overview for StrawberryPigtails

New Jersey man pleads guilty to nationwide conspiracy to violate the Clean Air Act by remotely disabling pollution control devices on diesel trucks by StrawberryPigtails in c/news@lemmy.world

[-] StrawberryPigtails 25 points 1 week ago

The EGR and DPF systems used in diesel trucks cause (or caused, it’s been a while since I last looked it up) a big reduction in fuel mileage. I think it was a 2 or 3 MPG reduction.Doesn’t sound like much, but it adds up when you are running 200,000+ miles a year per truck. With the system running I believe the average fuel mileage for the trucks in our company is around 6 to 8 MPG depending on the route.

Additionally the systems are expensive as all get out to repair and maintain. When the DPF and DEF systems on my truck went out, the truck was down for 3 months waiting on parts, and from what I heard from our mechanic, the final repair bill was around $15,000USD.

That said, the fines for bypassing the emission systems are big enough that it’s really not worth it, but some owner operators don’t realize it as many don’t run their trucks like the businesses they are. They just know this is expensive as hell and they can reduce the cost by bypassing them.

Security blindspots for selfhosted website by StrawberryPigtails in c/selfhosted@lemmy.world

[-] StrawberryPigtails 21 points 2 weeks ago* (last edited 2 weeks ago)

since I don’t want to pay for SSL certificates to setup https.

You don't need to pay for SSL certs anymore, most of the time. You can get them for free from a bunch of different places now. I use Let's Encrypt. The web server/reverse proxy I use, Caddy is able to automatically get a cert for you, install it, and keep it renewed. The only time you need to pay for a cert is if you are handling financial transactions.

Are there security issues I should address preemptively?

WordPress itself has a generally good reputation for security, though depending on how the current drama goes, that may change. WordPress security problems have almost always stemmed from plugins or poor password hygiene. Remove any plugins you are not actively using, keep the ones you are using updated, and use a good password that you don't use anywhere else. A password wallet like Bit Warden can generate and store such passwords for you.

Better on the security front would be to evaluate whether you actually need something like WordPress at all. A static site would likely be far more secure. There's less moving parts that might be vulnerable.

While you could program a static site yourself, it's more common nowadays to use a static site generator like Hugo to build the site. You set it up once for how you want the site to look and then you write your posts in markdown or whatever your particular generator uses.

I don’t have anything to manage my dynamic IP

Most domain name providers have some sort of setup for dealing with dynamic IP addresses, a program called ddclient is pretty common and is available in most repos.

What are the biggest insanity-makers in our society? by StrawberryPigtails in c/asklemmy@lemmy.ml

[-] StrawberryPigtails 22 points 3 weeks ago

Off-hand? Algorithm driven social media, “news” media generally, politicians, family/kids. The last is at least usually tolerable, or at least correctable. The rest should be taken only in moderation with a mound full of salt.

Should I bring in the battery for my electric mower in the winter? by StrawberryPigtails in c/nostupidquestions@lemmy.world

[-] StrawberryPigtails 22 points 3 weeks ago

Check the data sheet or user manual for your equipment or battery, but generally batteries should be stored indoors at a human comfortable temp and humidity.

Here’s the manual for mine, but yours may differ:

https://556aa8d9de68ea9c4f29-0a8acad11a4df5016d26cc39a7429843.ssl.cf1.rackcdn.com/2/OP40204_404_504_604_339_trilingual_03.pdf

Ryobi really needs a better URL for their manuals to be stored at. If the direct link to the file sketches you out, for the moment at least this, this link will lead to the same file:

https://www.ryobitools.com/help-plus/details/46396040428

Campaign mail we got in our mailbox last week mailed by a Trump-linked PAC. We live around an area of Michigan (Dearborn) that has a significant muslim population. by StrawberryPigtails in c/usa@lemmy.ml

[-] StrawberryPigtails 21 points 1 month ago

This may be the only attack ad I've ever seen that hasn't left me with a foul taste in my mouth. No name calling, no fear mongering or sabre rattling. Just a supportive campaign ad delivered to the wrong audience, pointing out things that that audience would likely find very offensive. Whoever thought this up needs a pay raise. But why the hell do they have to be working with Trump's campaign?

CNN reports 20-year record low debate viewership by StrawberryPigtails in c/news@lemmy.world

[-] StrawberryPigtails 22 points 5 months ago

/rant

I know both candidates and their positions. Don’t particularly like either candidate. Really dislike one of them. And I haven’t seen anyone host an actual, honest to god political debate in my life, and no, the final season of West Wing doesn’t count.

All that being true, why the blazes would I have watched this one? My entire life, debates have only ever been excuses to put the candidates up on a stage see which one looks prettier, and shout sound bites into a microphone. That’s not a debate, that’s a campaign ad. And I’m tired of them.

I would really like our nation to get back to a point where I can feel comfortable voting for the candidate whose policies I actually think are the best instead of having to vote against the candidate that I think will actually destroy the country.

/end-rant

Zelensky: 'Our partners fear that Russia will lose this war' by StrawberryPigtails in c/world@lemmy.world

[-] StrawberryPigtails 21 points 6 months ago

I don't think it started as a proxy war. Russia just decided to be stupid, but at this point it may very well be a proxy war in fact.

It's to pretty much everyone's benefit (except Ukraine's) for this to drag out for a nice long time. The more manpower and material Russia and their allies burns up in this stupidity, the longer the rest of Europe can breath freely. It gives them time to rebuild the armies that they have allowed to atrophy. There's probably more to it and it's callus as fuck, but that's the math I see.

Why are Stop Lines (in the US, at least) often set too far back to see any crossing traffic? by StrawberryPigtails in c/asklemmy@lemmy.ml

[-] StrawberryPigtails 22 points 7 months ago

In the US, more often than not, intersections like this were designed to handle traffic consisting of tractor-trailers. Tractor-trailers need considerably more space to maneuver than a small passenger car or pickup truck.

As for the visual obstructions, my guess is some city planner failed to take the sight line of small cars into account when decorating or road side maintenance had been put off, allowing foliage to grow where it shouldn’t.

What you’re supposed to do is fully stop at the line and then slowly scoot forward to where you can see crossing traffic and come to a full stop again. Then proceed according to whatever traffic rule governs that intersection.

Do tax exemptions in America for certain organizations benefit society? by StrawberryPigtails in c/nostupidquestions@lemmy.world

[-] StrawberryPigtails 22 points 8 months ago

Sometimes, but like most things in the US tax laws are often abused and misused. A simpler tax system would benefit everyone more (with the exception of tax accountants, of course), but that’s not likely to happen.

Any docker solution to control smart light bulb? by StrawberryPigtails in c/selfhosted@lemmy.world

[-] StrawberryPigtails 24 points 8 months ago

https://www.home-assistant.io/installation/

Can Linux be dual booted on a computer with Windows? by StrawberryPigtails in c/linux@lemmy.ml

[-] StrawberryPigtails 22 points 9 months ago

Duel booting has been a thing for as I have been using Linux, say 2004ish, and it has only gotten easier over the last 20 years.

Some things to watch out for though. First, make sure that you have sufficient free space on your drive before beginning, and make sure that you have backups in case something goes sideways. Good practice anyways.

Second, Windows likes to hijack the bootloader making it difficult to boot into Linux. I would make sure that Windows is installed first and have a live linux disk/jumpdrive available in case Windows decides to hijack the boot loader at a later date. That has only happened to me once, and wasn't difficult to fix, but it was a pain in the butt.

As for which distro, dealer's choice. I don't think that there is a bad distro out there currently. Currently, I'm using NixOS but I think highly of Ubuntu, Fedora and all of their derivatives. Really, it's whatever boats your float.

A 30-Year Trap: The Problem With America’s Weird Mortgages by StrawberryPigtails in c/news@lemmy.world

[-] StrawberryPigtails 22 points 1 year ago

And they almost completely ignore the elephant in the room. Nobody has been building new homes!

118

Analysis | Millennials aren’t having kids. Here are the reasons why. (www.washingtonpost.com)

submitted 1 year ago by StrawberryPigtails to c/usa@lemmy.ml

35 comments fedilink

18

Home Assistant: Removal of MyQ integration (www.home-assistant.io)

submitted 1 year ago by StrawberryPigtails to c/main@selfhosted.forum

5 comments fedilink

172

Introducing the Nextcloud AI Assistant - local, privacy-respecting, and fully open source 🎉 (youtu.be)

submitted 1 year ago by StrawberryPigtails to c/technology@lemmy.world

31 comments fedilink

18

Authentik as a reverse proxy for VS-Code server? How (self.selfhosted)

submitted 1 year ago by StrawberryPigtails to c/selfhosted@lemmy.world

6 comments fedilink

I'm currently beating my head up against Authentik. What I'm trying to do is to use Authentik to secure an unsecured service, like VS-Code server. Supposedly I can do this by pointing the domain to the Authentik server and then Authentik's proxy points to the Code Server, but everything that I try either redirects back to Authentik or just gives me a blank screen.

Authentik and VS-Code are both running on the same system in docker, with my reverse proxy on another system.

The DNS (pihole) for both code.test and auth.test point to my reverse proxy running Caddy, and all of this is running local network only.

Any ideas what I am missing? Any help would be appreciated.

Caddyfile:

code.test.example.com {
    tls internal
    reverse_proxy auth.test.example.com
}
auth.test.example.com {
    tls internal
    reverse_proxy 192.168.1.110:9000
}

Authentik Proxy Provider:

External host: https://code.test.example.com
Internal host: http://192.168.1.110:8443
Internal host SSL Validation = false

VS-Code Server docker-compose.yaml:

version: "2.1"
services:
  code-server:
    image: lscr.io/linuxserver/code-server:latest
    container_name: code-server
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Etc/UTC
      #- PASSWORD= #optional
      #- HASHED_PASSWORD= #optional
      - SUDO_PASSWORD=Password #optional
      #- SUDO_PASSWORD_HASH= #optional
      - PROXY_DOMAIN=code.test.example.com #optional
      - DEFAULT_WORKSPACE=/config/workspace #optional
    volumes:
      - ./config:/config
    ports:
      - 8443:8443
    restart: unless-stopped

Authentik docker-compose.yaml:

***
version: "3.4"

services:
  postgresql:
    image: docker.io/library/postgres:12-alpine
    restart: unless-stopped
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
      start_period: 20s
      interval: 30s
      retries: 5
      timeout: 5s
    volumes:
      - database:/var/lib/postgresql/data
    environment:
      POSTGRES_PASSWORD: ${PG_PASS:?database password required}
      POSTGRES_USER: ${PG_USER:-authentik}
      POSTGRES_DB: ${PG_DB:-authentik}
    env_file:
      - .env
  redis:
    image: docker.io/library/redis:alpine
    command: --save 60 1 --loglevel warning
    restart: unless-stopped
    healthcheck:
      test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
      start_period: 20s
      interval: 30s
      retries: 5
      timeout: 3s
    volumes:
      - redis:/data
  server:
    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2023.8.3}
    restart: unless-stopped
    command: server
    environment:
      AUTHENTIK_REDIS__HOST: redis
      AUTHENTIK_POSTGRESQL__HOST: postgresql
      AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
      AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
      AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
    volumes:
      - ./media:/media
      - ./custom-templates:/templates
    env_file:
      - .env
    ports:
      - "${COMPOSE_PORT_HTTP:-9000}:9000"
      - "${COMPOSE_PORT_HTTPS:-9443}:9443"
    depends_on:
      - postgresql
      - redis
  worker:
    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2023.8.3}
    restart: unless-stopped
    command: worker
    environment:
      AUTHENTIK_REDIS__HOST: redis
      AUTHENTIK_POSTGRESQL__HOST: postgresql
      AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
      AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
      AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
    # `user: root` and the docker socket volume are optional.
    # See more for the docker socket integration here:
    # https://goauthentik.io/docs/outposts/integrations/docker
    # Removing `user: root` also prevents the worker from fixing the permissions
    # on the mounted folders, so when removing this make sure the folders have the correct UID/GID
    # (1000:1000 by default)
    user: root
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - ./media:/media
      - ./certs:/certs
      - ./custom-templates:/templates
    env_file:
      - .env
    depends_on:
      - postgresql
      - redis

volumes:
  database:
    driver: local
  redis:
    driver: local