A software developer and Linux nerd, living in Germany. I’m usually a chill dude but my online persona doesn’t always reflect my true personality. Take what I say with a grain of salt, I usually try to be nice and give good advice, though.
I’m into Free Software, selfhosting, microcontrollers and electronics, freedom, privacy and the usual stuff. And a few select other random things as well.
I’ll just open them up to the internet via an nginx reverse proxy. Make sure sign up is disabled in the applications, and something blocks people from brute-forcing passwords. Pretty sure Nextcloud comes like that per default. And I’ll do updates. And see if I can run stuff in containers or seperate users so in the unlikely case something happens, access to one of my services doesn’t compromise the entire server.
Lots of other people use VPNs though. Like Wireguard, Netbird, Tailscale…
If it’s just you, and you’re fine with the regular login… Just disable signup and don’t add more authentication mechanisms like oauth/openID.
I’m using nginx as a reverse proxy as well. For now, I added a lot of “deny” directives to ban all the address ranges from Tencent, Alibaba, OpenAI. It’s not a 100% solution, but works well enough for me. I’m mostly worried about AI crawlers causing too much load on my server. And it stopped since, so I don’t think I’m gonna need Anubis and all these extra things in front if my applications. If you like you can look into solutions like a web application firewall like Crowdsec.
Yeah, me too. For some hobbies there just isn’t a lot of activity.
We have some regular pc gaming communities:
And some about tabletop games:
Not sure if there’s more, that’s about the ones I’m aware of. Lemmyverse.net has a few more: https://lemmyverse.net/communities?query=gam
Well, previously we had LemmyNSFW. That one died, pretty much out of the blue. Now the second admin(?) of it launched FediNSFW as a successor. We have that - for now - I guess? They said they’re gonna try to make sure the same thing doesn’t happen again.
But I guess it’s still a single point of failure. If they don’t properly ensure there’s several people who own the domain and hosting infrastructure, can administer the contracts, server etc, it might still be down to one person and their ability to keep it up. And if there’s legal troubles, uncertainty, not enough donations, law changes or the hoster or Cloudflare pulls the trigger, that might be the end of all of it as well. A severe technical issue/mistake could also take down a singular instance. And due to the delicate nature of NSFW content, they probably can’t afford to be 100% transparent with us, so I wouldn’t know whether they’re in a healthy place or not.
I mean there’s nothing wrong with FediNSFW’s existence. I just think it’s massively questionable to all bet on the same horse, and then call us the “Fediverse”, a decentral platform…
I think so as well. Porn is available in abundance. We don’t really need it here. What I think could be nice is people who like to write erotic fiction as a hobby and post their original content. Or people discuss erotic computer games. Or like relationship advice and NSFW questions in case some country abolishes sex ed. Maybe talking about piracy, mental issues, loss… all the things that are deemed “not advertiser friendly” on commercial platforms. That’d be something positive. But it’s not easy. And it often all gets lumped together under some big NSFW umbrella and 95% of people want to share pron clips anyway. Mostly with zero care for copyright or the creators’ consent.
Hehe. Yeah, I don’t think we need more content. There’s already some out there. And everyone can add more, all they need is 20sec of time and a redgifs link. What we really need is more admins run servers to host that stuff. And a bigger admin team for the already existing instance so it doesn’t just randomly go away along with all the content, as well. Maybe one or two lawyers, or someone with expertise in bullet-proof hosting, to set it up properly. (And we likely need moderators as well. Half of the communities on the old server used to be a desert. Claimed en masse by some nominal members who left a long time ago.) But original content is certainly welcome 😆
Probably more NSFW instances? We barely have one.
Already a thing. We can choose between Ubuntu, who restrict your freedom and privacy in the Snap store, and have experimented with weird things like forward your desktop search to the internet or integrate Amazon into your desktop. Or you can pick a different distro. Some have telemetry, some ask you for your permission and even patch user software so it doesn’t send telemetry per default. Some were kinda illegal and distributed libcss2.
I think the latest outcry with LLMs unmasking pseudonymous users wasn’t due to their writing style and grammar. But they used the information and facts the posts contained. You’d basically need to switch up your writing style. But then also stop blogging about your favorite Star Trek series and Linux, and pick a new hobby to write about. And claim you’re a nurse from Uganda and random new things.
Latest changes in the EU are part of the NIS-2 directive. My private German domains don’t show a lot of detail and it’s been like that for many years.
Start simple, then work your way up. Construct a static website with HTML. Learn how to navigate folders on a (remote) server, so the Linux commandline. Learn how to install software and where to find the configuration and logfiles. Then install some webserver and make it serve your first website. You can do all of this on your own computer. And after that you can learn how to install other web applications, how to reconfigure your webserver to act as a reverse proxy.
So start with basic webdevelopment first, then do Linux, webservers, and then once you got the basics you can do more advanced apps, containers and all the stuff.
Not sure which book to recommend. But I often recommend https://yunohost.org/ to people who just want to run webservices. It does most of the complicated stuff for you and you just need to click install for software in YunoHost’s catalog. You just need to learn a few basic things about the internet, because it’s fairly easy to use.
Not sure if you broke out of the Matrix here. OP’s reply contained an em-dash, started with an affirmation. Follows the rule of three. I’d say there’s still a high likelihood it’s an AI which “claims” the code went through review.
Yeah, You’ll have to do a lot more troubleshooting than this. Did Docker successfully bind to port 8000? Can you curl it from the VPS itself? Does the container and the things in it run properly? Are there any error messages in the logs?
I’m not a Docker expert, but I’d start with the docker commands which show if a container is running and which ports it actually binds. Maybe a ss -at. then do a curl http://localhost:8000/ and see if it returns your webpage. If it doesn’t, you need to fix your webpage container first. Or see if you can come up with an easier method to deploy your website.
A reverse proxy in any shape or form, will require your website to run, first.
Lol. For someone who says they expect other people to learn something, you’re a bit short in supply. I mean this would be an opportunity for someone (me) to learn something. But a down-vote won’t do it. And lessons on what not to do (discuss 2.5h, expect it to think) don’t lead anywhere either. I’d need to know what to do in my situation. Or where to find such information?!
Or was it because I said I value efficiency and for some reason you’re team bloat? I seriously don’t get it.
I don’t have a definite answer to it. Could be the case I’m somehow intelligent enough to remember all the quirks of C and C++. Eat a book on my favorite microcontroller in 3 days and remember details about the peripherals and processor. But somehow I’m too stupid to figure out how AI works. I can’t rule it out. At least I’ve tried.
I still think microcontroller programming is way more fun than coding some big Node.JS application with a bazillion of dependencies.
And I sometimes wish people would write an instant messenger like we have 4MB of RAM available and not eat up 1GB with their Electron app, which then also gets flagged by the maintainers for using some components that have open vulnerabilities, twice a year.
I mean I don’t see any reason why I shouldn’t be allowed to complain about it.
But yeah, software development is always changing. And sometimes I wonder if things are for the better or the worse.
I’ve had a lot of bad experience with embedded stuff and trying to let AI do it for me. I mostly ended up wasting time. I always thought it must be because these LLMs are mainly trained on regular computer code, without these constraints and that’s why they always smuggle in silly mistakes. And while fixing one thing, they break a different thing. But could also be my stupidity.
I’ve had a way better time letting it do webfrontends, CSS, JavaScript… even architecture.
But I don’t think this (specifically) is one of the big issues with AI anyway. People are free to learn whatever they want. There’s a lot if niches in computer science. And diversity is a good thing.
We also have issues with young people in the industry. As some junior developer stuff is now done by AI, we’re lacking more and more positions to start in, and learn the ropes. And you can’t start out as a senior, either. So that got more complicated as well.
Haha. I think there’s often a rough idea on what kind of programmer people are, judging by their opinion on these AI tools.
Have you tried arguing with your AI assistant for 2.5h straight about memory allocation, and why it can’t just take some example code from some documentation? And it keeps doing memory allocation wrong? Scold it over and over again to use linear algebra instead of trigonometric functions which won’t cut it? Have you tried connecting Claude Code to your oscilloscope and soldering iron to see what kind of mess its code produces?
I’m fairly sure there are reasons to use AI in software development. And there are also good reasons to do without AI, just use your brain and be done with it in one or two hours instead of wasting half a workday arguing and then still ending up doing it yourself 😅
I don’t think these programmers are idiots. There’s a lot of nuance to it. And it’s not easy at all to apply AI correctly so it ends up saving you time.
Good comment. The main issue is this: Back in the day I could have a quick look at the code and tell within a minute whether something was coded by a 12 year old or by some experienced programmer. Whether someone put in so much effort, I could be pretty sure they’re gonna maintain the project. Put in some love because it solves some use-case in their life and it’s going to do the same for me. Assess their skill-level in languages I’m fluent in.
These days not so much. All code quality looks pretty much the same. Could be utter garbage. Could be good software, could be maintained. Could be anything, Claude always makes it look good on a first glance. There’s also new ulterior motives why software exists. And it takes me a good amount of time and detective work to find out. And I often can’t rely on other people either, because they’re either enraged or bots and the entire arguments are full of falsehoods.
As a programmer and avid Linux user, I rely a lot on other people’s software. And the Free Software community indeed used to be super reliable. I could take libraries for my software projects. Could install everything from the Debian repo and I never had any issues. It’s mostly rock solid. There were never any nefarious things going on.
And now we added deceit to the mix. Try to keep the true nature of projects a secret. And i think that’s super unhealthy. I had a lot of trust in my supply chain. And now I’m gonna need to put in a lot of effort to keep it that way. And not fall prey to some shiny new thing which might be full of bugs and annoyances and security vulnerabilities, and gone by tomorrow once someone stops their OpenClaw… Yet the project looks like some reliable software.
And I don’t share the opinion on sandboxing. Linux doesn’t have sandboxing (on the Desktop). That’s a MacOS thing (and Android and iOS). All we have is Flatpak. But you’re forcing me to install 10GB of runtimes. Pass on the distro maintainers who always had a second pair of eyes on what software does, if it had tracking or weird things in it, whether it had security vulnerabilities in the supply chain. Maintainers who also provided a coherent desktop experience to me. And now I’m gonna pull software from random people/upstreams on the internet, and trust them? Really? Isn’t that just worse in any aspect?
And wasn’t there some line in devops? Why is it now every operators job to do static analysis on the millions of moving parts on their servers… Isn’t that a development job?
And I don’t think Flatpak’s permission system is even fine-granular enough. Plus how does it even help in many cases? If I want to use a password manager, it obviously needs access to my passwords. I can’t sandbox that away. So if the developers decide to steal them, there’s no sandboxing stopping them in any way. Same for all the files on my Nextcloud. So I don’t see how sandboxing is gonna help with any of that.
I just don’t think it’s a good argument. I mean if you have a solution on how sandboxing helps with these things, feel free to teach me. I don’t see a way around trust and honesty as the basic building blocks. And then sandboxing/containerization etc on top to help with some specific (limited) attack vectors.
I mean, don’t get me wrong here. I’m not saying we need to ban AI in software development. I’m also not saying 12 year olds aren’t allowed to code. I did. And some kids do great things. That in itself isn’t any issue.
Yeah. Maybe it’s time to adopt some new rule in the selfhosted community. Mandating disclosure. Because we got several AI coded projects in the last few days or weeks.
I just want some say in what I install on my computer. And not be fooled by someone into using their software.
I mean I know why people deliberately hide it, and say “I built …” when they didn’t. Because otherwise there’s an immediate shitstorm coming in. But deceiving people about the nature of the projects isn’t a proper solution either. And it doesn’t align well with the traditional core values of Free Software. I think a lot of value is lost if honesty (and transparency) isn’t held up anymore within our community.
I feel “Free Software” is the closest we get. As that is associated with the Free Software movement and copyleft. In reality, we’re talking more about freedom of opportunity, though. We’re not really owed software that fits our use-case 100%, that’s not the kind of freedom we’re talking about.