• 2 Posts
  • 34 Comments
Joined 1 year ago
cake
Cake day: December 28th, 2023

help-circle


  • N0x0n@lemmy.mltoSelfhosted@lemmy.worldTesting vs Prod
    link
    fedilink
    English
    arrow-up
    6
    ·
    edit-2
    2 days ago

    Production is my testing lab, but only in my homelab ! I guess I don’t care to perfectly secure my services (really dumb and easy passwords, no 2fa, not hiding plain sight passwords…) because I’m not directly exposing them to the web and accessing them externally via Wireguard ! That’s really bad practice though, but any time soon will probably clean up that mess, but right now I can’t, I have to cook some eggs…

    There are 2 things though I actually do have some more complex workflow:

    • Rather complex incremental automated backup script for my docker container volumes, databases, config files, compose files.

    • Self-hosted mini-CA to access all my services via a nice .lab domain and get rid of that pesky warning on my devices.

    I always do some tests if my backups are working on a VM on my personal desktop computer, because no backup means that all those years of tinkering for nothing… This will bring up some nasty depression…

    Edit: If have a rather small homelab, everything on an old laptop, still quite happy with the result and works as expected.



  • Just create a wildcard domain certificate !

    I access all my services in my lan through https://servicename.home.lab/ I just had to add the rootCA certificat (actually the intermediate certificate) into my trust store on every device. That’s what they actually do, just in automated way !

    Never had an issue to access my services with my self-signed certs, neither on Android, iOS, windows, linux ! Everything served from my server via my reverse proxy of choice (Treafik).

    However I do remember that there was something of importance to make my Android device accept the certificate (something in certificate itself and the extension).

    If you’re interested I can send you the snipped of a book to fully host your own CA :). It’s a great read and easy to follow !








  • Back in the day, that’s what I did ALOT on Windows. Specially because of piracy and my younger me having no idea what he was doing XD !

    Still happens on Linux with EndeavourOS but not for the same reasons ! There are millions times more ways to break stuff on Linux but I always learn Something new during the process.

    Story time:

    Learned the other day that some config files are loaded in a specific order and depending what display manager is installed. That was kinda eye opening to understand cause my system didn’t load .profile when .bash_profile was present and I didn’t understood why ! Thanks Archwiki !






  • The only thing I don’t install via that way is Firefox addons.

    Any specific reason why? Yesterday I installed LibreWolf and saw at the same time a few addons in the AUR.

    Do you know what’s the difference from an AUR addon or the official Firefox addon repo?

    I guess It would be for security reasons because you never know if someone has tempered with the addon.



  • It really depends on your metadata/ directory structure. Even though navidrome doesn’t care of your directory structure it’s better to have everything neatly separated !

    You can spin a docker compose (if you’re a bit acquainted with it) and simply point to your external drive containing your media, just to give it a try and see how it performs with your media files.

    Just give it a try and see how it works, however I would wait for the new scanner update before upgrading fully to navidrome which would give some new long awaited functionalities like VA list of all artist.

    But I had so many services running it was a pain to maintain.

    Are you talking about docker containers? You should take a look at what’s up docker to maintain and keep track of your containers. I have approximately 20 containers and It was easier to keep track this way. If you’re more in the 50/100 range… Yeah this sounds a lot ! :o


  • Now I just want to host a web page and expose it with nepenthes…

    First, because I’m a big fan of carnivorous plants.

    Second, because it let’s you poison LLMs, AI and fuck with their data.

    Lastly, because I can do my part and say F#CK Y0U to those privacy data hungry a$$holes !

    I don’t even expose anything directly to the web (always accessible through a tunnel like wireguard) or have any important data to protect from AI or LLMs. But just giving the opportunity to fuck with them while they continuously harvest data from everyone is something I was already thinking off but didn’t knew how.

    Thanks for the link !


  • Anime and .ass subtitles are a bit funky but that’s not due to jellyfin but the player used while streaming in direct play. (In my case)

    I had the issue where on my mobile/laptop some subtitles just disappeared or where strangely formated. After some digging arround I found out that VLC was the culprit and changing the default player to MPV or alternatives like Findroid (which uses MPV as default player) everything went butter smooth in direct play !

    No idea about transcoding though :/