IanTwenty

joined 2 years ago
sorted by: new top controversial old
LUKS decrypt at boot over SSH? in c/linux@lemmy.ml
[–] IanTwenty@lemmy.world 8 points 1 day ago (1 children)

Yes it's not too much bother to set this up, it can be put into ansible and once working I've not had to touch it again. Here's another dracut tool using dropbear that works well and has decent instructions on setup: dracut-crypt-ssh

The crypt-ssh dracut module allows remote unlocking of systems with full disk encryption via ssh

LUKS decrypt at boot over SSH? in c/linux@lemmy.ml
[–] IanTwenty@lemmy.world 5 points 1 day ago (1 children)

Yes, exactly

Fediverse Report – #137 - AltStore joins the fediverse in c/fediverse@lemmy.world
[–] IanTwenty@lemmy.world 4 points 5 days ago

Castopod looks interesting

How to manage configuration files in c/linux@lemmy.ml
[–] IanTwenty@lemmy.world 3 points 1 week ago

Stow/chezmoi/your choice for dotfiles, config mgmt for system config. You don't need to rebuild whole server to start with ansible tho, you can take over one file at a time and grow as you learn.

As you've found I don't know of a tool that will cover both usecases as config mgmt for dotfiles is too much and dotfile mgrs for system config is probably out of their scope.

Having trouble upgrading Fedora from 41 to 42, plus WiFi problems. in c/linux@lemmy.ml
[–] IanTwenty@lemmy.world 1 points 1 week ago

https://blog.fyralabs.com/upgrade-error-with-vlc-plugins-freeworld/

That rpmfusion package looks like trouble, can you uninstall it or all of rpmfusion before upgrading? I also see internet problems here also so you might be better off fixing that first.

Briar - secure p2p group communications in c/selfhosted@lemmy.world
[–] IanTwenty@lemmy.world 8 points 1 week ago (15 children)

Messages are only sent when both online though, thet's the bigger difference (unless using Briar Mailbox). Also it can send over wifi and bluetooth without internet connection i.e. no other devices involved.

Which of the 3 standard compression algorithms on Unix (gz, xz, or bz2) is best for long term data archival at their highest compression? in c/linux@lemmy.ml
[–] IanTwenty@lemmy.world 7 points 2 weeks ago

Upgrade from compression tools to backup tools. Look into using restic (a tool with dedup, compression and checksumming) on a filesystem which also checksums and compresses (btrfs/zfs) - that's probably most reasonable protection and space saving available. Between restic's checks and the filesystem you will know when a bit flips and that's when you replace the hardware (restoring from one of your other backups).

Change behaviour of 'application not responding' notification? (SOLVED) in c/linux@lemmy.ml
[–] IanTwenty@lemmy.world 1 points 2 weeks ago (1 children)

If you mean with a gui then this is one tool:

https://apps.gnome.org/en-GB/DconfEditor/

Change behaviour of 'application not responding' notification? (SOLVED) in c/linux@lemmy.ml
[–] IanTwenty@lemmy.world 6 points 2 weeks ago (5 children)

Try this:

gsettings set org.gnome.mutter check-alive-timeout 10000

Value is in ms so 10000=10s. You can also set it to 0 to disable.

need a simple sketching software for linux desktop (with real world dimensions) in c/linux@lemmy.ml
[–] IanTwenty@lemmy.world 5 points 3 weeks ago

To be clear you can absolutely type in exact measurements in the 'tool controls bar' for all the shape tools and even individual nodes. Scale and units are easy to switch between and there's a measurement tool also.

Why I Ditched Spotify, and How I Set Up My Own Music Stack | LeshiCodes in c/selfhosted@lemmy.world
[–] IanTwenty@lemmy.world 2 points 1 month ago (1 children)

Sorry re-reading my comments it's not super clear what I meant: nowhere else in the table do they take account for the 'hidden' on-going maintenance of looking after a server/self-hosting. So this is the only row where they address 'cost' and I just thought it's a bit optimistic to say replacing all of Spotify just costs a one time server setup and storage. I think you're saying this row was only meant to indicate financial cost and I agree it's basically accurate from that meaning. However this is only the 'initial' cost. For example a self-hosted server and storage will eventually have to be replaced whereas Spotify will just keep replacing their own servers and that's already baked into the price of your subscription (caveat: that Spotify price will rise over time).

It's not a big point really, maybe I'm nitpicking.

Why I Ditched Spotify, and How I Set Up My Own Music Stack | LeshiCodes in c/selfhosted@lemmy.world
[–] IanTwenty@lemmy.world 2 points 1 month ago (3 children)

I see what you're saying but nowhere else in that table is cost mentioned. Below the table they say maintanance is minimal. If you're already looking after storage, containers and server(s) I guess that could be true.

66
Securing a 'public' service for family (lemmy.world)
submitted 2 months ago* (last edited 2 months ago) by IanTwenty@lemmy.world to c/selfhosted@lemmy.world
37 comments fedilink
 

Edit: thanks for all your help and replies, this is a such a great community!

I would like to host a public service for some family, probably Peertube so we can share some videos. Invite only.

There's no way I'm going to get everyone onto a VPN, it's a non-starter though I would prefer it.

I am thinking to use a VPS with anubis and either crowdsec or fail2ban (or both?!) in front of Peertube. Will apply as much hardening as I can muster behind that: things in containers, systemd hardening, SELinux/Apparmor enabled/tuned, separate users for services, the usual. All ports shut except 80/443, firewall up.

Despite all this I expect it will get scanned and attacked as it will have to expose ports 80/443 to the world so for family it will just work.

Is there anything else I should consider for security? Is Peertube the weakest link in the chain? (a little concerned their min password length is 6 it seems and no 2fa). So long as I keep whole thing up-to-date is it as secure as anybody can manage these days (without resorting to VPN)?

Is it all too much hassle and I should look for a company that offers hosted Peertube so they can worry about it?

Thanks for any and all advice.

31
Photo management - storing friends' photos (lemmy.world)
 

Figured I'd ask here as thought self-hosters would care most about looking after their photos.

What do you do with friends' photos you'd like to keep hold of? Maybe there's a pic on a chat app or they've sent you a link to an album on google photos.

Would you just throw into your own pile of photos or do you carefully adjust metadata to indicate who took them? Just use dirs to separate them from your own? Interested in any and all thoughts.

36
Photo management at the cmdline - recommendations? (lemmy.world)
 

Can anyone recommend a tool to manage photos at the cmdline? I just want to move photos into dirs based on their metadata (YYYY/DD), occasionally fix up metadata (adjust dates), rename photo filenames to match a template and/or query my photos for certain things. It doesn't need to be a gallery or image touch-up tool, I have other things for that.

I'm aware of exiftool and ImageMagick, perhaps they can do the job but they seem quite low level, really need to build scripts around them - I'd like something that operates at a slightly higher level so I don't have to do too much scripting.

A quick search turned up chee (GPLv3) which can:

  • search photos using a simple query language
  • manage named queries (called collections)
  • copy/symlink images into a custom folder structure

...but it's not had an update in a few years (maybe it's feature complete tho!) Any other suggestions? Thanks.

view more: next ›