Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)X

xinayder

@ xinayder @infosec.pub

Posts
4
Comments
73
Joined
3 yr. ago

  • Where to buy cheap HDDs in EU?

    Jump

  • My idea was to run it in a mini PC, where I self host some services. I'm not sure if there are HBAs in a small form factor that would allow me to install it on the mini PC (GMKtec G10).

  • Where to buy cheap HDDs in EU?

    Jump

  • I see some WD Elements external HDDs and they seem to be cheaper than internal HDDs. I don't know if they're worth it, though. For example, a 5TB one is about $130.

  • VoidAuth Release v1.4.0 - SQLite Support 🗃️

    Jump

  • Authentik supports more authentication types and I think it's more stable so you can use it in larger production servers. VoidAuth seems to be a lightweight alternative that only provides OIDC.

  • Deleted Locked

    Permanently Deleted

    Jump

  • Both. How do I get started creating a new article, and how do I contribute to them, or other articles?

  • Podman Quadlets are so cool

    Jump

  • If you have caddy as a reverse proxy inside podman user namespace separated networks, they don't take the upstream client IP address and instead you get local IP addresses assigned to logs. Socket activation is kinda required if you want to get the client's real IP address in your logs.

  • Your favourite piece of selfhosting - Part 1 - Operating System

    Jump

  • I use openSUSE MicroOS as the container host, with podman. It was a bit tricky to install it in my Hetzner VPS and get used to how MicroOS handles system updates (it's an immutable system), but I am quite happy with it. I found it interesting and decided to try out so I could learn how to use the system.

  • Deleted Locked

    Permanently Deleted

    Jump

  • How do I get started on contributing to new articles (written by a human) for my language? I always wanted to help out but never found an easy way to do so.

  • You Should Run a Certificate Transparency Log

    Jump

  • With Encrypted Client Hello you can have some more privacy on obtaining certificates for wildcard domains, IIRC.

  • CoolerControl is a feature-rich cooling device control for Linux - v2.0 out now with major new additions

    Jump

  • You can, you can create a profile based on a sensor. I had to install the it87 driver for Linux to identify the case cooling fans I had.

  • Security of running Headscale on a VPS

    Jump

  • I had the same considerations when I self-hosted headscale as the controller for accessing my VPS. However, I figured that it shouldn't be a big deal, and there's no chance of someone registering rogue devices on your mesh, because, even though any device can request enrollment to Tailscale, ultimately you need to execute a command in your headscale server to confirm the enrollment/account creation, so there shouldn't be that much of a problem leaving the web server exposed.

  • Asking for suggestions regarding Rootless Podman

    Jump

  • One more question, how did you manage to get the reverse proxy to proxy your pods? I just added two containers to one, and I cannot access the containers anymore by their names. Do I need to expose their ports on the pod configuration?

  • Asking for suggestions regarding Rootless Podman

    Jump

  • Personally, I would avoid host network mode as you expose those containers to the world (good if you want that, bad if you don’t)… possibly the same with using the public IP address of your instance.

    My instance is only exposing the HTTP/HTTPS ports, those are the only ports enabled in the firewall.

  • Asking for suggestions regarding Rootless Podman

    Jump

  • It seems simple. Does it use pasta as the default networking backend? Also, I guess separating each app into their own network is added security, right? So if anything happens to one app, it cannot move laterally to the other apps unless it manages to gain access to the reverse proxy, which then it would be a huge problem.

  • Selfhosted @lemmy.world
    xinayder @infosec.pub

    Asking for suggestions regarding Rootless Podman

  • “Something has gone seriously wrong,” dual-boot systems warn after Microsoft update

    Jump

  • Yes, it made people realize we don't need Secure Boot and it's just a pit of vulnerabilities.

  • What keeps dimming my monitors?

    Jump

  • I realized it happened with me whenever my computer was idle for a few minutes and the monitor turned off. Eventually it fixed itself, but it sure was annoying having to change the brightness back to the value it was before it went on stand-by.

  • Study Finds Consumers Are Actively Turned Off by Products That Use AI

    Jump

  • Do you have to do this every time you update your phone?

  • Study Finds Consumers Are Actively Turned Off by Products That Use AI

    Jump

  • Care to share how you disabled every bit of AI in the phone?

  • Study Finds Consumers Are Actively Turned Off by Products That Use AI

    Jump

  • Yet companies are manipulating survey results to justify the FOMO jump to AI bandwagon. I don't know where companies get the info that people want AI (looking at you Proton).

  • From reddit selfhosted: What do you wish you knew from the start

    Jump

  • I maintain the DNS plugin for Vultr and I can say that it's "safe", but if you're worried you should check their source code.

    I believe it's easier to have a vulnerability in the external provider's API (for example, caddy-dns/vultr uses govultr) than Caddy. But I wouldn't take things for granted if I was skeptical about these plugins.

  • Selfhosted @lemmy.world
    xinayder @infosec.pub

    Cheap, OpenWrt compatible routers with WiFi 6?

  • Selfhosted @lemmy.world
    xinayder @infosec.pub

    What's the best approach to deploy a static website to K8s cluster from a CI pipeline?