For people living with others it might not be a choice though. The lights not working for a day the way they normally do is all it takes for someone to lose all faith in automation. It’s easier when you plan for a specific time and day to update things, as long as you are not exposed to the internet, slightly out of date apps are not a big worry
I get that, but the services listed by the other comment run just fine in docker with less hassle by throwing in some bind mounts.
The 4 VMs dedicated dockge instances is exactly the kind of thing I had in mind for people that want to avoid something that sounds more like work than a hobby when starting out. Building the knowledge takes time and each product introduced reduces the likelihood of it being completed anytime soon.
I would give docker compose a try instead. I found Proxmox to be too much, when a simple yaml file (that can be checked into a repo) can do the job.
Pay attention to when people say things can be improved (secrets/passwords, rootless/podman, backups), etc. And come back to them later.
Just don’t expose things to the internet until you understand the risks and don’t check in secrets to a public git repo and go from there. It is a lot more manageable and feels like a hobby vs feeling like I’m still at work trying to get high availability, concurrency and all this other stuff that does not matter for a home setup.
After getting a NAS to replace my raspberry pi 4 as a home server, I literally just SCPd the bind mounts and docker compose folder, adjusted a few env variables (and found out of a few I needed to add for things like the uid/guid the NAS used as default for the media user I created) and it took maybe 30 minutes total to be back and running. Highly agree with you from experience.
They are also way too small in terms of storage given that they don’t support external cards (Apple is similar). Google/Apple definitely want buyers to also buy their subscription storage services or pay the high premium for the next storage level.
I’m on an XR right now and it feels older, but still very much usable. I wish companies offered options to only get security patches instead of having to buy new phones every few years, that’s the 1 thing I hope Google keeps around and doesn’t walk back in the future.
Great summary “a lot of common error checking has gone into it. It can be told what you want without specifics that would only potentially be applicable to 1 system type.”
Forgot expensive. Big, expensive, unreliable. The trifecta.
Out of curiosity as an owner of a QNAP NAS, how did it go out? Any signs it was in its last legs? Now that I’ve used one, the form factor is the only thing better than most options out there when I got it.
Nowadays all QNAP, Sinology and other NAS vendors supposedly offer a lot of extra value with their cloud options, but I find them a sure way to get hacked based on the average company’s investment in security (I work in IT, it is a sad affair sometimes) combined with all the ransomware specifically targeting them due to old packages they rely on = I’ll build my next system from the ground up, even if the initial cost is higher and the result is uglier.
deleted by creator
deleted by creator
Not to mention that some providers offer APIs to provide certificates without opening port(s) 80/443. This allows using nice host names on your personal domain with valid SSL over the internal network too. Want to migrate a server or service? Just change the IP associated with the domain on the internal DNS. Makes migrating and upgrading a lot easier.
You don’t have to take my word on this, but when you have so many vulnerabilities, the foundation and knowledge about security practices by the developers is missing some key ingredients.
I use Jellyfin. I like jellyfin. I would like people to use jellyfin, but do it responsibly.
Citing backwards compatibility is not an acceptable answer either. If individual endpoints and/or protocols (web sockets) are being addressed as separate issues, then there is no overall filter for the most basic thing as checking if the user is authenticated, you know a potential attacker will look for more.
Will they target jellyfin instead of your average government website with a low budget and similar issues? Unlikely, but possible if the level of effort is low and can potentially create a large botnet, maybe?
You handle these with overall filters (or whatever they are called on c#) and white lists if something truly needs not to have it instead of reacting when someone reports it.
The simple fact that some of the code was sending api keys as GET parameters (which get logged cross every access log in the middleware on its way to the target server) and it didn’t raise any flags seems sufficient enough to suggest DO NOT expose jellyfin directly to the internet.
By then you would have racked up thousands of dollars in legal fees. Not to mention if anyone posts anything negative about the current administration you could be used as an example.
We already have students on visas being kidnapped off the streets, let’s stop pretending the law actually matters for the people in power.
Bash does seem like a better fit for this kind of script since it is a lot more portable.
I.e.: It comes by default for many Linux distributions. For windows, a Git bash install will get you most utilities needed for large reliable scripts (grep, scp, find, sort, uniq, cat, tr, ls, etc.).
With that said, you should write it on whatever language you want, especially if it is for learning purposes, that’s where the fun comes from :)
Cheaper plex subscription at the cost of healthcare and taking orders from a moron. Can’t say no to a great deal!
I don’t know if it is always the fastest. I know they said android, but for example on not too old Apple phones (pre-usb c), I had the impression you could get better throughout on wifi compared to a cable connection. Maybe that’s just apple trying to squeeze money on proprietary connectors, but other manufacturers seem to copy their worst takes sometimes though.
He just needs a bonus for a few billion dollars and then it will be ok.
I seriously can’t believe there are board members that brain dead that think it would be a good idea to approve that kind of bonus if they are trying to make any money for the company.
Can you elaborate on what you mean?
And the day that something bad in general about the code can be said? That’s when developers fork. It means something different to us.
But then you are sending credentials in clear text over the network. That will get logged on the corporate access logs ensuring a quick permanent vacation once they notice how careless the employee is, not to mention the mixing personal and work resources.
Edit: forgot to mention, most work devices also decrypt SSL traffic by using man-in-the-middle approach (unless they are very incompetent). Even stuff like personal email and shopping should not be accessed on a work device if you don’t want your work to have your passwords.