As an avid NewPipe user I like that it’s an approximately identical tool with more functionality!
It seems like a fork where (I wish) a plugin could (ideally) be in NewPipe. It may also be a nice nod to the original devs to change the default color scheme of the fork so nobody gets confused as to who forked from who.
Overall very cool work! I hope they continue to have success and make progress.
You’re missing the entire point of the free software movement. Free as in freedom does NOT intrinsically mean free as in absence of cost. Linux exists because of companies like Cygnus who successfully marketed the Bazaar, as opposed to the Cathedral, to investors.
Stallman and Torvalds themselves have gone on record multiple times stating the utter lack of political motivation in being able to modify the software on your machine.
Well put. The one thing I would add is using the Nix package manager on a distro other than NixOS! I’m daily driving Fedora 39 + Nix (home-manager) with zero problems. My pick would either be Fedora or Debian.
Tons of good documentation either way. Flatpak the packages you, no kidding, need to be easy / consistent to debug. Non-root podman for containers. Nix for more up to date packages than are available in the native repos (especially useful with Debian) + the other benefits like nix-shell.
Love me some docker compose! I switched from a manually built VM over to the AIO setup about a year ago and never looked back. It’s been rock solid for me and my ~10 users so far.
You make a great point. I really shouldn’t contribute to the boogeyman-ification of port forwarding.
I certainly agree there is nothing inherently wrong or dangerous with port forwarding in and of itself. It’s like saying a hammer is bad. Not true in the slightest! A newbie swinging it around like there’s no tomorrow might smack their fingers a few times, but that’s no fault of hammer :)
Port forwarding is a tool, and is great/necessary for many jobs. For my use case I love that Wireguard offers a great alternative that: completes my goal, forces the use of keys, and makes it easy to do so.
I’ll assume you mean what I mean when I say I want to be safe with my self hosting – that is, “safe” but also easily accessible enough that my friends/family don’t balk the first time they try to log in or reset their password. There are all kinds of strategies you can use to protect your data, but I’ll cover the few that I find to be reasonable.
Port Forwarding – as someone mentioned already, port forwarding raw internet traffic to a server is probably a bad idea based on the information given. Especially since it isn’t strictly necessary.
Consumer Grade Tunnel Services – I’m sure there are others, but cloudflare tunnels can be a safer option of exposing a service to the public internet.
Personal VPN (my pick) – if your number of users is small, it may be easiest to set up a private VPN. This has the added benefit of making things like PiHole available to all of your devices wherever you go. Popular options include Tailscale (easiest, but relies on trusting Tailscale) or Wireguard/OpenVPN (bare bones with excellent documentation). I think there are similar options to tailscale through NordVPN (and probably others), where it “magically” handles connecting your devices but then you face a ~5 device limit.
With Wireguard or OpenVPN you may ask: “How do I do that without opening a port? You just said that was a bad idea!” Well, the best way that I have come up with is to use a VPS (providers include Digital Ocean, Linode to name a few) where you typically get a public IP address for free (as in free beer). You still have a public port open in your virtual private network, but it’s an acceptable risk (in my mind, for my threat model) given it’s on a machine that you don’t own or care about. You can wipe that VPS machine any time you want, the cost is time.
It’s all a trade-off. You can go to much further lengths than I’ve described here to be “safer” but this is the threshold that I’ve found to be easy and Good Enough for Me™.
If I were starting over I would start with Tailscale and work up from there. There are many many good options and only you can decide which one is best for your situation!
Thanks for putting this out for public benefit! I haven’t messed around with MacOS much but the things you’ve mentioned are nice to know.
I believe that’s a shell/bash standard variable, but I need to learn where it came from and how it works
You may know this already, but I’ve found the man (as in manual) utility to be one of the most useful things in GNU/Linux user space. I don’t have much insight into ‘${file##*/}’ off the cuff, but I can tell you there’s manual entries for file, sh, and bash that may help you track it down.
<span style="font-style:italic;color:#969896;"># simply type man [some-command]
</span><span style="color:#323232;">man file
</span><span style="color:#323232;">man sh
</span><span style="color:#323232;">man bash
</span><span style="color:#323232;">man man </span><span style="font-style:italic;color:#969896;"># very useful for getting started!
</span>
Manpages are local to your system so they’re extremely fast to pull up and searchable!
Here’s some online info on man if you’re interested:
This denotes the range of subuids that are available to your user.
-u 100000:65536
This part specifies two things ([UID]:[GID]) even though it’s the same syntax as the earlier part that specifies one range :)
I suspect what you will want to do is use the following:
<span style="font-style:italic;color:#969896;"># change ownership of the directory to the UID:GID that matches something in your subuid:subgid range, in this case 10000:10000
</span><span style="color:#323232;">podman unshare chown -R 100000:10000 /home/privatenoob/media/storage1/Filmek/
</span>
Then we can specify that the user in the container can match the user (UID) we specified above:
As a note, if you copy/pasted that ExecStart line, you might have gotten the invalid argument error because you entered 100000 (outside of your subuid range, i.e. >65536) instead of 10000.
There’s a nice guide that gives a great walkthrough. I’ll dig through my bookmarks and add it here when I get some time.
There are a few ways around it. The simplest is to add the –privileged option.
The more secure method with podman is by specifying a user (ex -u 10001:10001) from your extended subuid:subgid range after your full and proper setup of rootless podman :-)
Then instead of chown you’ll want to use the oddly named podman unshare tool to automatically set the permissions of the host directory. You would then want to start your service with systemctl --user instead of sudo systemctl
It worked… ok. The lack of a USB dock really hurt the “desktop and laptop in one” concept that I was shooting for. I had to plug / unplug 3 things to get into “desktop mode” which was a hassle for how much I switched between modes. It ran things like Valheim really well but utterly failed at FPS games like Apex (<15fps, horrible stuttering, totally unplayable).
If you already have a laptop, a GPU, a desk, a decent monitor, and you typically play low-requirement games and just want to play on high settings – then by all means it’ll be great for that! Another way it may make sense for you is if you play around with CUDA and need a compatible GPU on a budget.
That being said, don’t convince yourself that you’ll get full use out of something like a 4070. If that’s what you want then, as of now, a desktop is almost certainly your best option.
It’s definitely a skill that I haven’t mastered either! That being said I think it’s one of the pillars of being a bonafide “super user” and I’d like to set there one day :)
Maybe I’ll take inspiration from this post and write something up about what I learn in the future about manpages.