Your friendly neighbourhood sh.it.head
Gamer, book and photography nerd, francophile // Gamer, geek des livres et de la photographie, francophile
Plex HTPC and Plex don't open on Plasma Bigscreen but do on Plasma (main session)
2mon 7d ago in linux@sh.itjust.worksCan't figure out what systemd service is failing.
2mon 18d ago in linux@sh.itjust.worksI havent had the chance to reboot with the parameters mentioned below, but I think it most definitely is the health check (which I have manually configured for everything but syncthing).
Permanently Deleted
2mon 18d ago in linux@lemmy.mlI think I started back in the day with Ubuntu Gnome, with some dabbling in Manjaro and then Arch.
But since then I have used Fedora Workstation, and then Fedora Silverblue / Fedora Kinoite (immutable versions of fedora, with the past several years on Kinoite [kde] over Silverblue [gnome])
On the server side of things, I am using Debian (with everything running in podman containers).
If I were to consider migrating, it would be to migrate my laptop to secureblue (likely, rebasing the OS image rather than clean-installing) and migrate my Windows 11 desktop to bazzite. Both of these are still based on Fedora's immutable base, albeit with changes to the base OS image. At some point in the future, I would also consider migrating my server to an immutable OS, however, which one remains to be seen.
Tailscale serve and sharing devices
3mon 4d ago in selfhostedAs of now I am currently using FreshRSS, although before I properly deploy this to other users in my family / friends I might give Tiny Tiny RSS (tt-rss) a shot as well. I don't think the differences will matter for end-users as the majority of mine will likely all be using it through the API via a mobile app (e.g NetNewsWire (ios & mac), FluentReader (desktop), CapyReader (android) etc. etc.)., however the main difference that will dictate which one I stick with is the filtering capabilities and the ease of setup of article-collection with readibility / mercury to remove extrenuous content / ads.
I am also quite interested in miniflux, although it is quite intentionally bare bones. It lacks a plugin api (a potential security improvement), and instead natively supports many of the things people would use plugins for (native youtube-nocookie embedding / invidious embedding, integrations with readlater services like instapaper and wallabag, etc., integrated article fetching and parsing with readibility [and can change user agent / cookies to bypass bot protections]). It also seems to have a bit better security stance (supporting modern web browser features like passkeys, content sanitization, sanitizing url parameters in share links automatically etc.).
Miniflux definitely feels like the best ratio of ootb functionality + security, but the UI of FreshRSS feels more natural if you envisage less techy users to use it (and in my case I see one person using the website over an app).
That is what it seems like based on what I have read :/
I guess the best option in my case then is likely to add them as a non-admin user to my tailnet. The only concern I have is with the potential of one user deactivating the VPN connection unkowingly, which is probably where Funnel comes in as a better option, but I would prefer to avoid serving stuff on the web when possible. (It is specifically a FreshRSS instance for now)
Yes, there is two ways you can go about this. The way that you are thinking of (and the way that I would ideally like to go about this) is as listed on this help article. This is perfect for sharing a home server to some friends, and letting them access a given service without seeing any of your personal devices.
The other option is to have just one tailnet, but having multiple users as detailed here. Notably this can be a security regression (if you don't limit access on a per-user basis with ACLs), but is ideal for sharing access to your entire network with your spouse / older children within the context of self-hosting.
For example, I have a friend who has shared a minecraft server with me and that is an ideal example of sharing one node to a seperate tailnet. I am an admin of the server, and can manage the docker container for it + the backup sidecar and the SMB share, but that is where my access to his network structure ends.
This contrasts the situation with my partner for example, where we share a tailnet (with seperate user logins) to make things like gamestreaming just that much easier to setup. Hypothetically I can use ACLs to limit access to stuff like the Cockpit web-management portal, or block the SSH port, but I don't feel like I need to in my specific case.
Addendum: I also think sharing the device out strips it of its subnet routes + services, which is part of the problem I am running into where I do want it to strip subnet routing (my elderly parents DO NOT need access to my printer), but I ideally want to be able to still use tailscale serve + services + https certificates to be able to share my self-hosted RSS feed reader for them (ad-free, no AI slop, much better for my one parental figure with early-onset dementia).
Addendum 2: I highly recommend exploring tagging + ACLs if you are looking into personal usage / seperation of networks. It is just a much easier approach of seperating devices that are owned and operated by the same person. I would only explore multi-tailnet option when it is different users and you want to share a very limited scope of your network.
Permanently Deleted
3mon 4d ago in selfhostedI still think a syncthing client of some form is ideal. As someone else mentioned there is the option of using the Syncthing Tray devs experimental android build. To avoid issues with sync-conflicts / maintain high-availability access to the most recent file, I sync the databse to a raspberry pi with the encryption option selected (not that the pi is untrusted per se, but it is a device that doesn't need access to the file, it just serves the most recent changes to other devices since often my laptop / phone / desktop are not all on at the same time).
Snap out of it: Canonical on Flatpak friction, Core Desktop, and the future of Ubuntu
7mon 16d ago in linux@programming.dev from www.theregister.comThe more important metric to Canonical however is corporate / paying customer marketshare - I am guessing it hasn't suffered too much otherwise they would have backed down on some of their decisions regarding snaps.
[Vote] Should we defederate from maga.place?
7mon 19d ago in agora@sh.itjust.worksoui
what's your take on employers banning the use of languages other than English between coworkers at the workplace?
8mon 11h ago in asklemmy@lemmy.mlThat frankly sounds like power-tripping / intimidation, but perhaps I'm biased living amd working in a multi-lingual environment.
If you have cut off mainstream music streaming, how do you discover new music or artists and songs like what you're listening frequently?
11mon 24d ago in nostupidquestionsThere is also last.fm. I would have suggested libre.fm but they are no longer open to registrations it seems
This would replace the "algorithmic" component of spotify, I would still suggest some other options (sharing stuff in your social circle, seeing who opens for your favourite groups etc.)
Removing "Windows Reserved Characters" from file names
1y 1mon ago in linux@sh.itjust.worksOù trouvez-vous des recommandations de livres?
1y 2mon ago in quebec@lemmy.caPS2 Memory Cards - Guidance and Suggestions
1y 2mon ago in retrogaming
Canadian Alternative for Public Transit Maps - Transit
1y 3mon ago in buycanadian@lemmy.ca from transitapp.comCalendar Options other than Tuta / Proton
1y 3mon ago in privacyguides@lemmy.oneDisappointment with Links Awakening Remake (NSW); what could have been a great game hampered by lacklustre controls.
2y 20d ago in patientgamers@sh.itjust.worksHow do people plan for their deaths in terms of account & device secrets (passwords, 2fa etc.)?
2y 20d ago in privacyguides@lemmy.one