Install Guix
Hardware
OS
execute doesn’t mean to start, it means to stop…
No?
First Known Use 14th century, in the meaning “to carry (something) out fully : to put (something) completely into effect”
How the heck did you install Seafile!? I spent a whole day trying to get it to work, but there are so many moving parts and proxies behind proxies behind proxies. I managed to get the UI to load, but other parts of the app didn’t work. I want to like it, but it seems pretty complicated to install… 😢
For cases where it sounds like another letter, why not just use that one?
In Spanish, words that use k instead of c tend to come from “other” languages, like Greek, Arabic, Japanese, or Russian.
Aparece en palabras procedentes de otras lenguas en las que se ha buscado respetar la ortografía originaria, o en voces transcritas de lenguas que emplean alfabetos o sistemas de escritura distintos del nuestro, como el griego, el árabe, el japonés o el ruso
Whoa, surprised this is coming from The Verge. Is it really the year of the Linux desktop now??
Frigate + Reolink (or actually Frigate-approved cams)
You know. mTLS might be an option. I have a tiny number of clients. Laptops and Android phones, seems easy to install a client cert. The part I’m not sure about is TVs… Does Nvidia Shield or Firestick allow installing client certs?..
Oh, wait and also: https://github.com/jellyfin/jellyfin-meta/discussions/96
Harden your server first
Do you have any tutorials or guides on this handy?
Use your router/server to block some counties using geoip
Yeah, definitely all my users are in the same town/region/country as me. So this could be doable.
Configure rate limits in Nginx
Hm, currently using Caddy as my reverse proxy. I guess there’s some module for this.
only open ports in your firewall you really want to open
The only port I need open is 443 for accessing Jellyfin and Immich. I can definitely block 22 from the public internet. And fuck it no automatic redirects from 80 to 443. TLS or bust.
GAAH! OK! I’M NOT CRAZY!
The exact same thing is happening to my wife’s phone. We’re both on Pixel 8s, have the same VPN settings, but for some magic reason Tailscale breaks only her phone. She has to turn off Tailscale and reboot her phone to regain connectivity.
These shenanigans is why I’m considering just exposing things to the public internet. I’m using Tailscale on several device types and Tailscale adds friction to all of my devices (except Arch where everything always works).
I understand the friction is there for a good reason, but my family doesn’t. They just see that Jellyfin doesn’t work and that all of this is buggy and maybe they just should sign up for Netflix instead of dealing with all of these bugs.
“roaming” device is always connected to their “home” network by VPN
Ah, right. Well, currently I do have my wife’s and my phone on the Tailscale VPN. The issue I’m trying to solve is that the VPN app on Android (and other environments) isn’t 100% bug-free. For some unknown reason, my wife frequently has issues with Tailscale. It’ll break her entire networking on her phone. The only way to fix it is by rebooting her phone. I have no idea why because we have the same phone and the same settings and it works fine on my phone. I’ve tried turning off Tailscale, logging out, and back in, and the network won’t recover. Sometimes the Tailscale app won’t even trigger the SSO page to sign in. So it just stays permanently logged off.
The Nvidia Shield also has similar issues where I have to fuss around with the VPN.
So at this point, I feel like I’m done debugging VPN apps and maybe it would be easier for users if I expose stuff to the public internet. Obviously, it makes management for me harder, but that’s ok if everything Just Works for everyone without extra steps or without having to reboot your phone every week.
site-to-site VPN configurations between routers at each location … the router itself handle routing of specific traffic over the VPN connection, instead of needing each device to connect to the VPN individually.
Interesting. This could help with my home network and my parent’s, but I also need to handle cases where I don’t control the network. I have clients that are phones. My family would expect that the services keep working even if they’re in a different city on cellular or at a friend’s house.
What kinds of things are you planning to expose?
Primarily Jellyfin and Immich.
What I expose I hide behind a reverse proxy with IP whitelists.
Do all your clients have fixed IPs? I have some clients that are phones or laptops, but I would imagine those change as people drive around to different cities or connect to different coffee shop WiFi.
I am kinda interested in WireGuard, but how does it work with multiple non-PC devices on different networks? Tailscale runs seamlessly on my Arch laptop, but Android, TVs, and streaming sticks have hiccups from time to time.
I have services that I want to share with my non-techie family. If a service stops working, they suck at debugging and fixing the issue on their own.
Every time I hear him speak, I am reminded of just how stupid he is.
I know this is common knowledge on Lemmy, but damn it’s still nice to read. When I talk to folks around town, they all think he’s a genius… it’s really jarring.
I’ve considered a safe, but I’ve heard the paper contents may mold if left in there too long. Currently too lazy to manage that.
Awesome! There’s a tooon of stuff to learn, but Vim is eternal, so it’ll be a good investment.
Difftastic is fantastic!
Seems like they’ve bought into the hype.