smiletolerantly

joined 1 year ago
sorted by: new top controversial old
My Ultimate Self-hosting Setup in c/selfhosted@lemmy.world
[–] smiletolerantly@awful.systems 4 points 23 hours ago

Btw, nice read OP. Always great to see more Nix "in the wild".

Are password managers secure to use? in c/nostupidquestions@lemmy.world
[–] smiletolerantly@awful.systems 28 points 1 day ago (1 children)

Can't believe noone mentioned this yet:

Any good password manager encrypts and decrypts your password file client side. The server should not even have the ability to read your passwords.

Even in the case of a leak of all of the server's data, as long as your password for the manager was good, you've got nothing to worry about.

I'd say pick a PW manager where both client and server are open source. Pick a strong passphrase. Enjoy.

My Ultimate Self-hosting Setup in c/selfhosted@lemmy.world
[–] smiletolerantly@awful.systems 5 points 1 day ago (2 children)

Yeah, but no dark magic involved.

  • build image
  • copy to proxmox ISO store
  • import, resize disk
  • start, wait to come online
  • read ssh pubkey, save it
  • rekey secrets
  • rebuild VM

The only "magic" parts are two nix modules for handling proper networking and hardware setup, and exposing required attributes to the script.

Works really well, zero manual config (beyond the services you want to run...) required on nix or proxmox side.

Just created my own zero trust network! in c/selfhosted@lemmy.world
[–] smiletolerantly@awful.systems 1 points 1 day ago

Nothing. People fearmonger

My Ultimate Self-hosting Setup in c/selfhosted@lemmy.world
[–] smiletolerantly@awful.systems 8 points 1 day ago (4 children)

Funny - same thing here. Got 3 proxmox hosts running, all virtual machines are NixOS though.

I'd love to go full Nix, but between my GF and I, we kinda split the responsibilities: hardware is hers, applications are mine. And there's not a chance she'll give up her Proxmox hosts 😄

Got it automated to a single "provision" command though that will spin up any of my nix VMS unanttended, so I'm happy with that.

Dik Piks in c/science_memes@mander.xyz
[–] smiletolerantly@awful.systems 0 points 2 days ago (1 children)

There so much misogyny oozing out of your comment, I think I'll go disinfect my screen now.

Hope your friend gets convicted for sending unsolicited explicit content 👍

Germany sees uptick in people living alone in c/world@lemmy.world
[–] smiletolerantly@awful.systems 6 points 3 days ago

Lol. Living alone does not make you lonely.

Honestly, I'm gappy for my fellow Germans that so many are able to live by themselves! It's a good sign that fewer people need to share rent.

Scaled Propaganda in c/196@lemmy.blahaj.zone
[–] smiletolerantly@awful.systems 5 points 3 days ago

I always sort by new comments.

What's a regional pronunciation of a word that seems normal to you but is weird to people from other parts of the country? in c/asklemmy@lemmy.world
Leading AI Models Are Completely Flunking the Three Laws of Robotics in c/technology@lemmy.world
[–] smiletolerantly@awful.systems 20 points 3 days ago (1 children)

It's a goddamn stochastic parrot, starting from zero on each invocation and spitting out something passing for coherence according to its training set.

"Not understanding what is happening" in regards to AI is NOT "we don't jniw how it works mechanically" it's "yeah there are so many parameters, it's just not possible to make sense of / keep track of them all".

There's no awareness or thought.

Which git branch are you on? in c/linuxmemes@lemmy.world
[–] smiletolerantly@awful.systems 9 points 5 days ago* (last edited 5 days ago) (3 children)

Last place of employment had develop as the default branch. Actually quite liked it. (There also was a main branch, which only got merged into as part of the release flow, so might as well have called it release, I suppose).

Anyway, IMO it communicated "volatile and subject to change" a lot more clearly than things like "head of main" etc

Feds in Catalonia, Spain think everyone using a Google Pixel must be a drug dealer in c/technology@lemmy.world
[–] smiletolerantly@awful.systems 41 points 6 days ago (3 children)

Now THAT is something I wouldn't ever trust.

84
ich 🌶️🌶️🌶️ iel (awful.systems)
submitted 4 months ago* (last edited 4 months ago) by smiletolerantly@awful.systems to c/ich_iel@feddit.org
22 comments fedilink
 

Danke!! Endlich sagt wer was!

76
Devin, the "$2 Billion AI software engineer" turns out to be a complete scam. Who could have thunk! (www.youtube.com)
 

Schadenfreude 🙂

146
How would I go about gaining access to a locked-down Linux device I own. (awful.systems)
 

Five years ago, I bought a Supernote A5. It was (and mostly still is) a great device for reading and writing on an eInk display, and it runs plain old linux.

The deciding reason I went for this device instead of the competition is that I was "under the impression" that they were about to enable full SSH access to the device! Awesome!

"Why were you under that impression?", I hear the skeptics ask. Well, their spokesperson has stated that they would do so. Via mail, and on reddit, publicly, multiple times. I was still torn, so sent them a DM, asking if this was ineed factual. "Yes", they said, "the next quarterly update will enable SSH access!".

Great!

Well, it's been 5 years. They did not follow through. A couple updates were published, none contained the promised functionality, the spokesperson stopped answering questions about SSH. The last software update I received is from 2.5yrs ago. Mentions of the original Supernote A5 have largely been scrubbed from their website.

Let me be clear, the device still functions perfectly. But it is in danger of becoming e-waste because it is so needlessly complicated to get stuff on the device. I'm currently in need of an ebook reader with (ideally) OPDS capability, and I am pretty confident I'd be able to get something like koreader running on this, or at least just run a script to sync files over SSH. Also, I frankly feel wounded in my pride having a Linux device in my possession which refuses to do my bidding (I'm joking of course, but also I am 100% serious).

Here's all I know:

  • plugging it in via USB, the device reads as an MTP device, with access only to the documents/books/... stored on it
  • you can place an update.zip file (obtained from the SN website) into the root of that MTP directory, and upon reboot, the device will update. To me, this appears to be the most promising route of gaining access.
  • unfortunately, the zip file is encrypted. The decryption key clearly has to be known to the device, but since I have no access to it,...

I'm a software engineer, but I have zero knowledge of the "dark arts", so to speak. If anyone could help me (or point me into the right direction!), I would really be grateful. I don't want this (generally nice) product to turn into a paperweight instead of a paper replacement :(

40
Self-Hosted setup for remote music lessons? (awful.systems)
 

Basically, the title. After years of inactivty, I'll be taking music (cello) lessons again, with my teacher of yesteryear, from whom I've moved half a country away.

She has suggested Zoom but is open to alternatives. I don't particularly like Zoom, plus I have a feeling better quality can be had through a custom solution - but I'm at a bit of a loss as to what exactly would be a good fit for this project.

Maybe Jitsi? Does someone here have experience with it and could tell me if it's possible to set something like a "target" audio quality?

For hardware, I basically have two options. Both are already in use, for different things, and have sufficient processing capabilities - albeit no GPU:

  • host everything at home. Plus: lowest possible latency from me to the server. Not sure how much that is worth though.
  • root server in the Hetzner cloud: much faster network speed. Again though, not sure how beneficial that is, the ultimate bottleneck will always be my upload speed (40Mbit)

OK, I realize that this post is a but of a random assortment of thoughts. I'd be really happy about suggestions and / or hearing about other's experiences with similar use-cases!

194
Can someone rule-splain this (i.redd.it)
 

cross-posted from: https://lemmy.ca/post/25155152

28
Can't use Crunchyroll via WireGuard (awful.systems)
submitted 1 year ago* (last edited 1 year ago) by smiletolerantly@awful.systems to c/selfhosted@lemmy.world
19 comments fedilink
 

Hi,

not sure where else to post this. For a while now, I've unsuccessfully been trying to get WireGuard to work with Crunchyroll.

Setup is as follows:

  • dedicated server hosts a wg-quick instance in [neighboring country]
  • OPNSense acts as peer on a single IP
  • I have a rule for routing the entire traffic of some source device via that IP

This works just fine. Handshake successful, traffic is routed via the server. traceroute shows the server as the hop immediately after my device's local gateway. The connection is stable, and fast.

...except for Crunchyroll. The site / app itself is fine, but I can not, for the life of me, get a video to play. It just keeps loading forever.

I don't think this is an issue with CR recognizing that I'm not where I say I am - looking online, it seems pretty easy to use CR with a VPN. I've also tried from multiple other devices, all with the same symptom.

If anyone has suggestions, I'd love to hear them 😅

EDIT: ~~It was MTU. Had to manually set it to 1500 on both devices.~~

Nope, still the same issues. I was using the fallback interface there briefly.

EDIT: It WAS MTU related, I had to enable MSS clamping on the OPNSense.

view more: next ›