Solar Bear

  • 0 Posts
  • 41 Comments
Joined 1 year ago
cake
Cake day: June 27th, 2023

help-circle
  • Something you might want to look into is using mTLS, or client certificate authentication, on any external facing services that aren’t intended for anybody but yourself or close friends/family. Basically, it means nobody can even connect to your server without having a certificate that was pre-generated by you. On the server end, you just create the certificate, and on the client end, you install it to the device and select it when asked.

    The viability of this depends on what applications you use, as support for it must be implemented by its developers. For anything only accessed via web browser, it’s perfect. All web browsers (except Firefox on mobile…) can handle mTLS certs. Lots of Android apps also support it. I use it for Nextcloud on Android (so Files, Tasks, Notes, Photos, RSS, and DAVx5 apps all work) and support works across the board there. It also works for Home Assistant and Gotify apps. It looks like Immich does indeed support it too. In my configuration, I only require it on external connections by having 443 on the router be forwarded to 444 on the server, so I can apply different settings easily without having to do any filtering.

    As far as security and privacy goes, mTLS is virtually impenetrable so long as you protect the certificate and configure the proxy correctly, and similar in concept to using Wireguard. Nearly everything I publicly expose is protected via mTLS, with very rare exceptions like Navidrome due to lack of support in subsonic clients, and a couple other things that I actually want to be universally reachable.


  • Whatever you get for your NAS, make sure it’s CMR and not SMR. SMR drives do not perform well in NAS arrays.

    I just want to follow this up and stress how important it is. This isn’t “oh, it kinda sucks but you can tolerate it” territory. It’s actually unusable after a certain point. I inherited a Synology NAS at my current job which is used for backup storage, and my job was to figure out why it wasn’t working anymore. After investigation, I found out the guy before me populated it with cheapo SMR drives, and after a certain point they just become literally unusable due to the ripple effect of rewrites inherent to shingled drives. I tried to format the array of five 6TB drives and start fresh, and it told me it would take 30 days to run whatever “optimization” process it performs after a format. After leaving it running for several days, I realized it wasn’t joking. During this period, I was getting around 1MB/s throughput to the system.

    Do not buy SMR drives for any parity RAID usage, ever. It is fundamentally incompatible with how parity RAID (RAID5/6, ZFS RAID-Z, etc) writes across multiple disks. SMR should only be used for write-once situations, and ideally only for cold storage.


  • Have it just be form-fitted outside contacts, with magnetic adhesion to hold the plug in place.

    I actually really like this idea. If we’re breaking backwards compatibility anyways, let’s do something useful with it. This form factor was invented in the 1950s. I’m sure we can do something better now.

    We need to move away from everything having a battery anyways. Wireless headphones were a mistake. Now people are walking around with 4-6 batteries on them at all times. Phone, laptop, earbuds, earbud case, battery backup, smart watch. Batteries aren’t great for the environment, not to mention they typically condemn something to being tech waste in a few short years. We need to significantly rethink this model.




  • The games will still be designed by humans. Generative AI will only be used as a tool in the workflow for creating certain assets faster, or for creating certain kinds of interactivity on the fly. It’s not good enough to wholesale create large sets of matching assets, and despite what folks may think, it won’t be for a long time, if ever. Not to mention, people just don’t want that. People want art to have intentional meaning, not computer generated slop.





  • If you’re waiting for Jellyfin to run some kind of relay like Plex, you’ll be waiting a long time. That takes a lot of money to upkeep, and the demand for people who self-host FOSS and then want to depend on an external service is very minimal, certainly not enough to sustain such a service. I’d recommend just spending a weekend afternoon learning how to set up Nginx Proxy Manager and being done with it, the GUI makes it very easy.



  • Solar Bear@slrpnk.nettoSelfhosted@lemmy.worldTv box recommendations?
    link
    fedilink
    English
    arrow-up
    6
    ·
    edit-2
    11 months ago

    I will have an OG Xiaomi Mi Box and it’s absurd how over the years it went from a purely functional media device to a complete shit show covered ads. Genuinely disgusted me every time I turned the TV on. I couldn’t stand it anymore, I had to tear out the launcher with ADB and replace it with FLauncher.

    I wish Kodi wasn’t such a pain in the ass to deal with, especially for YouTube. We really need a new FOSS media center application. Until then, at least FLauncher works for now as a simple app switcher for a handful of Android apps.





  • I very recently started using borgbackup. I’m extremely impressed with how much it compressed the data before sending, and how well it detects changes and only sends the difference. I have not yet attempted a proper restore from backup, though.

    I have much less data I’m currently securing (~50gb) and much more uplink bandwidth (~115mbps) so my situation isn’t nearly as dire. But it was able to compress that down to less than 25gb before sending, and after the initial upload, the next week’s backup only required about 100mb of data transfer.

    If you can find a way to seed your data from a faster location, reduce the amount you need to back up, and/or break it up into multiple smaller transfers, this might be an effective solution for you.

    Borgbase’s highest plan has an upper limit of 8TB, which you would be brushing right up against, but Hetzner storage boxes go up to 20TB and officially support Borg.

    Outside of that, if you don’t expect the data to change often, you might be looking for some sort of cheap S3 storage from AWS or other similar large datacenter company. But you’ll still need to find a way to actually get them the data safely, and I’m not sure if they support differential uploads like Borg does.


  • I distinctly remember Democrats opposing Trump on moving the embassy to Jerusalem. They never fought him as much as they should, but they did fight him.

    Exactly, so we can’t rely on Democrats to effectively contain Trump as you suggested we might. They are not strong or reliable enough. They capitulate far too easily.

    Let’s not forget this is also what lead to the rise of the DSA and the largest protest movement in American history.

    What really led to the DSA growing so much was Bernie Sanders radicalizing millions with his 2016 run. Then, the squad capitalized on that energy in 2018 and onwards, leading to many DSA members being elected nationwide, which then further grew the organization through the attention they bring.

    I know it’s not considered “cool” amongst leftists to admit electoralism can ever lead to positive outcomes, but them’s the breaks. None of this would have happened if not for them.


  • This is just completely ahistorical. Democrats repeatedly worked with Trump throughout his presidency. Pelosi and Schumer met with him constantly to try and broker deals. They literally bragged constantly about “crossing the aisle”, how they were “moderates”. Dems love posturing as the mature adults in the room.

    In some instances, it was legitimate to work together. They supported his administration’s 2019 infrastructure plan. Trump worked with Dems instead of the GOP to get hurricane relief. Some good spending packages were passed by him working with Dems when the GOP was too disorganized.

    In other cases, they should have obstructed harder but didn’t. They fast tracked many of his federal judge appointments. Some voted for his supreme court picks. They didn’t obstruct his tax cuts enough.

    The idea that Democrats were impetulently obstinate with Trump for no reason is a far-right talking point, it has no basis in reality, so I’m not sure why I’m seeing supposed leftists repeating such misinfo. They weren’t obstinate enough with Trump, especially when it mattered; that’s part of the problem with Democrats! They’re far too conciliatory to the right-wing! That’s why we hate them, remember?