Foster Hangdaan

Just a random person who likes building software and configuring Linux.

  • 0 Posts
  • 24 Comments
Joined 2 months ago
cake
Cake day: September 13th, 2024

help-circle

  • Foster HangdaanAtoLinux@lemmy.mlBest Distro
    link
    fedilink
    arrow-up
    3
    ·
    11 days ago

    I use Arch for personal and gaming, Debian for self hosting and hacking, Alpine for containerized cloud deployments.

    Pretty much the same for me: bleeding-edge Arch for my workstation, rock-stable Debian for my server.





  • They are the project’s subfolders (outside of the Git repo):

    • code contains the source code; version-controlled with Git.
    • wiki contains documentation and also version-controlled.
    • designs contains GIMP, Inkscape or Krita save files.

    This structure works for me since software projects involve more things than just the code, and you can add more subfolders according to your liking such as notes, pkgbuild (for Arch Linux), or releases.






  • Foster HangdaanAtoPrivacy@lemmy.mlDoes anyone here use GNU Jami?
    link
    fedilink
    arrow-up
    3
    arrow-down
    1
    ·
    edit-2
    1 month ago

    I recommend Peer Calls as an alternative. Peer Calls uses peer-to-peer communication similar to Jami. You can check out Peer Calls on Github for more info.

    So, in short, the things I really like about it:

    • Simple to selfhost - Only one Docker container with no dependencies (database, storage, etc.) and you only need to forward HTTP/S traffic.
    • Lightweight - You get voice and text chat; screen and file sharing. All of it directly P2P.
    • Private - Selfhosting the signaling server will grant you control over the only step which requires a central server during the WebRTC connection process.
    • No accounts - Just start using, no accounts are involved.


  • Definitely best to get that done ASAP. Forgejo being a drop-in replacement for Gitea won’t be guaranteed ever since the hard fork:

    To continue living by that statement, a decision was made in early 2024 to become a hard fork. By doing so, Forgejo is no longer bound to Gitea, and can forge its own path going forward, allowing maintainers and contributors to reduce tech debt at a much higher pace, and implement changes - whether they’re new features or bug fixes - that would otherwise have a high risk of conflicting with changes made in Gitea.



  • I wonder sometimes if the advice against pointing DNS records to your own residential IP amounts to a big scare. Like you say, if it’s just a static page served on an up to date and minimal web server, there’s less leverage for an attacker to abuse.

    That advice is a bit old-fashioned in my opinion. There are many tools nowadays that will get you a very secure setup without much effort:

    • Using a reverse proxy with automatic SSL certs like Caddy.
    • Sandboxing services with Podman.
    • Mitigating DoS attacks by using a WAF such as Bunkerweb.

    And of course, besides all these tools, the simplest way of securing public services is to keep them updated.

    I’ve found that ISPs too often block port 80 and 443. Did you luck out with a decent one?

    Rogers has been my ISP for several years and have no issue receiving HTTP/S traffic. The only issue, like with most providers, is that they block port 25 (SMTP). It’s the only thing keeping me from self-hosting my own email server and have to rely on a VPS.




  • Foster HangdaanAtoLinux@lemmy.mlMy move to Linux
    link
    fedilink
    arrow-up
    8
    arrow-down
    1
    ·
    edit-2
    2 months ago

    Notepad++ is a fabulous software program that had no complete alternatives on Linux. I used it for scripting, text manipulation, note taking, dumping and editing thoughts. Scintilla-based equivalents Geany, SciTE exist, but do not come close.

    Really? No alternatives on Linux? Have you tried Emacs? I think Emacs with Org mode blows Notepad++ out of the water in all the uses you just mentioned.



  • First of all, doesn’t Navidrome have authentication? So, I don’t see why exposing it to the public is a problem.

    Second, some reverse proxies support basic auth. This way, you can password-protect some services and is useful if the service does not have its own authentication. Here as an example snippet for Caddy:

    example.com {
    	basic_auth {
    		# Username "Bob", password "hiccup"
    		Bob $2a$14$Zkx19XLiW6VYouLHR5NmfOFU0z2GTNmpkT/5qqR7hx4IjWJPDhjvG
    	}
    	reverse_proxy myservice:8000
    }
    

    You’ll have to look up the docs for other reverse proxies.