haui_lemmy

cross-posted from: https://lemmy.giftedmc.com/post/669265

Today I encountered something new and dystopian:

You can airplay from your iphone to an appletv but now youtube drops and locks the quality at 360p, making the content unwatchable on larger screens.

Once you disable airplay, the quality jumps back to 1080p. If you choose 1080p before and enable airiplay after, it still changes.

This hasnt been an issue for years. this new anti consumer move prompted me to order another raspberry pi to put kodi on.

Hi folks, I'm trying to put my newly acquired HDDs to good use and at the same time manage the minuscule amount of storage my vps has. Since it is hosting several fedi services, I need some external storage and I figured I'd just tunnel some object storage from home.

So I set up a working wireguard connection from my homenetwork to the vps, connected the object storage (GarageHQ) to one end and probably will connect the fedi services (lemmy, mastodon, matrix, peertube) to the other.

Here comes the issue: do I have to make the respective wireguard instances a proxy for the services to be able to speak with each other or do I even have to make a site to site connection to connect the two docker networks?

The connection would look something like this: GarageHQ---WireguardHS---WireguardVPS---Mastodon|Mastodon---NginxPM---OpenWeb

Anyone got something like this to work so far? Am I overlooking something major?

Thanks for reading, have a good one.

I'm currently running both a home server and a VPS. The former is not reachable through the internet, only through vpn. The latter hosts public services.

The VPS is regularly cutting it very close with storage and today I messed up and crashed the whole stack trying to make an impromptu backup. Lesson learned: we need more storage! I could just rent more storage but just today I updated my home server with 16 TB of raid 1 enterprise HDDs.

So I thought I could maybe do a (wireguard) VPN tunnel directly to some storage service that I host on my homeserver. The upload is not great but realistically I dont need much. The important stuff stays on the VPS. Mainly videos, pictures and other stuff that doesnt get accessed a lot should go there. The rest should be "cached" at the VPS.

I would have to host wireguard on a server port, only have it access one folder which doesnt contain anything important, forward the port on the router and have the vps have the keys. Even if someone gets into the VPS and steals the keys, they only get that one file storage folder.

Has anyone done this? Are there services that do this or do I just host wireguard and thats it?

Thanks for reading. Have a good one! :)

I'm thinking of getting a second phone to ease off iOS. It has been good for productivity stuff but the closed off nature of the device keeps disrupting my plans. Everything is either expensive or ad ridden. (Except floccus, floccus is awesome)

So far I have read about graphene OS and am quite interested. I really despise google though. Any chance to use another device and put some linux flavor on it? I was playing with the idea of a pinephone but it seems to be nowhere near daily drivable, fairphone is starting at 580 €, volla phone (german) 450 €...

Some people said xiaomi should be rootable. But the amount of different phones is huge. The price range is awesome though. I was thinking sub 300 €/$ would be awesome so tinkering doesnt hurt me financially.

Disclaimer: I dont want to go full hermit mode with no sim and a faraday bag. I respect the opinion but thats not what I'm trying to do. I want to write some small apps for my phone and use it as a computer if needed. Calling, matrix and browser should work flawlessly.

Any ideas or suggestions? :)

I‘ve been using unique passwords and totp for some time but I get uneasy whenever I use my phone as a mfa. The reason is the worry about losing it and potentially getting locked out of my accounts.

Searching for best practices didnt help so far. Thats why I turn to you.

So far I have my password vault and my phone with an authenticator app. I may have stored two backup codes somewhere but I wouldnt find them, ever. Especially not in panic mode.

Since mfa should actually not be on the same device or at least require different things (password and biometrics) I dont think using the totp of my vault is a great idea, right? Or only if I configured the mfa to ask for a pin while the passwords ask for biometrics or something.

If I did this I‘d still lose everything if the vault got lost but thats what backups are for. This solution does not include the mfa (or backup key) to my vault though.

Ideally, I would put it in an actual vault but so the single point of failure probabilities keep increasing.

Any pros here that solve these binds regularly? Whats the best practice? Is there a 3-2-1-backup equivalent?

Edit: btw here is what I found. The encrypted text on paper idea is pretty good but seems very complex. https://security.stackexchange.com/questions/76464/best-practices-for-usefully-storing-two-factor-authentication-backup-codes

I know, I know, clickbaity title but in a way it did. It also brought in the situation in the first place but I'm just going to deliberately ignore that. Quick recap:

1. I came home at 3pm from the city, my internet at home didnt work.
2. checked multiple devices, phones worked out of wifi, I figured I need to restart the router
3. I login to the router and it responds totally normal but my local network doesnt. (Its always dns, I know)
4. I check the router log and see 100s of login attempts over the past couple of days.
5. I panic and pull the plug, try to get into my server by installing an old monitor, works, many errors about dns
6. Wife googles with her phone, seems I had https login from outside on and someone found the correct port, its disabled now
7. Obviously, local network still down, I replug everything and ssh into the server which runs pihole as dns
8. pihole wont start dns, whatever I do
9. I use history and find I "chmod 700"ed the dns mask directory instead of putting it in a docker volume...
10. I check the pihole.log, nothing
11. I check the FTL log, there is the issue
12. I return it to 777, everything is hunky dory again.

Now I feel very stupid but I found a very dangerous mistake by having my lan fail due to a less dangerous mistake so I'll take this as a win.

Thanks for reading and have a good day! I hope this helps someone at some day.

cross-posted from: https://lemmy.giftedmc.com/post/246881

Is society just a bad dnd campaign?

Being autistic in our world means for me that I have to behave a certain way, speak a certain code and keep certain aspects of myself hidden or risk to get attacked, verbally or physically. I repeat this over and over, day in day out.

Meanwhile I am looking forward to hosting another game of dnd this saturday and it just occured to me that our reality is sad and pathetic while turning to the internet and people outside this oppressive „society“ is like looking at a piece of art. Popping colors and various shapes and interesting objects to behold.

It might be seasonal depression speaking here but it was really palpable right now.

Anyone relate?

cross-posted from: https://lemmy.world/post/12038511

ACAB

https://twitter.com/RightWingCope/status/1758494628481737161

I came up with this a couple minutes ago. I think its funny and maybe helpful? Please be gentle. Have a good one.

0. You shall not join corporate social media
1. You shall not subject your children to predatory marketing techniques
2. You shall spend up to 10% extra to shop locally or with small companies, more if you can
3. You shall voice your support for fairness, equality and against bullying wherever you go
4. You shall not think of living things in hierarchical order (x is better than y)
5. You shall not compromise freedom and privacy for comfort or "sAfEtY"
6. You shall pay techy friends for their help - at least in food
7. You shall install an ad blocker
8. You shall not praise big tech, proprietary products or IP law.
9. You shall not use proprietary software if a good FOSS alternative exists

I have watchtower to keep my 50 production docker containers up to date. So far I have never had to resort to an old image since the new one was bugged but I know of the risks and dont have the --cleanup flag activated so I could easily spin up the old image if necessary. I also keep daily (mirrored) backups so I should be ok in the case of failure.

But I keep running into space issues due to multiple GBs of old images that I have to manually remove to not fill up the rather small ssd.

Does anyone have an idea how to automatically remove all but the newest unused docker image so I can quickly revert to it in case of failure but once there is another unused one of this container it goes away?

It's probably no big deal but searching for it together with watchtower didnt yield anything so far.

Thanks in advance and have a good one.

Hi there! In case you need someone to explain this stuff instead of just reading about it (like I do sometimes), then this is for your. :)