TCB13

TCB13, 1 year ago

It’s funny how conservative Windows is, it still has components from the NT.

That calling: ensuring things are compatible with old software and not fucking your users over. Just for fun I tried to install Photoshop 6 from 2000 on Windows 11 and it works just fine. Same goes for MS Office 2003.

TCB13, 1 year ago

WINE comment, because you can go into the dialog that selects which version of Windows it “emulates”.

Until the emulation fails at some basic Window API feature like window tabs with multiple rows that any Windows version from 95 does just fine. Or… until you try to get MS Office 2016 working and it requires dozens of hacks to end up with something very slow to startup and have graphical glitches… or 2019 also not working, or not being able to install 2021. Or… until you find out that Wine is still unable to just tell applications the screen size fucking up everything that depends on it. Wine is far from perfect and it isn’t that good.

As for can’t collaborate, that depends on the industry

Yes, you are lucky you got NX CAD for Linux, because for most people that’s not the case. Adobe products are a no go, AutoCAD is a no go, same goes for Multisim / Ultiboard.

TCB13, 1 year ago

How would browser games survive with that solution tho? They most likely require some server…

TCB13, 1 year ago

Oh you mean the ones here: flashpointarchive.org and www.flashgamearchive.com

TCB13, 1 year ago

Potentially yes, but for instance I’ve been looking for a way to have the following players offline and it seems harder than expected:

• weather.ambient-mixer.com/the-perfect-storm
• mynoise.net/NoiseMachines/rainNoiseGenerator.php
• mynoise.net/…/thunderNoiseGenerator.php
• mynoise.net/NoiseMachines/fireNoiseGenerator.php

Any tips?

TCB13, 1 year ago

it gives me an actual IP on my router’s subnet for my machines

Yes you configure LXD/Incus’ networking to use a bridge and it will simply delegate the task to your router instead of proving IPs itself. One of my nodes actually runs the two setups at the same time, I’ve a bunch of containers on an internal range and then my Home Assistant VM getting an IP from my router.

TCB13, 1 year ago

Yes you do ahaha

TCB13, 1 year ago (edited 1 year ago)

I could officially install any Linux distro to the company laptop (which I did of course) fully replacing the wintoys. Could use the machine as I liked, no corporate mandated BS spyware or anything.

Yes, and when the company gets hacked they can sue you for not keeping “your” computer secure enough. When I started my career on the field I also had those ideias that companies are evil and want to spy on everyone and enforce stupid policies on computer and whatnot.

Eventually I moved to heavily restricted environments where once you see what’s going on there you simply wouldn’t even open WhatsApp on that machine, let alone surf unknown websites. You wouldn’t do it not because the fear of being monitored but by the amount of liability you would be exposing yourself if you did. Trust me, the company isn’t bad, predatory but at a certain level you simply think twice. In fact they even reconize that people might want to surf random websites or use some personal accounts and provide a secure virtualized extra browser (restricted from the internal network) but still no way in hell people even think about using it for something so simple such as WhatsApp.

To be fair, this way of thinking might be the best. Just assume people will want to have a personal messaging app, email or whatever on the side and deploy some virtualized / restricted local or remote solution so they can do it without creating risks for themselves or to the company. At least this way you’re still under control and people wouldn’t be trying to bypass your security everyday…

TCB13, 1 year ago (edited 1 year ago)

You don’t use complex formats you say… just don’t forget that LibreOffice thinks bullets points are “complex formats”:

https://lemmy.world/pictrs/image/1ef94126-115b-4a4b-8207-84bca7387e49.jpeg

What OS are you using?

TCB13, 1 year ago

So why not simply use MS Office? Way less hassle to deal with. Licenses are available for cheap on eBay or pirated form reputable sources.

TCB13, 1 year ago

LibreOffice and OnlyOffice will certainly be better than OpenOffice.

TCB13, 1 year ago

Seriously, download MAS and choose Ohook. Enjoy your permanently serialized and activated MS Office. :)

TCB13, 1 year ago

They’re just creating a situation where people forget how to do thing without a magic tunnel or whatever. We’ve seen this with other things, and a proof of this is the fact that you’re suggesting you’ll require a static IP while in fact you won’t.

TCB13, 1 year ago

However, the “give something away for free until they can’t live without it then force them to pay” model is pretty classic in tech by now.

Yes, this is a problem and a growing one, like a cancer. This new self-hosting and software development trends are essentially someone reconfiguring and mangling the development and sysadmin learning, tools and experience to the point people are required to spend more than ever for no absolute reason other than profits.

TCB13, 1 year ago

“Uncensored” models are bullshit everything but uncensored. Just ask them for a Windows XP Pro key and you’ll see how uncensored they really are.

TCB13, 1 year ago (edited 1 year ago)

however the packages for nginx-rtmp are quite abandoned in arch linux.

Maybe you should switch to Debian? I’ve been doing it for a long time that way and playing to VLC without issues. What repositories are you using btw? Official ones at nginx.org/en/linux_packages.html or some 3rd party garbage?

TCB13, 1 year ago (edited 1 year ago)

MediaMTX

Going to Mars seems easier and less resource intensive than that thing.

MediaMTX can sort a lot of this for you. Then its just a matter of accessing your feed on vlc.

Here is how you really “just access your feed from VLC” in three easy easy steps:

Step 1. Configure nginx repositories (nginx.org/en/linux_packages.html)

Step 2. Install nginx / nginx-rtmp

Step 3. Edit nginx config to add:

<span style="color:#323232;">rtmp {
</span><span style="color:#323232;">        server {
</span><span style="color:#323232;">                listen 1935;
</span><span style="color:#323232;">                chunk_size 4096;
</span><span style="color:#323232;">                allow publish 127.0.0.1;
</span><span style="color:#323232;">                deny publish all;
</span><span style="color:#323232;">
</span><span style="color:#323232;">                application live {
</span><span style="color:#323232;">                        live on;
</span><span style="color:#323232;">                        exec_pull /usr/bin/ffmpeg -f v4l2 -input_format h264 -video_size 1920x1080 -i /dev/video4 -copyinkf -codec copy -f flv rtmp://127.0.0.1/live/stream;
</span><span style="color:#323232;">                        record off;
</span><span style="color:#323232;">                }
</span><span style="color:#323232;">        }
</span><span style="color:#323232;">}
</span>

A few notes:

• /dev/video4 is your camera;
• Some systems (debian) may require this sudo usermod -a -G video www-data to make sure it will work. Because ffmpeg will be launched with the www-data user that doesn’t have access to the video cameras.
• It will even turn off the camera if nobody is connected;
• Use ffmpeg -f v4l2 -list_formats all -i /dev/video0 to find what formats your camera supports;
• Watch the stream from VLC with the url: rtmp://device-ip/live/stream

Enjoy.

TCB13, 1 year ago

Want things to work really well and last that way? Get an HP EliteBook (not the latest model) and enjoy.

TCB13, 1 year ago

Yes and I do and while it is great for infrastructure, magnitudes better than anything Microsoft ever offered as a reasonable desktop it’s a fucking a joke.

TCB13, 1 year ago

Quick check list for outward facing servers:

1. Isolate them from your main network. If possible have then on a different public IP either using a VLAN or better yet with an entire physical network just for that - avoids VLAN hopping attacks and DDoS attacks to the server that will also take your internet down;
2. If you’re using VLANs then configure your switch properly. Decent switches allows you to restrict the WebUI to a certain VLAN / physical port - this will make sure if your server is hacked they won’t be able to access the Switch’s UI and reconfigure their own port to access the entire network. Note that cheap TP-Link switches usually don’t have a way to specify this;
3. Only expose required services (nginx, game server, program x) to the Internet. Everything else such as SSH, configuration interfaces and whatnot can be moved to another private network and/or a WireGuard VPN you can connect to when you want to manage the server;
4. Use custom ports with 5 digits for everything - something like 23901 (up to 65535) to make your service(s) harder to find;
5. Disable IPv6? Might be easier than dealing with a dual stack firewall and/or other complexities;
6. Use nftables / iptables / another firewall and set it to drop everything but those ports you need for services and management VPN access to work - 10 minute guide;
7. Use your firewall to restrict what countries are allowed to access your server. If you’re just doing it for a few friends only allow incoming connection from your country (wiki.nftables.org/wiki-nftables/…/GeoIP_matching)

Realistically speaking if you’re doing this just for a few friends why not require them to access the server through WireGuard VPN? This will reduce the risk a LOT and won’t probably impact the performance. This is a decent setup guide digitalocean.com/…/how-to-set-up-wireguard-on-deb… and you might use this GUI to add/remove clients easily github.com/ngoduykhanh/wireguard-ui

TCB13, 1 year ago (edited 1 year ago)

Both the ROCKPro64 and the NanoPi M4 from 2018 has a x4 PCIe 2.1 interface. Same goes for almost all RK3399 boards that care to expose the PCIe interface.

Update: there’s also the more recent NanoPC-T6 with the RK3588 that has PCIe 3.0 x4.

This boards seems extremely poorly designed, have a look at the CPU specs: www.intel.com/content/www/…/specifications.html

https://lemmy.world/pictrs/image/eb9d0301-6e24-4b20-8fcd-3a2d9b611506.png

They could’ve exposed more SATA ports and / or PCI lanes and decided not to do it.

And… let’s not even talk about the SFF 8087 connector that isn’t rated to be used as an external plug, you’ll likely ruin it quickly with insertions and/or some light accident.

TCB13, 1 year ago (edited 1 year ago)

Generally, there’s a small difference in speeds:

PCIe 2.0 x 4 > 2.000 GB/s PCIe 3.0 x 2 > 1.969 GB/s

But we also have to consider the suggested ARM CPU does PCIe 2.1 and we’ve to add the this detail:

PCIe 2.1 provides higher performance than the PCIe 2.0 by facilitating a transparent upgrade from a 32-bit data path to a 64-bit data path at 33MHZ and 66MHz.

I shouldn’t also have a large impact but maybe we should think about it a bit more.

Anyways I do believe this really depends on your use case, if you plan to bifurcate it or not and what devices you’re going to have on the other end. For instance for a NAS I would prefer the PCIe 2.1 x 4 as you could have more SATA controllers with their own lanes instead of sharing lanes in PCIe 3.0 using a MUX.

Conclusion: your mileage may vary depending on use case. But I was expecting to have more PCI lanes exposed be it via more m.2 slots or other solution. I guess that when a CPU comes with everything baked in and the board maker “only has” to run wires around better do it properly and expose everything. Why not all SATAs for instance?

TCB13, 1 year ago

DNA also sounds interesting, though it doesnt seem like a good way of preserving data long term. DNA is very fragile, and seems like an odd route to take for long term archiving.

Yeah the 5D quartz disk is very cool.

Anyways if you think about storage density DNA isn’t that “odd”. With DNA you can store dozens of copies of the data and parity checks in a very small space so even if some gets corrupted you can still get it. I get that organic stuff has its limits but the density is just mind blowing.

TCB13, 1 year ago

Yeah thats a cool thing.

TCB13, 1 year ago

Also, they would talk about custom roms for Android, then eventually when the channel got more viewers, the host makes a video advertising Google

Gotta follow the money :P Welcome to the Internet.