sorted by: new top controversial old
What's the easiest way to host a music colletion (FLAC)? in c/selfhosted@lemmy.world
[-] StrawberryPigtails@lemmy.sdf.org 4 points 1 day ago

Currently I use Jellyfin and found it simple enough to setup. My personal setup is https on the public internet using Caddy as a reverse proxy to handle the https part, but you can set it up for local network access only using http.

Jellyfin itself is not the greatest music player ever, (UI is more setup for movies and tv) but there are music-centric apps that use it as a backend that are really good, for most platforms. On my phone and tablet, I really like Finamp, and on the desktop I use Sonixd.

I’m also considering just getting a portable, 128GB FLAC player with a minijack connection and moving on with my life without getting involved in networking at all.

I used this setup for the better part of 20 years. Nothing wrong with it, my music collection simply expanded to the point where it simply wasn't feasible to store all of it on my iPod anymore and from day to day I never really know what I'm going to be in the mood to listen to. Setting up a streaming service made more sense for me.

Would you join a fediverse coop? in c/asklemmy@lemmy.ml
[-] StrawberryPigtails@lemmy.sdf.org 3 points 4 days ago

It sounds like a decent way to fund a server. It's not something I'm interested in, but you might get some takers.

How can I keep my forwarded port secure? in c/selfhosted@lemmy.world
How can I keep my forwarded port secure? in c/selfhosted@lemmy.world
[-] StrawberryPigtails@lemmy.sdf.org 1 points 1 week ago

The simplest way to do this, is to put the server on a private vpn (I use Tailscale, there are others) and expose ports only to the vpn. Then you share access to the vpn with your friends.

With Tailscale, this is as simple as sending them a share link for the host. They will need to have an account at Tailscale, and have the client running, but they will then be able to access the host with a static ip address.

As a general rule of thumb, nothing should be exposed to the public internet unless you want that service to be public access and then you need to keep it up to date. If a vulnerability doesn’t currently exist for the service, one will sooner rather than later. SSH, especially password only ssh, can be broken into fairly easily. If you must expose ssh to the public internet for whatever reason, you need to be using IP white lists, password protected keys, change the default port, and turn off service advertisements and ping responses. I’m probably missing something. When someone scans your server randomly, they should see nothing. And if they fail login they should be ip blocked.

274
AT&T sues Broadcom for refusing to renew perpetual license support (arstechnica.com)
submitted 1 week ago by StrawberryPigtails@lemmy.sdf.org to c/technology@lemmy.world
34 comments fedilink
What OS is best for a beginner to degoogle? in c/selfhosted@lemmy.world
[-] StrawberryPigtails@lemmy.sdf.org 7 points 1 week ago
  1. Host family media through Jellyfin, etc. This would include tv, music, and possibly books as well. Many of these will be managed through the Arr apps.
  2. Degoogle my phone - I'm beginning by replacing Photos with Immich, but hope to also use Home Assistant, backup other phone data such as messages media, shopping lists, etc. I hope to replace Google storage/backup with Proton Drive.

Seems like a solid plan. I used Nextcloud as a Google Drive/Photos/Calander/Lists replacement, but depending on what you are running as your server it may be a bit too heavy.

I’ve heard that once you get into it, Linux distros like Ubuntu are not very user friendly for self-hosting as a beginner.

Not sure who is saying this. Granted, if your not used to *nix, our ways of doing things can be a bit obtuse from time to time but the Ubuntu based distros are some of the most heavily documented distros available with only Arch being better documented (Don't use Arch unless you've got stock in Bayer. /joking, kinda).

Your current OS choice is maybe not what I would choose, but it is fine. Xubuntu just Ubuntu Server with the XFCE desktop installed. A bit heavy for a server install as a result. One thing I will say is that most server software is setup via the command line and setup via configuration files (These are just regular text files readable by any text editor. I like micro, but anything will work). The desktop environment is just extra weight you don't really need in this application. Doesn't hurt anything, just heavy and not really needed.

So is it better on the whole for a beginner to have a popular distro with lots if documentation and step by step guides, or to have a purpose-built OS like TrueNAS that might be more straightforward, but with less support?

Stick with what you have. Ubuntu is a very well supported server distro, and the XFCE desktop doesn't change that. Things like TrueNAS, UnRAID, and whatever is the flavor of the week tend to cover things up to simplify things. This is fine when they work correctly, the problem comes when things inevitably break. You won't know where to go looking to fix things. Also TrueNAS is a network storage OS, not really suited for what you are trying to do currently, which seems to be hosting services.

It seems to be working well, but I’ve had a few hiccups trying to update it,

What hiccups were you running into? And were you using the GUI tool or apt on the command line?

Has there been a depiction of fast food on a space station? in c/nostupidquestions@lemmy.world
[-] StrawberryPigtails@lemmy.sdf.org 18 points 1 week ago

I seem to remember a scene in Babylon 5 where Vir got sick eating at a place that sounded like a rebranded McDonalds. Londo was chastising him saying you know Centauri stomachs can’t handle fast food. I wish I had time to rewatch that show.

How does app forking works exactly (ex: forkgram)? in c/nostupidquestions@lemmy.world
[-] StrawberryPigtails@lemmy.sdf.org 18 points 2 weeks ago

I’m short on time, but here’s the general idea. Telegrams front end, the part you use I the open source part. The backend is the closed off part. The two parts are separate but communicate via a protocol, kinda like email. The forked project can change anything they want, to make it do whatever they want, but it still needs to be able to speak to the backend server.

Silverblue or other immutable on remote VPS? in c/selfhosted@lemmy.world
[-] StrawberryPigtails@lemmy.sdf.org 12 points 2 weeks ago

I don’t know about Silverblue, but I know you can use NixOS on pretty much any VPS using the tool nixos-infect.

Not sure how it would reduce your attack surface though. That’s not really the problem that they are trying to solve.

Is IONOS ok for a VPS? in c/selfhosted@lemmy.world
[-] StrawberryPigtails@lemmy.sdf.org 1 points 2 weeks ago

I've heard mixed things about them, never used them though. Personally I used Digital Ocean for my VPS needs till I had a spare computer available, at which point I moved everything in house.

Companies that use desktop Linux in c/linux@lemmy.ml
[-] StrawberryPigtails@lemmy.sdf.org 10 points 3 weeks ago

They didn’t care. You know non tech folk, they don’t care so long as it works. If you’re lucky, they know enough to hit the button with the power symbol to turn it on, but make sure you have step by step instructions printed out for those that can’t figure it out. I wish that was sarcasm.

In our location it was mostly used for passive tracking of equipment via a scanner on the roof of the truck and tags on the trailers and we didn’t use the software much beyond that. From what I saw of it, it was some native custom application. Used the default Gnome interface and design scheme of the time. Looked to be pretty idiot proof.

Companies that use desktop Linux in c/linux@lemmy.ml
[-] StrawberryPigtails@lemmy.sdf.org 14 points 3 weeks ago

When I was working for Averitt Express, a trucking company out of Cookeville, Tn, our yard trucks had computers in them (for yard and dock management) that ran Ubuntu. This was 10ish years ago.

“Something has gone seriously wrong,” dual-boot systems warn after Microsoft update in c/linux@lemmy.ml
[-] StrawberryPigtails@lemmy.sdf.org 32 points 3 weeks ago

And this is why I don’t dual boot anymore. Or run Windows anymore for that matter. Learn to play nicely with others please, Microsoft.

69
BAD PROXMOX UPDATE WARNING (techhub.social)
submitted 3 months ago by StrawberryPigtails@lemmy.sdf.org to c/selfhosted@lemmy.world
10 comments fedilink
65
I'm convinced watchOS 11 is hinting at an Apple Watch 10 with better battery life (www.techradar.com)
submitted 3 months ago by StrawberryPigtails@lemmy.sdf.org to c/technology@lemmy.world
32 comments fedilink
27
YouTube: Hackers and Crackers by Zearle (youtu.be)
submitted 3 months ago by StrawberryPigtails@lemmy.sdf.org to c/piracy@lemmy.dbzer0.com
2 comments fedilink

A question here recently brought up memories of listening to this song growing up. Long since lost my copy and had to hear it again. Figured some here might get a trip out it.

43
Why is a 1930's German military march song (Erika) suddenly showing up all over my non-fediverse social media? (lemmy.sdf.org)
submitted 3 months ago by StrawberryPigtails@lemmy.sdf.org to c/nostupidquestions@lemmy.world
10 comments fedilink
431
Winamp is going open source, and it feels like the early 2000s again (www.xda-developers.com)
submitted 3 months ago by StrawberryPigtails@lemmy.sdf.org to c/opensource@lemmy.ml
62 comments fedilink
54
What were you listening to in February? (lemmy.sdf.org)
submitted 6 months ago by StrawberryPigtails@lemmy.sdf.org to c/asklemmy@lemmy.ml
31 comments fedilink

cross-posted from: https://lemmy.sdf.org/post/13155908

What were you listening to in February?

Post your scribbles! :-)

170
Introducing the Nextcloud AI Assistant - local, privacy-respecting, and fully open source 🎉 (youtu.be)
submitted 10 months ago by StrawberryPigtails@lemmy.sdf.org to c/technology@lemmy.world
32 comments fedilink
18
Authentik as a reverse proxy for VS-Code server? How (lemmy.sdf.org)
submitted 10 months ago by StrawberryPigtails@lemmy.sdf.org to c/selfhosted@lemmy.world
6 comments fedilink

I'm currently beating my head up against Authentik. What I'm trying to do is to use Authentik to secure an unsecured service, like VS-Code server. Supposedly I can do this by pointing the domain to the Authentik server and then Authentik's proxy points to the Code Server, but everything that I try either redirects back to Authentik or just gives me a blank screen.

Authentik and VS-Code are both running on the same system in docker, with my reverse proxy on another system.

The DNS (pihole) for both code.test and auth.test point to my reverse proxy running Caddy, and all of this is running local network only.

Any ideas what I am missing? Any help would be appreciated.

Caddyfile:

code.test.example.com {
    tls internal
    reverse_proxy auth.test.example.com
}
auth.test.example.com {
    tls internal
    reverse_proxy 192.168.1.110:9000
}

Authentik Proxy Provider:

External host: https://code.test.example.com
Internal host: http://192.168.1.110:8443
Internal host SSL Validation = false

VS-Code Server docker-compose.yaml:

version: "2.1"
services:
  code-server:
    image: lscr.io/linuxserver/code-server:latest
    container_name: code-server
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Etc/UTC
      #- PASSWORD= #optional
      #- HASHED_PASSWORD= #optional
      - SUDO_PASSWORD=Password #optional
      #- SUDO_PASSWORD_HASH= #optional
      - PROXY_DOMAIN=code.test.example.com #optional
      - DEFAULT_WORKSPACE=/config/workspace #optional
    volumes:
      - ./config:/config
    ports:
      - 8443:8443
    restart: unless-stopped

Authentik docker-compose.yaml:

***
version: "3.4"

services:
  postgresql:
    image: docker.io/library/postgres:12-alpine
    restart: unless-stopped
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
      start_period: 20s
      interval: 30s
      retries: 5
      timeout: 5s
    volumes:
      - database:/var/lib/postgresql/data
    environment:
      POSTGRES_PASSWORD: ${PG_PASS:?database password required}
      POSTGRES_USER: ${PG_USER:-authentik}
      POSTGRES_DB: ${PG_DB:-authentik}
    env_file:
      - .env
  redis:
    image: docker.io/library/redis:alpine
    command: --save 60 1 --loglevel warning
    restart: unless-stopped
    healthcheck:
      test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
      start_period: 20s
      interval: 30s
      retries: 5
      timeout: 3s
    volumes:
      - redis:/data
  server:
    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2023.8.3}
    restart: unless-stopped
    command: server
    environment:
      AUTHENTIK_REDIS__HOST: redis
      AUTHENTIK_POSTGRESQL__HOST: postgresql
      AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
      AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
      AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
    volumes:
      - ./media:/media
      - ./custom-templates:/templates
    env_file:
      - .env
    ports:
      - "${COMPOSE_PORT_HTTP:-9000}:9000"
      - "${COMPOSE_PORT_HTTPS:-9443}:9443"
    depends_on:
      - postgresql
      - redis
  worker:
    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2023.8.3}
    restart: unless-stopped
    command: worker
    environment:
      AUTHENTIK_REDIS__HOST: redis
      AUTHENTIK_POSTGRESQL__HOST: postgresql
      AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
      AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
      AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
    # `user: root` and the docker socket volume are optional.
    # See more for the docker socket integration here:
    # https://goauthentik.io/docs/outposts/integrations/docker
    # Removing `user: root` also prevents the worker from fixing the permissions
    # on the mounted folders, so when removing this make sure the folders have the correct UID/GID
    # (1000:1000 by default)
    user: root
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - ./media:/media
      - ./certs:/certs
      - ./custom-templates:/templates
    env_file:
      - .env
    depends_on:
      - postgresql
      - redis

volumes:
  database:
    driver: local
  redis:
    driver: local
view more: next ›

StrawberryPigtails

joined 11 months ago