Maybe, I’m self hosting several trees, so… 🤷♂️
SayCyberOnceMore
- 9 Posts
- 392 Comments
Joined 2 years ago
Cake day: June 17th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
Depends on the variety of course… my Willows need cutting down, whereas the acorns I planted before the willows are still tiny oaks in pots 🙂
11·3 days ago** SOMETIMES IT IS **
(Sorry, couldn’t resist)
1·3 days agoAhh, I see what you mean. Being asked to pay twice isn’t nice…
But would you / do you voluntarily donate to Jellyfin’s development?
I get it, it is (& a lot of things are) free… but at some point the developers need to recoup something…
Otherwise Jellyfin’s development will eventually dry up as raw enthusiasm runs out.
+1 for Ansible
- Install an application
- Do all the updates at the same time ( - after automating all the backups of course 😉)
- Removing games 😈
True, but they’ve answered your question.
Maybe raise a bug report with Firefox (Mozilla) and see if they can look into it further and that might help others too
Can I (figuratively speaking) just change the destination in my backup scripts and start writing to Hetzner… or are they using a completely different setup?
Does that also include Burial?
His complaint was it was different.
This is the absolute core of everyone’s reluctance… and 99% of (domestic) stuff is browser based…
That says that upgrades won’t enable it… the user can still enable it.
Yes, I feel your pain.
Encryption drives sound like a good idea until the subject of unlocking them comes up… and automatically unlocking the drive for the OS isn’t really helping.
But, for user data, it can be unlocked automatically during login. The Arch wiki covers this.
But backup your data 😉
It depends on your use-case.
Encryption of data at rest (this discussion) is mostly helpful for physical theft, so a device that never leaves the house, there’s little reason for encryption.
Similarly, on a lower powered mobile device, maybe you only want / need user data to be encrypted, and there’s no need to encrypt the OS, which keeps the performance up.
Maybe you want the whole thing encrypted on your high performance laptop.
So, it’s difficult to define a sane default for everyone, thus making it an option for the end user to decide on.
Linux has more choice than Windows - and the encryption algorithm(s) can be verified - so it’s definitely the better choice.
For which OS?
It can be enabled at any time on Windows & Linux. It’s just optional.
It’s dumb and inexcusable IMO
No, it’s a choice, because:
-
History… encryption didn’t exist in the beginning. Upgrades won’t enable it.
-
Recovery… try telling the people that didn’t backup the encryption key - outside of the encrypted vault - that their data’s gone.
-
Performance… not such an issue these days, but it does slow your system down (and then everyone complains)
So, please continue to encrypt your data as you choose and be less judgemental on others, esp. anyone new
No excuses.
-
Whatever you end up with
- test a restore
- consider how to deal with the source data being corrupted / ransomed / etc, ie multiple versions
I replaced Nextcloud with syncthing (files) & radicale (calendar, contacts & todos)
No-one used the calendar on NC, they just used their phones, Outlook, etc
No-one used the photo gallery on NC - that’s now Immich … again, with syncthing.
During the early days, just doing an update would break things.
For a small home setup, NC is too big, too clunky and just not the right tool.
Or… <using package manager of choice>
install immichDone.
No need to map internal & external ports, wrestle with permissions (or… good grief, run the container as root!), etc, etc.
It’s just… less faff.
Plus I save all that additional disk space, not having to install docker! 😉
Don’t get me wrong; Containers, chroot jails, Type-1 & Type-2 hypervisors all had their place in the history of my systems, I just don’t see it as a necessity.
The additional software required to run it in a container plus its configuration, on top of Immich’s configuration.
Just install & configure Immich, done.
Crowdsec will block external, public, IPs
Fail2Ban will block login attempts (ie from anywhere)
I have a similar setup with pfSense, pfBlockerNG, HAProxy, etc, but I keep F2B running on my DMZ server in case something is ever compromised as it’ll block / slow down anyone trying to move around the network.