dosse91 @ dosse91 @lemmy.trippy.pizza

Posts

4

Comments

137

Joined

2 yr. ago

So, when do we start building robots to preserve humanity?

Imagine using pirated software and allowing it to go online. Loco 🤯

A refurbished Thinkpad T480 could do

I already had a script on the router that I used to notify me of network outages, IP changes, keep the DDNS updated, etc. and I thought it was easier to just add a couple lines to that

The jitsi user is a system user so it can't login even if you set a key for it. Besides, I wouldn't risk it anyway since that user is in the docker group, if it gets compromised somehow, the attacker would have very high privileges.

I think this one beats them all.

My home server keeps a few services up, including an instance of Jitsi Meet. The server runs nixos and the nixos package for jitsi is incomplete to say the least and doesn't even support authentication, so I use the docker-compose version and I have a script that runs periodically to keep it updated. So far so good, right? Well, no.

Because the server is at home, I have a dynamic external IP address, so I have to use a DDNS provider, but jitsi doesn't expect this and uses a stun server at startup to determine the public IP of the server once, so if my connection goes down or is restarted and the IP changes, jitsi needs to be restarted or it won't work anymore.

The solution?

• My router runs OpenWrt, so I am able to run a script that checks for external IP changes. When a change is detected, it uses SSH to connect to my server to restart jitsi
• Because I don't want the router to just be able to run any command, I created a jitsi-restart user that has no shell
• When the router tries to log in with its pubkey, sshd creates a file called restartasap in the jitsi folder and closes the connection
• On the server, there's a systemd unit running a script as the jitsi user that periodically checks for that file, and if it exists it deletes it and restarts jitsi

I've been running this setup since mid 2020 and I expect this to continue until IPv6 becomes the norm.

I switched for good in 2019, when I realized that I was wasting more time getting windows into a usable state than the average arch user.

Privacy and usability were the biggest reasons for me.

Fortnite OS

Good idea, I'll add it to the to-do list for the next major release.

Occasionally some cloud providers or ISPs chime in and offer their servers to the public. If you have an LS server, you can submit it here: https://librespeed.org/submit

I'm the author of the project. The servers are simply overloaded af unfortunately. It's a fairly popular project and we don't have enough servers to support this many concurrent users.

Exo one
POOLS

Basically anything that's just exploration and atmospheric will do.

It doesn't need javascript from "20 different domains", only a file called empty.php is fetched from those servers to measure the ping. The javascript is hosted on librespeed.org, which is under my control.

Damn, never thought I'd live to see the enshittification of F-Droid. I definitely won't be using it anymore if this happens.

Hi, I'm the original author of LibreSpeed. When you load the website it downloads a list of servers and tries all of them to see which one has the lowest ping, that's what you're seeing.

I know, I've been using it since 2010, when it was still called CyanogenMod :)

Wow, I never thought I'd agree with the devs of GrapheneOS on something

I personally don't see anything wrong with it, unless it's forced, which is unfortunately common here.

It means it's what we in the trade call "a nothingburger". On Windows you need to explicitly install a malicious driver (which in turn requires to you to disable signature verification), on Linux you'd have to load a malicious kernel module (which requires pasting commands as root, and it would probably be proprietary since it has malware to hide and as every nvidia user knows, proprietary kernel modules break with kernel updates)

I'd say ffmpeg is a good example, it's used by almost every piece of software that has to manipulate audio or video (including messaging applications), yet not many people know about its existance.