vegetaaaaaaa @ vegetaaaaaaa @lemmy.world

https://gitlab.com/nodiscc/ · https://github.com/nodiscc/

---

Read more

Posts

8

Comments

253

Joined

2 yr. ago

run docker without sudo.

Doing that, you effectively give the user account root access without password

docker run --volume /etc:/host_etc debian /bin/bash -> can read/write anything below the host's /etc directory, including shadow file, etc.

Careful this will also delete your unused volumes (not attached to a running container because it is stopped for whatever reason counts as unused). For this reason alone, always use bind mounts for volumes you care about.

Matrix (synapse) + element-web works for me, although I didn't get many people on board.

Mumble is what I use the most, with 2-10 users - it's primarily for VoIP/gaming comms, but also has basic text chat. Text messages are not persistent though, and there is no web interface, only desktop/mobile clients.

For pragmatism, I just use Signal (not self-hosted) because it is at least partly FOSS, looks reasonably secure/private, and the UX is good enough so I could get people to use it.

Second GNUCash or homebank. I sync the database between machines using nextcloud.

Markdown file + Nextcloud Notes?

I'm interested in the same thing (both query upstream DNS over HTTPS servers, and answer to DoH queries), but using dnsmasq. I haven't had much time to look into this yet, but will definitely try to implement it later, so any recommendations would be appreciated. So far my research notes on this topic only contain:

    
https://wiki.archlinux.org/index.php/Dnscrypt-proxy
https://packages.debian.org/sid/main/nss-tlsd
https://packages.debian.org/sid/main/tlslookup
https://blitiri.com.ar/git/r/dnss/b/master/t/f=README.md.html

  

I have the exact same setup and it's woking fine, nothing wrong with it.

My only gripe with KeepassXC is that you can't share - or so I thought - a subset of passwords from your keepass database with other people, without sharing the full database and master password. But I just read that it is in fact possible

• Network Topology Diagram/Map Tools? - Lemmy.world

I install/configure/manage it using this ansible role that uses native debian packages. Experience up to 4-5 users is good on a low-end cheap VPS (2GB RAM, 2 vCPU)

I also use graylog to aggregate logs from various devices (mostly from rsyslog over SSL/TLS). The only downsides for me are the license (not a big problem for a personal setup), and resource usage of the general graylog/elasticsearch stack. I still think it's great.

I use this ansible role to install and manage it.

For simpler setups with resource constraints, I would simply use a rsyslog server as aggregator instead of graylog, and lnav for the analysis/filtering/parsing part

Nextcloud Deck?

Edit: read full post too hard for grug. grug use nextcloud tasks. nextcloud deck too confusing for grug. grug rather use actual paper sticky notes

The rate limit for GraphQL is allowing up to 5000 points per hour

When using the automatic GITHUB_TOKEN created for each GH actions workflow, the limit is only 1000 requests per hour [1]. The list has 1080 projects whose source is hosted on github, and we must do 2 API calls for each one because for some reason the date of last commit to the default branch is not available directly from the repos API endpoint [2] (do not trust updated_at/pushed_at, it's a lie). So we currently have to add a sleep of ~7 seconds between each API call to not hit the rate limit for the metadata update job that runs daily.

The limit of 5000 requests/hour only applies to personal access tokens which have far too many permissions on my personal account to be used in a shared/community project.

Someone in https://old.reddit.com/r/selfhosted/comments/15y7y36 mentioned https://analyzemyrepo.com/analyze/inventree/InvenTree which may be interesting to integrate somehow.

Very sorry for the missing attribution. I added it in the header, should be online now.

No problem, thanks for fixing it so quickly!

at least it provides the ability to find projects that likely support docker for example

This information is already present but we need to make it easier to browse projects by platform -> https://github.com/awesome-selfhosted/awesome-selfhosted-data/issues/71

There should be a label with the max number of commits to provide some scale,

^{now I see it but it's a bit small :)}

I looked a bit into how best to determine the activity level of a project and for me commit history is one of the strongest signs. Also Github uses this kind if graph in a users repo overview so its already familiar to GitHub users.

I see, I agree it's a good metric. I am wary of adding too much information that relies on Github APIs because 1. it encourages centralization on a proprietary platform 2. we are already running into API rate limits with just the info we currently gather (stars count + last commit date). And we would need a way to store this graph information in the raw YAML data somehow. If you want to create an issue for this, to gather more feedback and so it can be discussed further, please do!

Hi, sorry to bother you with this first off, but please comply with the license since this is a derivative work. It just needs attribution, a link back to the project, and a link to the license (like data by the awesome-selfhosted community, licensed under CC-BY-SA 3.0) somewhere (page footer is fine). It's nothing against you or your site, but the license must be enforced.

I'm not sure topic tags defined by project owners are very relevant or useful? vuejs hacktoberfest javascript, etc... at least some are redundant with the description/language tag, or just filler words... If you're looking for a specific word on https://awesome-selfhosted.net/, isn't the search feature enough? Interested to hear other opinions.

Icons are interesting, maybe you'd like to open an issue for this? We could try to add icons to each item (a number of them can probably be automatically gathered through Github's API like you did)

Commit history graphs don't really help much (as no scale is shown), but maybe we could improve the way project "activity" levels are displayed on https://awesome-selfhosted.net. Currently we only show the date of last commit to each project. I think it is useful but it does not tell musch about the frequency of commits.

Local Network Wiki - Lemmy.world

I think this is the 5th post asking this

Agree, there are a few topics like this. Other ones being "backup software recommendation" threads, "look at my dashboard" threads, "what should I self-host" threads... I just post a comment linking to previous threads like this https://lemmy.world/comment/1761863. Maybe after a while they will learn... On the other hand Lemmy's search feature is not very pleasant to work with, so I don't blame OP. Maybe there should be a pinned post about "frequent" questions.

On topic: single DB engine/service, connect each app to this DB service, and let each one have its own database in it. Anything else degrades performance and makes backups more complex.

manual install cant easily be updated

It definitely can, been doing it for years. Just bump the version number in nextcloud_version, deploy, done.

look at which processes have the highest used memory

You can also do that from the Applications menu in netdata, mem chart.

I would also check the swap usage chart, I also think parent poster is correct and you are running into memory exhaustion, systems suddenly starts swapping like mad, disk I/O spikes, causing general unreponsiveness.

IMAP server like dovecot https://lemmy.world/comment/813653

Access it from thunderbird or a dedicated web interface (still can't find a good one after all these years)

I did setup Unattended Upgrades and it works OK, but there was a little bit of work involved in getting it setup just right. I don’t relish the idea of doing that another 40 or so times for the rest of my fleet.

automate it! I run unattended-upgrades on dozens of servers without any problems: [1] [2]. Configuration is actually really simple.

I use other methods for things that are not distribution packages [3], but for APT upgrades unattended-upgrades is the only correct™ solution.