vegetaaaaaaa @ vegetaaaaaaa @lemmy.world

https://gitlab.com/nodiscc/ · https://github.com/nodiscc/

---

Read more

Posts

8

Comments

253

Joined

2 yr. ago

I see, agree with you that it should be supported by the terraform provider if it is at the VM .conf level... maybe a new attribute in https://registry.terraform.io/providers/Telmate/proxmox/latest/docs/resources/vm_qemu#smbios-block? I would start by requesting this feature in https://github.com/Telmate/terraform-provider-proxmox/issues, and maybe try to add it yourself? (scratch your own itch, fix it for everyone in the process). Good luck

I was under the impression that cloud-init could only really be used to run commands inside the guest?

Yes that's correct, I didn't realize you had something to do outside the guest to enable it. What exactly? How do you solve it manually for now?

I would have liked for this to be possible directly through Terraform

Is it this proxmox provider? It does allow specifying cloud-init settings: https://registry.terraform.io/providers/Telmate/proxmox/latest/docs/resources/cloud_init_disk. So you can use runcmd or similar to do whatever is needed inside the host to enable Intel SGX, during the terraform provisioning step.

AppArmour support for VMs, which is a secure enclave too (if I understand correctly).

Nope, Apparmor is a Mandatory Access Control (MAC)) framework [1], similar to SELinux. It complements traditional Linux permissions (DAC, Discretionary Access Control). Apparmor is already enabled by default on Debian derivatives/Ubuntu.

I would check enabling it from cloud-init and/or during an initial provisioning step using ansible

You can probably use it by templating out https://github.com/nodiscc/xsrv/blob/master/roles/homepage/templates/index.html.j2 manually or using jinja2. basically remove the {% ...%} markers and replace {{ ... }} blocks with your own text/links.

You will need a copy of the res directory alongside index.html (images, stylesheet).

You can duplicate col-1-3 mobile-col-1-1 and col-1-6 mobile-col-1-2 and divs as many times as you like and they will arrange themselves on the page, responsively.

But yeah this is actually made with ansible/integration with my roles in mind.

So much server-side code :/ I wrote my own in pure HTML/CSS which gets rebuilt by ansible depending on services installed on the host. Basic YAML config for custom links/title/message.

Next "big" change would be a dark theme, but I get by with Dark Reader which I need for other sites anyway. I think it looks ok

Lemmy/Reddit feeds, Yotube channels and other video hosting sites, IT/technical blogs and websites, software releases, newspapers, personal blogs... Currently there are 651 feeds in my feed reader. Actually found this post in my RSS feeds.

I think Shellhub might do the trick

• https://www.shellhub.io/
• https://github.com/shellhub-io/shellhub

• set up a LDAP directory server (i use openldap)
• create users on the LDAP directory server
• setup all services/applications to authenticate users aginst the LDAP server

Disk I/O always been the weak point of RPi, with slow USB being the only way to attach drives, and the USB port sharing the same bus as the network controller. A requirement for a frequently used Network-Attached Storage is... well... decently fast network and storage access. The Pi will not cut it for this specific task (moving external USB drives around your house would be faster and more practical).

But other sites, like Instagram, don’t provide feeds directly. To get those feeds, you’ll need some kind of service that scrapes content from Instagram and creates a feed from that. I’m sure there are selfhosted options for this

https://github.com/RSS-Bridge/rss-bridge !

It's MIT https://github.com/go-gitea/gitea/blob/main/LICENSE

Do I have to use a special NAS-specific OS to make use of the NAS hardware? Like to do snapshots and stuff?

No, these features are provided by various components, which are available in any modern OS. Snapshots for example can be provided by LVM or ZFS. Disk fault tolerance (RAID) is typically provided by LVM-RAID, ZFS, or plain old mdadm, or a hardware RAID card.

Kinda related: what if I install something like Debian/Ubuntu on it? Can I still use the NAS hardware in the same way?

You can, provided you set up these components yourself. Pre-made NAS OS like OpenMediaVault or TrueNAS will have these set up out-of-the-box. Web-based configuration interfaces are often specific to these pre-made distributions, so if a Web UI is a must-have, you will have to find suitable alternatives (for example cockpit, web-based file managers, web-based user management tools, etc)

TrueNAS is FOSS.

I don't think it is? https://www.truenas.com/docs/core/gettingstarted/useragreements/coreeula/

I use netdata badges to display the current status of services/HTTP checks to my users.

how do I check?

https://datatracker.ietf.org/doc/html/rfc1918#section-3

https://michael.orlitzky.com/articles/in_defense_of_self-signed_certificates.xhtml

SFTP mountpoint + rsync (or grsync GUI) or unison (or unison-gtk GUI)?

https://gitea.com/gitea/awesome-gitea

run ip route and ip route get $CLIENT_PUBLIC_IP on router B and see if it has a route to the client, and/or if the default route is correct. Its default gateway might not be set correctly (it should be router A)

and responds appropriately (SYN, ACK),

Does it respond to the client address (public IP?)