publication croisée depuis : https://lemmy.pierre-couy.fr/post/805239

> Happy birthday to Let's Encrypt ! > > Huge thanks to everyone involved in making HTTPS available to everyone for free ! > > !

Consider watching this video with FreeTube, a nifty open-source program that lets you watch YouTube videos without Google spying on your viewing habits!

Combined with Libredirect, which automatically opens youtube links in Freetube, it becomes really slick and effortless to use.

> Long-awaited release, with the flagship feature of custom attributes! This unlock many integrations, notably Linux user management through PAM.

The founder of Drupal posted recently about this self-hosted and completely solar-powered personal site he made, in Boston of all places.

He describes the hardware, software, and the challenges he ran into while setting it all up. The site even includes automatically updating statistics about the system and battery. There's no backup or fail over, so if the battery drains due to cloudy or cold weather, the website will simply go offline for a while and he's fine with that.

cross-posted from: https://lemmy.world/post/20066526

> Features: > > * Distroless > > * -THE- smallest nextdns docker image there is > > * With riscv support > > * Both Dockerfile and docker-compose provided @ op link > > Enjoy.

Hey guys!

I want to convert my now corebooted Thinkpad T430 into a Nextcloud server and possibly more (Syncthing, maybe Tor, maybe more)

1 500GB SSD, 1 1TB SSD

Currently runs Fedora Kinoite, I could rebase to something like secureblue uCore, Fedora IoT, uBlue uCore, ...

Not sure if those would have broken configs though.

Maybe I would prefer something with slower pace, but tbh the pace of CentOS bootc becoming a thing is quite frustrating. This would likely be the perfect 'install and forget' distro for many, a KDE Image would be there in no time.

I wouldnt want to use a traditional distro, even though a base Debian or AlmaLinux/ Rockylinux (what the hell was that of a hydra? Cut off one head, spawn 2? what are the differences??) could just be fine. I used Debian in the past, it really just works.

I would like

• Nextcloud AIO docker image, maybe with podman? It is supposedly more secure but the world runs on Docker, and all is fine. Podman is a pain quite often.
• some nice management like Cockpit
• dyn DNS, for example with NoIP, best free
• secure ssh, that should be no issue
• btrfs? or zfs? with backups to a secondary drive
• automatic updates with snapshot creation. Atomic system would be easiest here.
• easy to use and secure reverse proxy, with DynDNS for reliable address on the internet. NGINX, Traefik, Caddy, what is the best here??

Here I am not sure if I should use 1TB + 1TB, or 500GB used and 1TB backup. BTRFS backups can be incremental.

while I made a list of BTRFS tools I still have no idea what the best tool for this job is.

cross-posted from: https://lemmy.pierre-couy.fr/post/653426

> This is a guide I wrote for Immich's documentation. It features some Immich specific parts, but should be quite easy to adapt to other use cases. > > It is also possible (and not technically hard) to self-host a protomaps release, but this would require 100GB+ of disk space (which I can't spare right now). The main advantages of this guide over hosting a full tile server are : > - it's a single nginx config file to deploy > - it saves you some storage space since you're only hosting tiles you've previously viewed. You can also tweak the maximum cache size to your needs > - it is easy to configure a trade-off between map freshness and privacy by tweaking the cache expiration delay > > If you try to follow it, please send me some feedback on the content and the wording, so I can improve it

cross-posted from: https://programming.dev/post/18360806

> Hi everyone, > > I would like to enable Cross-Origin Resource Sharing on my Nginx server. for few origins (cors requestor)/domains. > > I've found this article https://www.juannicolas.eu/how-to-set-up-nginx-cors-multiple-origins that is nice, but not complete and on my browser seem really hard to read due to the layout 🤮 > > So I've opened a CodeBerg git repository for the good soul that want to perfect this piece of code the allow the most of use to use CORS with Nginx. > > https://codeberg.org/R1ckSanchez_C137/BestOfxxx/src/branch/main/Nginx/CORS_MultiDomains.py > > If you don't want to create an account on codeberg feel free to post your code here ! > > nginx > server { > # Server > > map "$http_origin" $cors { # map in Nginx is somewhat like a switch case in a programming language. > default ''; #Seem to set $cors to '' empty string if none of the follwing rexeg match ? > "~^https:\/\/([\w-_\.]+\.)?example.com$" "$http_origin"; > #regex domain match > # ~ mean I suppose the string is RegEx ? > # Need to come with a RegEx expression that match https://anything.example.com[optional ports and Query string ?X=Y] > "~^https:\/\/([\w-_\.]+\.)?example2.com$" "$http_origin"; #regex domain match > } > > > location /static { > > # if preflight request, we will cache it > if ($request_method = 'OPTIONS') { > add_header 'Access-Control-Max-Age' 1728000; #20 days > add_header 'Content-Type' 'text/plain charset=UTF-8'; > add_header 'Content-Length' 0; > return 204; #https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/204 } > > if ($cors != "") { > add_header 'Access-Control-Allow-Origin' "$cors" always; # <-- Variable $cors > add_header 'Access-Control-Allow-Credentials' 'true' always; > add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always; > add_header 'Access-Control-Allow-Headers' 'Accept, Authorization, Cache-Control, Content-Type, DNT, If-Modified-Since, Keep-Alive, Origin, User-Agent, X-Requested-With' always;} > > # configuration lines... > > } > } > > } > > >

does anyone here have experience hosting a Signal proxy and/or a Tor relay? there's a blog post on signal.org asking for folks to help, and i can but i don't know enough about network security to feel safe/confident doing some of this stuff. same with Tor - i've always wanted to host an exit relay (and in fact have this whole long theory about how every public library in the US should host an exit relay, but that's for another post someday maybe).

do any of you have experience with doing this? what kind of best practices would you recommend? any good resources on protecting your network that you might point me to? i will be getting my Net+ cert within the next year but for now i am starting from "enthusiastic beginner" and want to be helpful, but careful.

This may be deemed slightly off topic but I felt like this community might know the answer to this. I'm looking for a way to permanently embed information about who is in a photo, but when I search Google I just get some forum posts from 10 years ago. Surely there is something more recent? How would you go about doing this? Let's assume they are JPG.

I thought about this when looking through photos from my grandparents, where the names are written on the back of the photo. I have many digital photos from ten years ago and I've already forgotten the names of some of the people so imagine what it will be like in another 30 years.

> Obligator is a relatively simple and opinionated OpenID Connect (OIDC) Provider (OP) server designed for self-hosters.

>GoToSocial is an ActivityPub social network server, written in Golang.

Basically a modernised PCengine APU4, which sadly got discontinued.

I'm looking to buy a router for home use, on which I plan to install OpenWRT. After some research, I have come across the TP-LINK Archer AX23, which checks all of the boxes I have:

• [x] Comparatively low price
• [x] Supports WPA3
• [x] Supported by OpenWRT
• [x] Has at least three LAN ports

However, before I and my dad go and buy one, it has to pass the final test: the forums.

Has anyone used this router before? What was your experience? Can I do better, or have I found the best router ever made? Please share your thoughts.

Hello Lemmy! Yesterday I released the first version of an alternative frontend for Threads: Shoelace. It allows for fetching posts and profiles from Threads without the need of any browser-side JavaScript. It's written in Rust, and powered by the spools library, which was co-developed between me and my girlfriend. Here's a quick preview:

!A screenshot of Shoelace's homepage, showing the logo on top, the title "Shoelace", the subtitle "an alternative frontend for Threads", an input bar with the tooltip "Jump to a profile...", and at the bottom three links: "hub", "donate", and "v0.1".

!Mark Zuckerberg's profile on Shoelace, showing three posts: One showcasing columns on the official Threads frontend, another congratulating himself for 1.2M+ downloads in his company's new AI software, and the glimpse of a post related to the "metaverse" !Post by münecat on Shoelace, announcing the release of a video essay criticizing the field of evolutionary psychology

The official public instance (at least for now) is located at https://shoelace.mint.lgbt/, if y'all wanna try it out. There's also instructions to deploy it inside the docs you can find in the README. Hope y'all enjoy it!

Cockpit shows some PCP metrics but Grafana is nicer and better suited for time-series data.

Describes the zrep script that uses zfs send and receive over network to keep a read-only copy of snapshots up-to-date.

A simple self-hosted workout/activity tracker.

An open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices

Imagine I want to create a local internet for my community. Things that will be useful, helpful, and easy to use. Ideally, setup/maintenance would be relatively straightforward too, since I will for the time being at least be running this solo.

So if I'm going to be the community SysAdmin but also have free choice of what to run, what would you think about the following ideas of things to share with people?

-Radarr (movies) -Sonarr (TV shows) -Lidarr (music) -Calbire (or Readarr I guess, for books) -Jellyfin (media streaming) -Nextcloud (file sharing)

And then as for me myself, I'd probably set up a Graylog Open instance to aggregate issues, and have a couple of separate physical servers for these different things.

Do you think that would be helpful/useful/fun for getting community members to think about the potential of hyperlocal internet?

Alternatively, are folks doing this already? If so, how do you have this kind of thing set up?

If I'm dreaming big, I would also love to set up a mesh relay to offer this intranet stuff to the community.

I'm hoping that these ideas are solarpunk enough and selfhosting enough to warrant community feedback.

Basically, I guess, are there any other community SysAdmins out there doing this kind of work?

Thanks for your time.

cross-posted from: https://slrpnk.net/post/8966140 Zoraxy describes itself as: > "General purpose request (reverse) proxy and forwarding tool for networking noobs. Now written in Go!".

Yet it seems to be packed with goodies and features, such as Geo-IP & Blacklist, ZeroTier controller integrated GAN, IP Scanner, Real Time Stats and even built in Uptime monitor. Addtionally, it can run via a single binary for those who don't want to rely on Docker. There is also an Unraid Template available from IBRACORP. Lastly the project is under the AGPL license 🌻

I also checked, and saw this was recommended on this community 9months ago, but didn't seem to get much attraction then. Has anyone tried this yet? It seems like a good alternative to say NGINX proxy manager and am wondering if I should switch, but wanted to hear thoughts first!

Zoraxy's Github list the following features:

Features

• Simple to use interface with detail in-system instructions
• Reverse Proxy (HTTP/2)
  • Virtual Directory
  • WebSocket Proxy (automatic, no set-up needed)
  • Basic Auth
  • Alias Hostnames
  • Custom Headers
• Redirection Rules
• TLS / SSL setup and deploy
  • ACME features like auto-renew to serve your sites in https
  • SNI support (one certificate contains multiple host names)
• Blacklist / Whitelist by country or IP address (single IP, CIDR or wildcard for beginners)
• Global Area Network Controller Web UI (ZeroTier not included)
• TCP Tunneling / Proxy
• Integrated Up-time Monitor
• Web-SSH Terminal
• Utilities
  • CIDR IP converters
  • mDNS Scanner
  • IP Scanner
• Others
  • Basic single-admin management mode
  • External permission management system for easy system integration
  • SMTP config for password reset

Screenshots

!Image 1

!Image 2

!Image 3

!Image 4

!Image 5

!Image 6

!Image 7

!Image 8

!Image 9

!Image 10

!Image 11

!Image 12

!Image 13

!Image 14

!Image 15

!Image 16

!Image 17

!Image 18

> Eintopf is a calendar where one can publish events, groups and places. It is deployed at eintopf.info