Selfhosted brownmustardminion • 7 days ago • 99%

I'm curious what the benefits are of paying for SSL certificates vs using a free provider such as letsencrypt. What exactly are you trusting a cert provider with and what are the security implications? What attack vectors do you open yourself up to when trusting a certificate authority with your websites' certificates? In what way could it benefit security and/or privacy to utilize a paid service? And finally, which paid SSL providers are considered trustworthy? I know Digicert is a big player, but their prices are insane. Comodo seems like a good affordable option, but is it a trustworthy company?

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ brownmustardminion • 1 week ago • 92%

For those of you that know, I'm trying to find a niche community, forum, chat room, whatever of individuals that could give me some pointers on cracking an OFX plugin. My knowledge ends at simple standalone exes and the communities I know of seem largely focused on game cracking. If you know of a community that you think would help me on my journey, feel free to share. You can also send me a private message if you need to be discrete.

Selfhosted brownmustardminion • 1 week ago • 100%

What do you recommend for an at-a-glance access log dashboard? Kibana and Grafana seem cool but overkill. All I want is a dashboard that can ingest and parse syslogs from various services and neatly display a list of currently connected IPs and usernames if applicable as well as a IP connection history.

Selfhosted brownmustardminion • 4 weeks ago • 100%

With the EOL of PVEv7 and my need for more storage space, I've decided to migrate my VMs to a larger set of drives. I have PVE installed baremetal on a dell r720 RAID1 SSDs. I'm a bit nervous about the migration. I plan on swapping the SSDs, installing PVE8 from scratch, then restoring VMs from backup. Should I encounter an issue, am I able to swap the old RAID1 SSDs back in, or once I configure the new ones are the old drives done for? I'm managing RAID on a dell RAID controller. I also have my data hard drives passed directly into a TrueNAS VM which supplies other VMs via NFS. Is there anything I should be concerned about when I've migrated, such as errors re-passing the data drives to the TrueNAS VM. Or should everything just work again? Is there a master PVE config file I can download before swapping drives that I can reference when configuring the new PVE install?

Privacy brownmustardminion • 1 month ago • 97%

I was listening to a Bazzell podcast where he mentions his company self hosting and maintaining a database of personal data and credentials for use in OSINT investigations. Some acquired through public sources but others acquired through leaks. Then of course there are data aggregate companies that do the same but are going on to sell this data for a profit. What is the legality of this? Obviously acquiring publicly available data is legal, but how are these companies able to hold on to leaked usernames, passwords, and other confidential personal information. Especially those that were initially acquired through illegal means?

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ brownmustardminion • 1 month ago • 96%

Is there something like Spotify Downloader or yt-dlp for Lidarr? I got spotify playlists imported into Lidarr, but the artists I listen to don't seem to have any torrents. I don't mind the quality hit of something like spotifydownloader which pulls from youtube. Is there anything like that or yt-dlp integrated into Lidarr for automated downloads?

Privacy brownmustardminion • 1 month ago • 100%

I'll start by stating my threat model is avoiding corporate tracking, profiling, and analytics. For anything beyond that scope I believe tor is ideal. Correct me if I'm wrong but my understanding is that Newpipe is a frontend to provide an alternative to the awful YouTube app and/or youtube account. However, your IP along with other device information may still be exposed to google servers. Any ideas as to what info beyond IP is sent to google? Whereas invidious instances act as a proxy in addition to what is offered by Newpipe, but you are trusting your privacy to the instance owner. My idea for utilizing these services is the following: Newpipe for managing subscription based YouTube viewing. Google would have my IP, but this IP would be a VPN IP address that periodically changes. Much more reliable than invidious and better quality. App is great. Invidious for random video searches as well as content I may want to be slightly more cautious about associating with. I'm looking for feedback on this conceptual setup. I've also been considering making a public invidious instance that I can use but hopefully obfuscates my viewing through its usage by others.

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ brownmustardminion • 1 month ago • 97%

spotify-downloader is great. I already have an arr stack running for movie and shows. It would be cool to add music to the mix. I have a shared spotify playlist with friends that I pretty much listen to exclusively as of late. What I'd like is to have an arr app that constantly pulls from that playlist and downloads via spotify-downloader, so that I can listen to those songs from my private server and then I don't need to have spotify open so much. The ideal setup would be a system where songs are pulled from a spotify playlist, downloaded via spotify-downloader, but later once a higher quality version is discovered, downloads that and replaces the youtube quality initial version. I can't be the first to think of this, so I'm hopeful something like this is already ready to deploy. Thoughts?

Privacy brownmustardminion • 1 month ago • 84%

I recently acquired a pixel phone and set up gos. Prior to trying gos I was using an iPhone hardened as much as possible based off of recommendations and guides from respected OSINT experts. It’s only been a week but I’ve found gos extremely frustrating and mostly useless except for web browsing. I can’t seem to get my Yubikey to work so my 2FA is borked. Works fine on my iPhone. I’ve previously managed to degoogle my life but now certain apps require me to use sandboxed google apps just to run. I’m facing the nearly insurmountable task of convincing my friends, family, and colleagues to download and use signal when they are all using encrypted iMessage. Most of my banking apps just simply do not work. Mobile banking is unfortunately something important that I need in my occupation. A part of the appeal of gos was being able to have an isolated dedicated profile for banking. There’s also a few features that I’m assuming are iPhone exclusive that it really sucks to have without. Double tapping the bottom of the screen to shift everything down so you can reach the top of the screen with your finger when using one hand. Holding down on the space bar to move the text cursor between characters. Maybe these exist on gos though? I understand most of the issues lay on the shoulders of the app developers. I’m grateful for the devs for creating and working on this project. I’m not bashing anyone here. I’m simply asking for some guidance on how I can break through the hurdles and make this work for me, from the mouth of those who were once in my position.

Privacy brownmustardminion • 2 months ago • 92%

I’ve been using invidious for a few years. I recently changed up my morning routine and have been eating breakfast watching YouTube via the TV app versus on my PC. It made me realize I kind of miss the recommended videos in some circumstances like when I just wanna veg out. Are there any current viable yt front ends that either maintain the algorithm or utilize their own to find you new content?

networking brownmustardminion • 2 months ago • 100%

If you have an outdoor Ethernet port—in my case with a WiFi AP connected—how can you go about protecting your network from somebody jacking in? Is there a way to bind that port to only an approved device? I figured a firewall rule to only allow traffic to and from the WiFi AP IP address, but would that also prevent traffic from reaching any wireless clients connected to the AP? Edit: For more context, my router is a Ubiquiti UDM and the AP is also Unifi AP

Privacy brownmustardminion • 2 months ago • 98%

What is the general consensus on trusting data removal services with the data you provide them? I’ve spent 5 years telling myself I’ll go through the long lists of data aggregators and one by one manually send removal requests. But it’s such a massive undertaking. I’d like to finally get it done through one of these services, but my gut tells me it feels wrong. Has anybody used them and how do you feel about it? Is DeleteMe a good choice?

Selfhosted brownmustardminion • 2 months ago • 94%

I have a Dell Poweredge r720xd in RAID10. I've had a couple of drives fail since I've bought it and was able to buy cheap replacements on ebay. I had another drive fail recently and one of the spare ebay drives came up as "blocked". It put me out a few days while I waited for a new one to arrive; also from ebay. I'd like to avoid getting another dud drive. Are there any reputable resellers of these old drives so I can stock up on some spares?

Selfhosted brownmustardminion • 3 months ago • 100%

I’ve made a few posts in the past about my experimentation with connecting various devices and servers over a VPN (hub and spoke configuration) as well as my struggles adapting my setup towards a mesh network. I recently decided to give a mesh setup another go. My service of choice is Nebula. Very easy to grasp the system and get it up and running. My newest hurdle is now enabling access to the nebula network at the same time as being connected to my VPN service. At least on iOS, you cannot utilize a mesh network and a VPN simultaneously. TLDR: Is it a bad or a brilliant idea to connect my iOS device to a nebula mesh network to access for example my security camera server, as well as route all traffic/web requests through another nebula host that has a VPN such as mullvad on it so I can use my phone over a VPN connection while still having access to my mesh network servers?

Linux brownmustardminion • 3 months ago • 95%

As the title says, I'm trying to multiboot Fedora 40 and Ubuntu 24. The documentation and guides for this all seems pretty outdated through my searching and troubleshooting. I currently have ubuntu installed. My drive partition table looks like this: - sda1 -- EFI (250MB) - sda2 -- /boot (ext4, 2GB) - sda3 -- empty (ext4, 2TB) <-- Fedora partition - sda4 -- Ubuntu 24 (LUKS encrypted, 2TB) I'm trying to install Fedora now and it's giving me nothing but errors. The most useful guide I found for this specific setup just has you adding sda3 as the installation path (mounted at /) for Fedora and it's supposed to figure out the EFI and boot, but that doesn't happen. In fact, the EFI and /boot partitions show up under an "Unknown" tab in the Fedora custom partition window of the installation. They should be under a tab such as "Ubuntu 24 LTS". Fedora isn't recognizing the ubuntu installation (because it's encrypted?) Am I wrong in assuming that both OS's should be sharing the EFI and /boot partitions? Maybe that's the issue? Anybody out there successfully dual booting Linux distros with both distros encrypted?

Selfhosted brownmustardminion • 3 months ago • 95%

For years I’ve had a dream of building a rack mounted PC capable of splitting its resources to host multiple GPU intensive VMs: - a few gaming VMs - a VM for work that can run Davinci Resolve and Blender renders - an LLM server - a Stable Diffusion server - media server Just to name a few possibilities… Everytime I’ve looked into it, it seemed like the technology just wasn’t there yet. I remember a few years ago Linus TT took a shot at it, but in the end suggested the technology (for non-commercial entities) just wasn’t in a comfortable spot yet. So how far off are we? Obviously AI focused companies seem to make it work, but what possibilities exist for us self-hosters who might also want to run multiple displays in addition to the web gui LLM servers? And without forking out crazy money for GPU virtualization software licenses?

homeassistant brownmustardminion • 3 months ago • 100%

HACS has a problem with hitting the GitHub rate limit when you first install it. It’s not really that big of a deal. You usually just need to wait an hour for the local database to populate. It used to be optional to link your GitHub to HACS to bypass the rate limiting but now it seems the installation requires it. I’m not a fan of this as somebody who uses Homeassistant for its privacy values and am kind of frustrated HACS removed the ability to install without a GitHub API key. Is there a manual way to override the API linking process?

Linux brownmustardminion • 3 months ago • 98%

Would this work or would I have problems: Using dd command to backup an entire SSD containing dual boot Windows/Ubuntu partitions into an .iso file, with the intent to then dd that iso back onto the same size SSD in the case of a drive failure?

science brownmustardminion • 4 months ago • 100%

Ridiculous title, I know. Sorry about that. Many years ago when I got back into weightlifting, I discovered a YouTuber named Jeff Nippard who took a science based approach to weightlifting. He would utilize peer reviewed studies to put together routines, diets, and specific tips for various topics. It was incredibly helpful. I’ve always been interested in adding mushrooms into my diet, but the mushroom world online is littered with snake oil salesmen and misinformation. Does anybody know of a YouTuber that takes a science based approach to educating others about the benefits of various mushrooms for health and wellness as well as how to source legitimate products and what details to look for?

homeassistant brownmustardminion • 4 months ago • 100%

I’m solidly leaning towards a Schlage Connect Lock due to its local only Zwave capabilities (which has the benefit of also extending battery life). I was strongly considering the Aqara U100 for its many features, but based on what I’ve seen I can foresee it being a nightmare to get working locally with home assistant and the need for a phone app makes me fear for long term support. I use the Schlage Encode for other houses and love the way it looks and how easy it is to setup and use. I really wish they would make a Zwave version with the same hardware. So before I jump in and buy the Schlage Connect, is there anybody who has experience with either of the locks I’ve mentioned? Feel free to chime in if you have a different lock that you think beats out these.

homeassistant brownmustardminion • 4 months ago • 100%

I tried my hand at rigging a proximity sensor to the water meter in my house. Sadly it doesn’t have the spinning magnet for the sensor to pick up. I looked into other options for pulling data from the meter, but for each method, my very antiquated meter had a complication that would prevent it from working. TLDR: Any recommendations for a home water meter that’s local and integrates well with home assistant? I’m going to check with my water company first, but likely will remove the old meter and replumb a new “smart” meter and an automated shut off valve into the water supply. I believe the current meter is leftover from before the utility added new meters further upstream, so I’d rather get rid of the rusty piece of junk anyway.

Privacy brownmustardminion • 4 months ago • 100%

I've attempted to create a VM on my ubuntu host machine that is accessing the internet via a dedicated VPN app. I'm able to disconnect my host VPN and access the web within the VM, but cannot access the web when the host VPN is enabled. Ideally I'd like to enable the VPN on the host and pass through web access to the VM. I have two questions: 1. If my use case is to use a VM to increase privacy and security as well as isolate my operations within the VM from my host, is it better to have the VPN app from inside the VM or pass the host's through to the VM? 2. If it doesn't make much of a difference, how can I go about passing the host's VPN to the VM? In either scenario, I'd still like to keep the host's VPN active while being able to use the VM, which I currently cannot.

homeassistant brownmustardminion • 5 months ago • 100%

I'm following the settings on WLED's wiki for the WS2814 strip: >6-LED groups (24V) as one logical LED. Must be controlled as SK6812 type, color order: BRG, swap W and G (this option is available since WLED 0.14.0-b1) But the lights just flicker like crazy. Switching WLED settings definitely does something, but not the intended effect. Using the domestic automations controller. On the latest WLED firmware. LEDs are powered directly by a 24V 10A PSU. Originally I thought my data cable was too long but it still has all the issues plugged directly into the controller. Has anybody got these strips working? Is the WLED wiki wrong?

Selfhosted brownmustardminion • 5 months ago • 100%

I have a backup server running Proxmox Backup and OMV in separate VMs. OMV provides the storage as an NFS to the proxmox backup server VM. I have multiple remote servers that connect to the proxmox backup server but recently I keep having issues with backups. Something about file lock estale. Is there an alternative to NFS I can use in OMV to provide the storage for the proxmox backup server? I know there are vastly different configuration options, but I have some other things set up with OMV so I’m kinda stuck on that.

homeassistant brownmustardminion • 5 months ago • 96%

Try as I might, due to the abundance of various types of low voltage wire connector types, I can't seem to find exactly what I'm looking for. I do a lot of LED strips and DC powered automations and I've used many Wagos and soldered some stuff in place. These tend to have some problems though. Wagos can take up too much space, especially when connecting power to LED strips that can't be tucked away. Soldering in place sucks and usually ends with a poor connection. LED snap on clips are ridiculously unreliable and weak connections. Barrel connectors are nice and small but the connection has the potential to pull out. The holy grail IMO would be a very small plastic two wire housing that can clip together like a plastic belt buckle or those connectors that often come with 12V DC batteries in battery backups/motorized kids toys. I have no idea what term to search for to find these. Anybody got any hints? I like the idea of presoldering these onto the ends of LED strips in lieu of barrel connectors, so once you are ready to install in the location it's as easy as snapping in place. If the LEDs burn out it can be replaced easily as well.

Woodworking brownmustardminion • 5 months ago • 95%

I realize this is a woodworking community so don’t kill me, but I’m in the process of upgrading my tablesaw with a new fence so it’s somewhat related. Plus there’s no metalworking community that I could find on Lemmy. To the point: I’ve got a piece of steel angle I want to use for the back rail on my table saw (where the end of the fence rests), buts its Swiss cheese full of holes and some holes are in awkward locations where I need to drill new holes to mount to the table saw to. Anybody dabble in welding know if I could fill in the holes with a mig welder and grind it flat? If so, any tips? I’ve got a flux core mig machine. I bought the Delta T3 fence kit for my rigid saw because people online said “super easy to install. You only need to drill and tap a hole or two”. That turned out to be bullshit. 😅

Privacy brownmustardminion • 5 months ago • 90%

If you notice your chat messages show up in the chat feed but don't appear on the streamers in-screen chat, you have been shadowbanned. Twitch will still take your money for donations, subs, etc, but your feedback won't be seen by anybody but you. This shadowban does not appear in the appeals page and can be applied randomly and intermittently. You are never informed about this by the way. You'll likely be talking in a chat and assuming you're being ignored. Hop into a private tab and load up the stream where you'll be able to notice if your messages are missing in chat. From my observations, there seems to be some type of algorithm/system that determines who to shadowban. I'm assuming it assigns extra points for factors like VPN usage, Linux, and adblockers. Once you've been shadowbanned, switching one of those three will not work to unban you until some arbitrary timer expires. I'm posting this in case anybody else has experienced this and felt frustrated and isolated. You're not being ignored (unless you're a twat and are being ignored). You're just being punished by Twitch for being privacy conscious.

Selfhosted brownmustardminion • 5 months ago • 94%

I self host pretty much everything, but one of the services I find makes more sense to not self host is an email server. I’ve got a few domains I’d like to have emails for, and usually I’d go for Tutanota or protonmail. But in this instance I’m looking for something dirt cheap. These domains are for a hobby club so I’m much less concerned with privacy like I usually would be. Anybody got any recommendations? So far namecheap seems like my best option for under $8/month. They would bundle with my domain registration and I’m assuming having both on the same service would make things pretty seamless to set up. Not crazy concerned with privacy for these particular accounts. Namecheap or similar is reputable enough.

Selfhosted brownmustardminion • 5 months ago • 88%

Hey guys. Having a bit of a headache trying to get wireguard working properly through my pfsense router. Configuration overview: VPS wireguard server set to forward all traffic from peers (it's operating as a self-hosted VPN). I have a port on my router we'll call OPT1 that I want to traffic all connections through wireguard to the VPN. So far I have the VPS and pfsense connected successful through wireguard. They are making active handshakes and I can ping between them perfectly fine. I followed the documentation, but my windows PC connected directly to OPT1 can't access the internet. From the PC I can ping the DHCP server of OPT1 as well as the wireguard tunnel, but I can't ping anything outside of that. I'm passing all traffic from OPT1 subnet to the wireguard interface in both OPT1 firewall rules and the wireguard interface rules. I'm sure many of you have dealt with this configuration before. Does this issue sound familiar?

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ brownmustardminion • 6 months ago • 100%

Twitch has gotten insufferable with ads lately. Sometimes I'm getting 3mins straight of ads. To add insult to injury, twitch is buggy as hell and I often need to refresh and usually it loads new ads. I used to have a special config in ublock specifically for twitch but that doesn't seem to work anymore. Any tips?

Self Hosted - Self-hosting your services. brownmustardminion • 6 months ago • 83%

I'm dangerously close to running out of space for my VMs on local-lvm, but noticed I have a lot of free space in my local storage where I only have a dozen ISOs stored. Can anybody help me figure out how I'd go about shrinking the local storage so I can extend my local-lvm?

Buildapc brownmustardminion • 6 months ago • 100%

Anybody familiar with quadro cards? I'm currently running an old Titan X for monitor display only and an RTX 3090 for computing/rendering. If I run any monitors off of my 3090, I eventually get a BSOD when running renders or AI models. I think it's a driver issue due to being forced to use the driver for the old Titan card. So I'm looking to get a quadro card for my 5 displays, a mixture of display port, dvi, and hdmi. Anybody got any affordable recommendations? It will need to have at least enough processing power to run my viewports in 3dsmax and blender.

Woodworking brownmustardminion • 6 months ago • 100%

So I’ve been putting off upgrading the fence on my trusty Rigid 4512 for a few years. I’ve got a big cabinet project coming up and of course my fence of choice, the Vega 40 Pro is no longer available. Anybody have experience upgrading the 4512 and have any recommendations? EDIT: Considering Delta T30 and Shop Fox W2005.

Gaming brownmustardminion • 9 months ago • 95%

I’m looking for a small 7” or 8” computer monitor to keep on my desk to display Discord and other things without taking up real estate on my main monitor. Ideally something cheap and therefore not a touchscreen. There’s tons of options online but I’d like to get some recommendations from people who have a similar product and enjoy it. Something similar in shape and size as the StreamDeck XL would be great. Obviously just a screen though.

Selfhosted brownmustardminion • 9 months ago • 96%

After a very enlightening discussion in a previous thread, I decided to plunge into a mesh type network to connect my various servers and devices. Nebula has been fairly straight forward to set up so far, but I’m having some trouble with the details and am curious if anybody has successfully got Nebula up and running for their network. Installation on Linux platforms has been a breeze. Windows I can’t seem to get working. I was able to install but the service refuses to start. Can’t find any documentation besides random GitHub issue threads. MacOS was easy to install but having issues due to a VPN that’s running already. I use a VPN because I travel a lot. I also use my MacBook to SSH into my servers or access remote file storage. My previous network configuration was connecting via wireguard to my network. I was able to do this while maintaining an always on VPN with the mullvad app. With Nebula that VPN seems to muck things up. I’m also curious if anybody has had experience setting up a dual config for Nextcloud. Essentially accessing a Nextcloud server from nebula with a trusted device while still allowing public access for things list public shared links.

Linux brownmustardminion • 9 months ago • 90%

I had sound working fine with one problem: the center and rear right channel were swapped. I generated an /etc/asound.conf to work on the channel swap and reloaded and now I can see the audio in pulse audio monitor, but nothing from the speakers. I deleted asound.conf and rebooted and it's now back to the previous settings but still having an issue with no sound from the speakers. Any help is appreciated. I'm still also trying to figure out how to rearrange the surround channels so they are assigned to the correct speakers. Changing them from the hardware isn't an option unfortunately.

Web Development brownmustardminion • 9 months ago • 100%

Hey folks. I’m fairly new to web dev but was wondering if you all could give me some quick advice. I’m looking to make and selfhost some fairly simple but visually interesting portfolio static websites. I’ll be posting some creative projects I’ve worked on as well as contact info and such. I’m trying to keep a minimalist design but visually interesting and artistic. My current research led me towards ReactJS and Tailwind CSS to accomplish this task. Is this a good framework or do you recommend an alternative?

Selfhosted brownmustardminion • 9 months ago • 95%

So I selfhost a number of servers in various locations and utilize a DigitalOcean VPS as a hub/gateway to transmit data between these nodes. I have a consistent issue when running large backups or transfers in which DigitalOcean flags my server for a DDOS attack and sends traffic to a black hole for 3-4 hours. Customer support has been the absolute worst and does fuck all to help remedy the situation in any way. These events have been consistent over the past 8 months. Does anybody have recommendations for a solid VPS provider? Price isn’t too much of a factor. I was running a $8/month server but I don’t mind something more expensive if the company has a good reputation for reliability and privacy. As mentioned, I primarily use a VPS as a gateway/hub for file transfer services. I’m also hoping to spin up another VPS for static websites.

Self Hosted - Self-hosting your services. brownmustardminion • 9 months ago • 100%

Some background: - have a poweredge r320 on battery backup (basic APC unit) - have unifi dream machine - poweredge powers down automatically if power goes out What's the safest way to allow myself to power on the server in the event it shuts down while I'm not home? I figure since I have remote access to my UDM, perhaps there's a command I can execute from there to power it on? My fear is using a method that provides more than just poweron commands remotely. I want to keep the server attack vectors down.

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ brownmustardminion • 9 months ago • 100%

I’m looking for digital, preferably pdf, versions of the magazines “American Cinematographer”. Any clue where I might find them?