talkingpumpkin

joined 3 years ago
[–] talkingpumpkin@lemmy.world 1 points 4 hours ago

IDK if I'd recommend this to others, but I don't trust unsupervised metadata lookup (I'm anal like that), so I lookup metadata with musicbrainz picard and then feed the files to beets only to keep my library organized.

My beets doesn't do any lookup (no lookup plugins are enabled, none_rec_action: asis, fetchart configured to only look at the local filesystem).

[–] talkingpumpkin@lemmy.world 5 points 5 hours ago* (last edited 4 hours ago)

TL:DR: the author recommends being the asshole lackey of asshole overlords

[–] talkingpumpkin@lemmy.world 38 points 14 hours ago (10 children)

If it's for recruiters, put it on github. That's the one they are most probably familiar with and you want to minimize barriers to access.

[–] talkingpumpkin@lemmy.world 3 points 2 days ago

After completing a task, my periodic scripts report success to a monitoring system (I use a foss, self-hosted on called gatus) which in turn will alert me if it doesn't receive a heartbeat every number of hours.

[–] talkingpumpkin@lemmy.world 0 points 2 days ago

The simplest (= most basic) solution would be to assign several IPs to the machine (you can add multiple on the same network interface) and have each service listen on a specific address.

[–] talkingpumpkin@lemmy.world 7 points 3 days ago (1 children)

IDK if I'll try it but... you should really change the distro's claim: "unix for human beings" sounds like the distro is an ubuntu ripoff.

[–] talkingpumpkin@lemmy.world 6 points 5 days ago* (last edited 5 days ago) (2 children)

You'll need networking basics for anything you do (there are lots of courses on youtube).

After that, you can just follow wherever you curiosity carries you :)

[–] talkingpumpkin@lemmy.world 10 points 1 week ago (1 children)

Might be that you are at the end of your distro-hopping journey, which isn't when you have found the perfect distro, but when they all start to look the same

[–] talkingpumpkin@lemmy.world 4 points 1 week ago

Err.... you write markdown and hit "preview" before posting?

Also, the edit box (PC, browser) has a question mark button that will take you to https://join-lemmy.org/docs/users/02-media.html

[–] talkingpumpkin@lemmy.world 1 points 1 week ago* (last edited 1 week ago) (1 children)

What you describe sounds like a hardware failure (one where btrfs plays no specific role).

If that's indeed the case, you can only bring the drive to a data recovery service and see what they say (if it's a spinning disk, they'll probably recover the data for an exorbitant fee, if it's an SSD idk).

PS: this is unlikely to work, but.. you can try cleaning the drive's contacts to see if it makes any difference, and also try moving the drive to a different connector (or use it on another computer)

 

Here it is https://codeberg.org/gmg/concoctions/src/branch/main/sh-scripts/nixos-rebuild

(if you try it and find any bugs, please let me know)

edit: I didn't realize the screenshot shows just instead of nixos-rebuild... that runs a script ("recipe") that calls nixos-rebuild so the output shown is from the (wrapped) nixos-rebuild

 

I'm trying to get my scripts to have precedence over the home manager stuff.

Do you happen to know how to do that?

(not sure it's relevant, but I'm using home-manager in tumbleweed, not nixos)


edit:

Thanks for the replies - I finally got time to investigate this properly so here's a few notes (hopefully useful for someone somehow).

~/.nix-profile/bin is added (prepended) to the path by the files in /nix/var/nix/profiles/default/etc/profile.d/, sourced every time my shell (fish, but it should be the same for others) starts (rg -L nix/profiles /etc 2> /dev/null for how they are sourced).

The path I set in homemanager (via home.sessionPath, which is added (prepended) to home.sessionSearchVariables.PATH) ends up in .nix-profile/etc/profile.d/hm-session-vars.sh, which is sourced via ~/.profile once per session (I think? certainly not when I start fish or bash). This may be due to how I installed home-manager... I don't recall.

So... the solution is to set the path again in my shell (possibly via programs.fish.shellInitLast - I din't check yet).

47
submitted 5 months ago* (last edited 5 months ago) by talkingpumpkin@lemmy.world to c/selfhosted@lemmy.world
 

I'd like to give my users some private network storage (private from me, ie. something encrypted at rest with keys that root cannot obtain).

Do you have any recommendations?

Ideally, it should be something where files are only decrypted on the client, but server-side decryption would be acceptable too as long as the server doesn't save the decryption keys to disk.

Before someone suggests that, I know I could just put lucks-encrypted disk images on the NAS, but I'd like the whole thing to have decent performance (the idea is to allow people to store their photos/videos, so some may have several GB of files).


edit:

Thanks everyone for your comments!

TLDR: cryfs

Turns out I was looking at the problem from the wrong point of view: I was looking at sftpgo and wondering what I could do on the server side, but you made me realise this is really a client issue (and a solved one at that).

Here's a few notes after investigating the matter:

  • The use case is exactly the same as using client-side encryption with cloud storage (dropbox and those other things we self-hoster never use).
  • As an admin I don't have to do anything to support this use case, except maybe guiding my users in choosing what solution to adopt.
  • Most of the solutions (possibly all except cryfs?) encrypt file names and contents, leaking the directory structure and file size (meaning I could pretty much guess if they are storing their photos or... unsavory movies).
  • F-droid has an Android app (called DroidFS) that support gocryptfs and cryfs

I'll recommend my users try cryfs before any other solution. Others that may be worth it looking at (in order): gocryptfs, cryptomator, securefs.

I'll recommend my users to avoid cryptomator if possible, despite its popularity: it's one of those commecrial open source projects with arbitrary limitations (5 seats, whatever that means) and may have nag screens or require people to migrate to some fork in the future.

ecryptfs is to be avoid at all costs, as it seems unamaintaned.

19
submitted 9 months ago* (last edited 9 months ago) by talkingpumpkin@lemmy.world to c/europe@feddit.org
 

Delusional.

 

A lot of selfhosted containers instructions contain volume mounts like:

docker run ...
  -v /etc/timezone:/etc/timezone:ro \
  -v /etc/localtime:/etc/localtime:ro \
  ...

but all the times I tried to skip those mounts everything seemed to work perfectly.

Are those mounts only necessary in specific cases?

PS:

Bonus question: other containers instructions say to define the TZ variable. Is that only needed when one wants a container to use a different timezone than the host?

 

Prometheus-alertmanager and graphana (especially graphana!) seem a bit too involved for monitoring my homelab (prometheus itself is fine: it does collect a lot of statistics I don't care about, but it doesn't require configuration so it doesn't bother me).

Do you know of simpler alternatives?

My goals are relatively simple:

  1. get a notification when any systemd service fails
  2. get a notification if there is not much space left on a disk
  3. get a notification if one of the above can't be determined (eg. server down, config error, ...)

Seeing graphs with basic system metrics (eg. cpu/ram usage) would be nice, but it's not super-important.

I am a dev so writing a script that checks for whatever I need is way simpler than learning/writing/testing yaml configuration (in fact, I was about to write a script to send heartbeats to something like Uptime Kuma or Tianji before I thought of asking you for a nicer solution).

view more: next ›