Yes it’s not too much bother to set this up, it can be put into ansible and once working I’ve not had to touch it again. Here’s another dracut tool using dropbear that works well and has decent instructions on setup: dracut-crypt-ssh
The crypt-ssh dracut module allows remote unlocking of systems with full disk encryption via ssh
Stow/chezmoi/your choice for dotfiles, config mgmt for system config. You don’t need to rebuild whole server to start with ansible tho, you can take over one file at a time and grow as you learn.
As you’ve found I don’t know of a tool that will cover both usecases as config mgmt for dotfiles is too much and dotfile mgrs for system config is probably out of their scope.
https://blog.fyralabs.com/upgrade-error-with-vlc-plugins-freeworld/
That rpmfusion package looks like trouble, can you uninstall it or all of rpmfusion before upgrading? I also see internet problems here also so you might be better off fixing that first.
Messages are only sent when both online though, thet’s the bigger difference (unless using Briar Mailbox). Also it can send over wifi and bluetooth without internet connection i.e. no other devices involved.
Upgrade from compression tools to backup tools. Look into using restic (a tool with dedup, compression and checksumming) on a filesystem which also checksums and compresses (btrfs/zfs) - that’s probably most reasonable protection and space saving available. Between restic’s checks and the filesystem you will know when a bit flips and that’s when you replace the hardware (restoring from one of your other backups).
If you mean with a gui then this is one tool:
Try this:
gsettings set org.gnome.mutter check-alive-timeout 10000
Value is in ms so 10000=10s. You can also set it to 0 to disable.
To be clear you can absolutely type in exact measurements in the ‘tool controls bar’ for all the shape tools and even individual nodes. Scale and units are easy to switch between and there’s a measurement tool also.
Sorry re-reading my comments it’s not super clear what I meant: nowhere else in the table do they take account for the ‘hidden’ on-going maintenance of looking after a server/self-hosting. So this is the only row where they address ‘cost’ and I just thought it’s a bit optimistic to say replacing all of Spotify just costs a one time server setup and storage. I think you’re saying this row was only meant to indicate financial cost and I agree it’s basically accurate from that meaning. However this is only the ‘initial’ cost. For example a self-hosted server and storage will eventually have to be replaced whereas Spotify will just keep replacing their own servers and that’s already baked into the price of your subscription (caveat: that Spotify price will rise over time).
It’s not a big point really, maybe I’m nitpicking.
I see what you’re saying but nowhere else in that table is cost mentioned. Below the table they say maintanance is minimal. If you’re already looking after storage, containers and server(s) I guess that could be true.
Author says “one-time server setup + storage” but there are a few moving parts and always updates to handle so I’m sceptical this could be truly called ‘one time’ (or any selfhosting). Time will tell I guess. I enjoyed the article though and gave me food for thought.
10Gb is not a big file relatively speaking - both ext4 and btrfs (for example) can handle 16TiB and larger. If this was your only reason for choosing exFAT then you can definately migrate.
Are you using RAID at all? If so ZFS is probably the way to go. If not I think it matters less whether you use either btrfs or ZFS.
Regarding btrfs and power loss:
…btrfs is designed to only experience data loss not corruption, assuming well behaving hardware in power outage scenario. In practice ZFS has more maturity overall (definately) so may be better (my speculation).
Beyond direct comparisons if you already have on and offline backups then you are protected from power corruption and only have to worry about data loss anyway?
Was this comment meant for a different conversation? We’re talking about VPNs here.
I’ve got probably 30+ households of people and multiply that by number of devices…this is also something that will only be live for 12 months maybe. I think if I was doing something long-lived it might be worth the effort to get everyone onto VPN but for this…just can’t justify the time. Thanks anyway.
Hey thanks for this. Yep I’ve got too many users and most are not technical so it’s just a huge headache to get them all onto VPN not matter how simple. That said I’d consider tailscale/funnel for other projects and it’s always good to hear what others are using.
👍 looks like its fairly easy to add something like ModSecurity WAF to nginx
Thought process is: Peertube or some other service’s first job is the purpose for the service, so security likely won’t be as good as a service who’s first job is security.
Really good point. I see many selfhost instructions now that say ‘we don’t bother with HTTPS, just use a proxy to handle that’ and maybe auth should go the same way as in there’s good solutions that specialise in auth so it’s not worth each project doing it themselves.
apps can’t deal with hitting Authentik 1st afaik
Another good consideration. There is an early Peertube app but I doubt my users will be using it, web access is fine for this. Perhaps apps for things like Lemmy/Mastodon/Peertube etc will need to work better with these auth frontends in future.
Synching will create a conflict file when this happens. Nothing is lost but a user must look out for these files and merge manually.
KeepassXC has its own merge logic and will happily absorb changes to a file on disk whilst open. However if two offline machines both change a database then you will get a conflict file and will have to ask keepass to merge them.