selfhosted

This magazine is from a federated server and may be incomplete. Browse more on the original instance.

redcalcium, in Miro/Figjam alternative?

Maybe Affine? They have self-hosted dokcker image with armv7 and arm64 support: github.com/toeverything/docker so it’ll probably work on your pi4.

jackalope, in Miro/Figjam alternative?

Draw.io or penpot.

BearOfaTime, in Self-hosted VPN that can be accessed via browser extension

Configure the Funnel feature in Tailscale.

Funnel enables non-Tailscale clients to access specified resources in your Tailscale network via an encrypted tunnel provided by Tailscale.org.

will_a113, in Miro/Figjam alternative?

draw.io is a capable web-based flowcharting program. Source code is on github but I’ve never tried locally hosting.

SeeJayEmm, in Single Board Computer (SBC) Collection
@SeeJayEmm@lemmy.procrastinati.org avatar

I’ve been happy with the librecomputer boards but my uses are pretty limited.

This was a fun read and specifically made me wonder what I’d need to roll my own steam link device.

shrugal, in AppleTV complete replacement opinions

I use a Synology NAS + Plex + Chromecast, works great.

neidu2, (edited ) in Uid/gid in docker containers don't match the uid/gid on the server?

I’m not very well versed on docker, but this sounds like a config issue. The behavior seems similar to “squash root” found in many other services.

johntash, in Nextcloud zero day security

Make sure your backups are solid and can’t be deleted or altered.

In addition to normal backups, something like zfs snapshots also help and make it easier to restore if needed.

I think I remember seeing a nextcloud plugin that detects mass changes to a lot of files (like ransomware would cause). Maybe something like that would help?

Also enforce good passwords.

Do you have anything exposed to the internet that also has access to either nextcloud or the server it’s running on? If so, lock that down as much as possible too.

Fail2ban or similar would help against brute force attacks.

The VM you’re running nextcloud on should be as isolated as you can comfortably make it. E.g. if you have a camera/iot vlan, don’t let the VM talk to it. Don’t let it initiate outbound connections to any of your devices, etc

You can’t entirely protect against zero day vulnerabilities, but you can do a lot to limit the risk and blast radius.

mesamunefire, (edited ) in Single Board Computer (SBC) Collection

Finding raspberry pis have been really hard after 2019. It’s too bad, it’s my favorite single board computer.

Hexarei, in Do any of you have that one service that just breaks constantly? I'd love to love Nextcloud, but it sure makes that difficult at times
@Hexarei@programming.dev avatar

The solution for me is that I run Nextcloud on a Kubernetes cluster and pin a container version. Then every few months I update that version in my deployment yaml to the latest one I want to run, and run kubectl apply -f nextcloud.yml and it just does its thing. Never given me any real trouble.

oij2, in Do any of you have that one service that just breaks constantly? I'd love to love Nextcloud, but it sure makes that difficult at times

Well… no… I have been self hosting it for several years over multiple major versions now. Only for Files, Calendar and Deck though. It was a bit hard to set up, but reading the general Apache and PHP documentation helped a lot.

ChillPill, in Do any of you have that one service that just breaks constantly? I'd love to love Nextcloud, but it sure makes that difficult at times
@ChillPill@lemmy.world avatar

The snap version of nextcloud has been pretty solid for me, except for the time that I installed the nextcloud backup app.

exu, in Comparing compression in AV1, x264, and x265

I’ve also gone down that rabbit hole and found Vivictpp pretty good. It allows you to play two videos so you can swipe between them like imgsli you mentioned.

There’s a whole range measurements trying to approximate quality differences between a video source and encode. PSNR, SSIM, VMAF, MS-SSIM
All of them with some strong areas and tricks you can use to cheat them.

fury, in Do any of you have that one service that just breaks constantly? I'd love to love Nextcloud, but it sure makes that difficult at times

The problem child for me right now is a game built in node.js that I’m trying to host/fix. It’s lagging at random with very little reason, crashing in new and interesting ways every day, and resisting almost all attempts at instrumentation & debugging. To the point most things in DevTools just lock it up full stop. And it’s not compatible with most APMs because most of the traffic occurs over websockets. (I had Datadog working, but all it was saying was most of the CPU time is being spent on garbage collection at the time things go wonky–couldn’t get it narrowed down, and I’ve tried many different GC settings that ultimately didn’t help)

I haven’t had any major problems with Nextcloud lately, despite the fragile way in which I’ve installed it at work (Nextcloud and MariaDB both in Kubernetes). It occasionally gets stuck in maintenance mode after an update, because I’m not giving it enough time to run the update and it restarts the container and I haven’t given enough thought to what it’d take to increase that time. That’s about it. Early on I did have a little trouble maintaining it because of some problems with the storage, or the database container deciding to start over and wipe the volume, but nothing my backups couldn’t handle.

I have a hell of a time getting the email to stay working, but that’s not necessarily a Nextcloud problem, that’s a Microsoft being weird about email problem (according to them it is time to let go of ancient apps that cannot handle oauth2–Nextcloud emailer doesn’t support this, same with several other applications we’re running, so we have to do some weird email proxy stuff)

I am not surprised to hear some of the stories in this thread, though. Nextcloud’s doing a lot of stuff. Lots of failure points.

lemmyvore, in Nextcloud zero day security

All the measures you listed amount to nothing against a zero day remote exploit. They bypass the normal authentication process.

If you’re not able to use a VPN then use a IAM layer, which requires you to login through another method. You can use a dedicated app like Authelia/Authentik in front of the reverse proxy, or if you use nginx as reverse proxy you also have to option of using the vouch-proxy plugin.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • selfhosted@lemmy.world
  • localhost
  • All magazines
  • Loading…
    Loading the web debug toolbar…
    Attempt #