overview for slug

Help me harden my home server in c/[email protected]

[–] [email protected] 6 points 1 week ago (6 children)

does anyone have an actual horror story about anything happening via an exposed web service? let's set aside SSH

Excluding shorts from Youtube RSS feeds in FreshRSS, regardless of #shorts in the title in c/[email protected]

[–] [email protected] 1 points 2 weeks ago

i'm pretty sure you can just drop the normal channel url into freshrss and it'll convert it automatically. maybe it's an extension doing that though

Is Mac Mini suitable for self-hosted server? in c/[email protected]

[–] [email protected] 2 points 2 weeks ago

i have one running debian as a secondary backup to run just smart home stuff and pi-hole. you can set it up to start back up after power failure. was like $50 used. there's basically no point in it being a mac rather than an old lenovo machine, but it sure is cute looking.

spoiler

> $ neofetch
       _,met$$$$$gg.          
    ,g$$$$$$$$$$$$$$$P.       -----------
  ,g$$P"     """Y$$.".        OS: Debian GNU/Linux 12 (bookworm) x86_64
 ,$$P'              `$$$.     Host: Macmini7,1 1.0
',$$P       ,ggs.     `$$b:   Kernel: 6.1.0-25-amd64
`d$$'     ,$P"'   .    $$$    Uptime: 1 day, 3 hours, 35 mins
 $$P      d$'     ,    $$P    Packages: 2708 (dpkg)
 $$:      $$.   -    ,d$$'    Shell: zsh 5.9
 $$;      Y$b._   _,d$P'      Terminal: /dev/pts/0
 Y$$.    `.`"Y$$$$P"'         CPU: Intel i5-4260U (4) @ 2.700GHz
 `$$b      "-.__              GPU: Intel Haswell-ULT
  `Y$$                        Memory: 687MiB / 3791MiB
   `Y$$.
     `$$b.
       `Y$$b.
          `"Y$b._
              `"""

21

Excluding shorts from Youtube RSS feeds in FreshRSS, regardless of #shorts in the title (mollusq.org)

submitted 2 weeks ago by [email protected] to c/[email protected]

3 comments fedilink

this is a really underdocumented feature that this extension supports, wanted to share it with people. i've never written and shared a blog post like this before so feel free to give me tips about documenting steps or point out any errors i made. i kinda take docker knowldge for granted, not sure if i should avoid that. here's the contents:

I came across documentation for this in the readme for the FreshRSS extension YoutubeChannel2RssFeed. The method involves running an instance of the Youtube-operational-API (there was a public instance that has been cease and desisted by Google, see here) and plugging the extension into it.

YoutubeChannel2RssFeed Extension

TL;DR install this extension

git clone https://github.com/cn-tools/cntools_FreshRssExtensions.git
cd cntools_FreshRssExtension
cp -r xExtension-YouTubeChannel2RssFeed <your_freshrss_data_directory>/config/www/freshrss/extensions

Youtube-operational-API instance

Here's a Docker compose.yml for running both

services:
  freshrss:
    image: lscr.io/linuxserver/freshrss:latest
    container_name: freshrss
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=America/Los_Angeles
    volumes:
      - ./freshrss/config:/config
    ports:
      - "8811:80""
    restart: unless-stopped
  youtube-operational-api:
    container_name: freshrss-yt-o-api
    image: benjaminloison/youtube-operational-api:latest
    restart: unless-stopped
    ports:
      - "8812:80"
    depends_on:
     - freshrss

Configuring extension

In FreshRSS, log in as admin and go to Configuration > Extensions. Turn on YoutubeChannel2RssFeed under User extensions and click the gear to configure.

Set Youtube Shorts to be marked as read or blocked completely. Enter the URL for your yt-o-api instance. Based on the above compose file it would be http://freshrss-yt-o-api:8812. Submit changes.

For me this worked immediately, no shorts ever show up in FreshRSS for my Youtube feeds. I haven't seen this documented anywhere else so I wanted to mirror it somewhere.

Browse FreshRSS like YouTube: "Youlag Theme for FreshRSS" in c/[email protected]

[–] [email protected] 17 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

pretty cool, i want to encourage this purely in the interest of building up a community of more interesting themes. that part of freshrss is so bland.

Actual Budget is a fantastic FOSS budgeting tool that you can self-host in c/[email protected]

[–] [email protected] 3 points 2 weeks ago

i've been enjoying it, the docs are really good. i think it could be a little "smarter" like with recognizing schedules, but it'll only get better. a major limiting factor for me that isn't any fault of actual is that my apple card either through simplefin or manually exporting only allows download of the previous month's transactions after closing. so for that account it's not really useful for seeing where i'm at budget-wise halfway through the month, only in retrospect and forecasting.

GameVault - "the self-hosted gaming platform for drm-free games" in c/[email protected]

[–] [email protected] 4 points 1 month ago

just gonna be 100% upfront, i would only use this if it could index my downloads folder of pirated games that are folders with setup.exe inside

Services for removing your data from public databases in c/[email protected]

[–] [email protected] 1 points 3 months ago

ars posted this article today: https://arstechnica.com/gadgets/2024/08/its-not-worth-paying-to-be-removed-from-people-finder-sites-study-says/

takeaways:

the paid automated options don't work very well
easyoptouts had the best success rate at (only) 65%
claims connections between the data sites and removal sites -- i certainly saw a few ads on the sites but nothing points any fingers at any of the services mentioned in the comments here.

i ended up using kanary and optery in the free tier and doing the removals manually. but to follow up on my OP, there's no service i've seen that goes any deeper than what comes up on google, which is disappointing. there are larger, private databases (such as lexisnexis) which was hoping to be able to get out of.

Services for removing your data from public databases in c/[email protected]

[–] [email protected] 2 points 3 months ago (3 children)

anyone else have experience with this one?

Services for removing your data from public databases in c/[email protected]

[–] [email protected] 1 points 3 months ago

Yeah true. I think what I'm looking for is a reasonable cost/benefit/time investment, like maybe I'll order a Kanary scan once a year and manually opt them all out. I did kanary this afternoon and the vast majority only had my voter registration info, but a few had attached my cell number which might be from the WhoIs data. If I can slow the spread of that for <$20/year I'll feel satisfied.

Services for removing your data from public databases in c/[email protected]

[–] [email protected] 3 points 3 months ago (2 children)

I see the logic if I was continually making potential leaks (I guess we all are), but for trying to clean up a specific thing like my case, I suppose I can just buy one month.

Services for removing your data from public databases in c/[email protected]

[–] [email protected] 4 points 3 months ago

very cool thanks

Services for removing your data from public databases in c/[email protected]

[–] [email protected] 3 points 3 months ago* (last edited 3 months ago) (4 children)

Checking them out, thanks. I kinda wish there was a different pricing model than a subscription for this kind of service.

edit; after signing up i can actually see within the free tier that there's a "buy custom scan" option which might allow more piecemeal payments, gonna look into it

76

Services for removing your data from public databases (lemmy.world)

submitted 3 months ago by [email protected] to c/[email protected]

25 comments fedilink

Last year I did a major fuckup and bought a .us domain without noticing that they don't support WhoIs privacy, so my name number and address became part of the public WhoIs database scrapes. Since then my spam texts and calls have vastly multiplied. I'm realistic about the fact that the damage is done and it'll always exist out there, but I would happily pay some money to a service that sends takedown requests for the data in the public databases like LexisNexis etc. to lessen the damage. Do you know of any services that do this somewhat reliably? Or even a guide or something about doing this manually?

38

Separate 2FA OTP app from my password manager (lemmy.world)

submitted 3 months ago* (last edited 3 months ago) by [email protected] to c/[email protected]

27 comments fedilink

Do you think it's worth keeping 2FA OTPs in a separate source from your password manager? Currently I keep them in Bitwarden. I was thinking keeping them separate could add a little extra security in case my BW was cracked, but not sure it's worth the hassle of loading a second app for logins.

Do you know of an app that does 2FAs as conveniently as Bitwarden, in that it has mobile apps, browser extension, etc that can all access the same vault?

here's one i came across from an awesome-selfhosted list. i would need to test the PWA experience https://github.com/Bubka/2FAuth