https://github.com/sigoden/dufs. I might submit a patch to have it display README.md. My idea for the photo gallery was slow as hell to load (the first time) so I'll probably just keep using PiGallery2 which has the advantage of me not having to maintain it. I wish I could find this stuff at the beginning of the day, so I could, like, not write code all day.
|
|
#
¿
Apr 3, 2023 16:23
|
|
|
Corb3t posted:I quite like FileBrowser. It's also a Gdrive ripoff. I looked at that one and I don't recall now why I didn't want to use it. Probably the lack of WebDAV and the CLI confiuration. But it looks pretty boss, I'll have to give it another run. Maybe it's time for me to look at owncloud infinite scale again.
|
|
#
¿
Apr 3, 2023 18:54
|
|
|
The worst thing about Nextcloud is how there's nothing better. (I am not a Nextcloud user, I don't have a beefy enough CPU for all that PHP)
|
|
#
¿
Apr 13, 2023 20:09
|
|
|
I told y'all I'm working on a thing that's just WebDAV and some client-side JavaScript, right? No indexing, no fancy pants proprietary database you'll be unable to read in 10 years, just WebDAV on a filesystem. My hypothesis is that most people actually only want a WebDAV server they can also get to with a browser. The recent posts make me think I'm onto something.
|
|
#
¿
Apr 14, 2023 01:38
|
|
|
Hey everybody! It looks like the cloudpocalypse has begun!
|
|
#
¿
Apr 20, 2023 15:30
|
|
|
Matt Zerella posted:Dollars to doughnuts LastPass guy switched over and hasn't updated. 
|
|
#
¿
Apr 24, 2023 21:52
|
|
|
Generic Monk posted:Hmm, the folder and subdirectories are all owned by root with no write permissions for group or other... I assumed it was all fine since Radarr is working perfectly. Let me just edit the file and reboot... abc is the username used by linuxserver images. The UID/GID is 911/911. Read the documentation for your image to change the UID/GID used. Spoiler alert: it's PUID and PGID environment variables. Edit: it seems you knew this. You may not have known that some (all?) linuxserver images do a recursive chown on startup. So if you have two running with the same directory and different UIDs, they're going to be fighting each other. cruft fucked around with this message at 22:56 on May 25, 2023 |
|
#
¿
May 25, 2023 21:37
|
|
|
TACD posted:I want to finally get around to putting together a home NAS so I’m not constantly running out of space for all my downloaded Linux boot discs. I already have a small pile of hard drives floating around from various old PCs, but they’re all different sizes (as in data), some are solid state, some are spinning rust; is there any type of thing I can buy and just plug all my drives in, and have it configure them all into a single RAID-like volume? Or any other recommendations for how to best make use of assorted (but perfectly functional) hard drives? I use btrfs this way and I like it a lot.
|
|
#
¿
Jun 19, 2023 18:40
|
|
|
hogofwar posted:I've pretty much maxed out my google photos space, but I have plenty of room to host something myself. Any recommendations for running something akin to my own google photos? I've got the same problem, and I've been beating my head against a solution. I have the added twist that I absolutely refuse to use any software that doesn't use the file system to structure on-disk photos: I've been burned by "throw everything in a directory and use a database to sort it out" in the past. Currently I'm using the following software:
In the interest of completeness, I'm also doing access control with Caddy 2 and SimpleAuth. I'm okay with this setup. Could be better, but it's not awful. The latest hot thing in this space appears to be Immich. I don't personally want to use Immich for reasons that somebody's probably going to have a huge problem with and I don't feel like defending in a post intended to help somebody else out. But you should check it out, it looks really cool. cruft fucked around with this message at 15:45 on Jun 28, 2023 |
|
#
¿
Jun 28, 2023 15:43
|
|
|
Nitrousoxide posted:What's wrong with Immich? I have no idea. I don't personally want to use it for reasons I'd rather not get into because it's not going to help OP decide on what to use. I think OP should give it a shot, it looks cool. (I could've sworn I already wrote this...)
|
|
#
¿
Jun 28, 2023 16:43
|
|
|
Nitrousoxide posted:Always follow the 3-2-1 Backup policy for any data you care about. If you take nothing else away from the discussion on this page, OP, take this.
|
|
#
¿
Jun 28, 2023 16:45
|
|
|
fletcher posted:Hope you don't need the location data for your photos outside of google: https://issuetracker.google.com/issues/80379228 Tell me more about PhotoPrism. It's checking a lot of my boxes, and some rando on the forums willing to pay money for it is a stronger endorsement than anything else I've run across. Does it support multiple users with their own (private) albums?
|
|
#
¿
Jun 28, 2023 22:35
|
|
|
Blurb3947 posted:Here's a weird one, anyone use some sort of kanban system for home poo poo? I've tried things like reminders or LifeRPG but nothing has really stuck. I've been known to use sticky notes on posterboard...
|
|
#
¿
Jun 28, 2023 22:39
|
|
|
Blurb3947 posted:Is that part of the SDLC or something? Sorry for the confusion here. I use literal 3M brand post-it notes on either a whiteboard or a posterboard from the grocery store. I write on them with a pen. This wound up being a great way to teach cruft jr how to tackle multi-step projects that seemed overwhelming in elementary school, and we just kept doing it. That's really helpful, thanks. I'm going to give it a spin. At this point, I'm pretty much in step with you as regards the money aspects.
|
|
#
¿
Jun 29, 2023 00:28
|
|
|
Corb3t posted:This is ridiculous and I can't believe it isn't brought up more often. It's worse than that, even. The API won't let you download photos at the resolution you uploaded them: https://rclone.org/googlephotos/#limitations Anyone using Google Photos as their sole backup solution had better get busy downloading Google Takeout bundles before they decide to kill Google Takeout.
|
|
#
¿
Jun 29, 2023 00:29
|
|
|
Can MacOS read ext2 yet? I was trying to back up my photos to an exfat drive and had to switch to ext2 because I couldn't figure out how to make rsync change all the colons in filenames.
|
|
#
¿
Jun 29, 2023 13:13
|
|
|
TACD posted:Thanks for the info! I somehow thought this would be a niche/unusual ask, but it seems like there's a lot of support for this already I run a DAS (direct attached storage) that makes the drives show up as individual USB mass storage devices, then run btrfs on top of that. I have been paid to spend weeks trying to recover failed hardware RAID arrays with a hex editor. I will never, ever, ever use hardware RAID. And especially not hardware RAID with some undocumented vendor-specific formatting, which I think is all of them.
|
|
#
¿
Jun 30, 2023 19:23
|
|
|
tuyop posted:I really thought hardware raid was the way to go, interesting discussion! A number of smart people think my stance on this makes me the dumbest fucker on Earth. So I guess ask around. But BSD and I have Seen Some poo poo and wouldn't touch HW RAID with a 39½ foot pole.
|
|
#
¿
Jun 30, 2023 21:04
|
|
|
Well Played Mauer posted:Discovered the issue with that EX FAT drive. I live in Texas so brownouts and blackouts are pretty common and I don’t have my external drive (it’s one of those five-HDD arrays you can hardware raid and then connect via USB) connected to a UPS. We had a brownout a couple days ago and OS X had another freak out and said it couldn’t repair the drive. Not sure if it’s an OS X thing or more likely something with the hardware array being weird. No filesystem handles sudden loss of power well, but the FAT family is particularly awful with it.
|
|
#
¿
Jul 17, 2023 15:23
|
|
|
MacOS isn't really what I think of when I think of a server operating system. Not that my opinion on MacOS is worth anything, LOL. 20+ years ago I ran a MacOS 9 server for the college mac lab. I'm sure the Unix-based MacOS is a lot less of a kludge. It was weird to have a macintosh sitting there on a table in the datacenter, surrounded by rack-mount systems. I wonder if it got self-conscious.
|
|
#
¿
Jul 17, 2023 17:37
|
|
|
Well Played Mauer posted:I’ve been putting off switching over to a vm mostly out of inertia and Diablo 4 This phrase needs to be immortalized somewhere. Maybe this quote is enough.
|
|
#
¿
Jul 17, 2023 20:45
|
|
|
Warbird posted:It’s a laptop. It’s its own UPS already. This makes me think I should put that old Thinkpad x220 back into service and relieve the Raspberry Pi 4. Apparently I can get a USB 3.0 Expresscard for it.
|
|
#
¿
Jul 17, 2023 22:31
|
|
|
|
| # ¿ May 15, 2024 00:30 |
|
|
BlankSystemDaemon posted:I have one of those for my old T420, and they're terrible. Everything keeps coming back to just staying the course on the RPi4.
|
|
#
¿
Jul 18, 2023 00:13
|
|