smiletolerantly @ smiletolerantly @awful.systems

Posts

5

Comments

426

Joined

1 yr. ago

We expose about a dozen services to the open web. Haven't bothered with something like Authentik yet, just strong passwords.

We use a solid OPNSense Firewall config with rather fine-grained permissions to allow/forbid traffic to the respective VMs, between the VMs, between VMs and the NAS, and so on.

We also have a wireguard tunnel to home for all the services that don't need to be available on the internet publicly. That one also allows access to the management interface of the firewall.

In OPNSense, you get quite good logging capabilities, should you suspect someone is trying to gain access, you'll be able to read it from there.

I am also considering setting up Prometheus and Grafana for all our services, which could point out some anomalies, though that would not be the main usecase.

Lastly, I also have a server at a hoster for some stuff that is not practical to host at home. The hoster provided a very rudimentary firewall, so I'm using that to only open necessary ports, and then Fail2Ban to insta-ban IPs for a week on the first offense. Have also set it up so they get banned on Cloudflare's side, so before another malicious request ever reaches me.

Have not had any issues, ever.

Why tho? Over here they don't need refrigeration, keep longer, and are still salmonella-free. Really unproblematic to eat them raw as well.

I am using both and this somehow made it to my phone, wtaf

Yeah, +1.

I've been an avid fan of applocation launchers like rofi and dmenu on the desktop forever, and the "swipe down and immediately search" feels as close as it can get to the mobile equivalent of those.

When I first switched to nix, I made an error copy-pasting my hashed password into a secrets file.

Reninstalled the system 5 times, each time immediately locking myself out, almost

Managing ~35 machines without issues now though.

Dang, oof

FWIW, Lidarr works the worst out of the arr stack for me too. I don't know if there's just not enough well indexed material in my sources or what, but yeah, not great.

If your entire experience with the arr stack has been Lidarr so far, give it another shot! Sonarr and Radarr work absolutely perfectly. It's just such a nice feeling to open Jellyfin (or I guess Plex) on the TV and go "oh nice new episode is out!"

Might even be worth checking if https://github.com/NixOS/nixos-hardware has a straight-up fix for the issue.

😭

I usually do, I promise. Anyways, that was 6 years ago. We're stil going strong, making the most of life in this universe :)

Sorry, I should have gone more into the actual belief. For her it was less of an "if I make a decision that leads to my death in this universe, there surely is a parallel universe where I did not!", it was "if I die in this universe, thanks to an infinite multiverse, there must be one where I spontaneously start exisitng with all my exact memories from the previous life".

Oof that reminds me...

When my partner and I had already been living together for a while, we had one of those "cuddle on the couch and deeptalk" days, when she confided that, while she was not religious in any traditional sense of the word, she felt immensely comforted by the thought of an infinite multiverse existing.
"If there's an infinite amount of parallel worlds, then I choose to believe that even if I die here, life goes on in another world, so in a sense my being and existence do not simply vanish completely. Same for you! And hey, even if we both die, we'll get to continue living together in some version of the infinite multiverse!"

It was clearly a thought that comforted her a lot, and at the same time a rather intimate belief that she chose to share with me. So, like the idiot I am, I stared her in the face blankly and went "There's an infinite amount of numbers between 0 and 1, and none of them are 2".

I really regret that. She let me know later that that one sentence shattered the belief for her. Which is sad, because it's such an innocent thought. There's no religious behaviors or conditions or rituals attached to it, it's just comforting.

I have been scrolling on the front page for a couple of minutes now, and I was going to write that it's literally all conspiracy theories, but that's not true, there's also some "sponsored" posts AKA ads sprinkled in.

What a sad joke.

If you think the fediverse is too centralized, you can always host your own instance. You get all the same "free speech" benefits (plus no free-speech ban on drugs and porn), without having to put one foot into that cesspit of a site.

Edit: oh, and that has to be the worst moderation system ever devised - at least if you are a woman or any kind of minority. Good fucking luck in finding a random jury of users who will ever, ever ban a racist or sexist piece of shit on a platform like this. Come to think of it, that's probably the idea and justification behind the system: being able to loudly proclaim "we have a democratized ban system ensuring moderator overreach is impossible!" does make a great dogwhistle for "you can be a terrible human on here, don't worry"

• has a dick so utterly ginormous that even the slightest bit of arousal drains a sufficient amount of blood from his system to make him pass out

Yeah :(

Hi. I'm German. I bake my own bread. My parents bake bread. My brother bakes bread.

We freeze the bread after it's cooled down from being baked.

You know why?

Because that way, it's great even weeks later.

Sure, nothing beats bread that's just out of the oven. But honestly, I think I prefer bread that's been frozen and reheated even to bread that's only 1-2 days old.

Waaaaaay Less stale.

Yeah. Everytime I'm for a visit, I have to show my mom again how to copy/paste things, access files on her USB drive, where to click to do an update,...

But she loves Bitwarden. Has been app consistent in using random passwords for logins, both on desktop and mobile.

It
Dozen (read: doesn't)
Even
(states of) Matter

Thanks, but for the little C# I need to write I'll stick with nvim :D (Yeah yeah I know)

Incidentally, when I started to learn programming, I definitely was using an IDE (I can honestly not remember which one - I was following some book which included the setup of the IDE and instructions for that IDE only).

But even back then it always bugged me that I did not know what was going on in the background. When a button did not do what the book said it would do, that would turn into frustration because I could not understand what had happened, or why something failed. Sure, part of that was just inexperience, but even today, I easily despair at GUIs.

I could for example never get started with Godot because my brain just does not connect all the checkboxes and sliders with what is happening in the background. Bevy, on the other hand, was super easy to pick up precisely because there is no GUI.

Maybe I am just weird.

(Also I do not want to discourage anyone from using GUI tools, I originally just commented to support the "Linux is dev friendly" statement)

Hm, yeah, if you have an IDE made for your language, I suppose you can get around it for most things. (But that is not Windows-specific, most of those exist for Linux as well, after all).

Still, I have (for example) not worked in any project yet that did not have some bash scripts to automate project-specific tasks. Ireonically, the only person using a full-blown IDE in my team is also an absolute crack at the CLI.

I know those are anecdotal, but I would still maintain that it is very difficult to completely get around the CLI, and frankly, I do not see the benefit of doing so. An IDE is esssentially a nice wrapper around tons of CLI tools, and being able to use and understand them can only be beneficial.

Fair, but for those there presumably is a CLI as well? And conversely, what is stopping you from using a GUI debugger onLinux?

I was more thinking along the lines: you'd be hardpressed to find a debugger that does not have a CLI