There have been multiple accounts created with the sole purpose of posting advertisement posts or replies containing unsolicited advertising.

Accounts which solely post advertisements, or persistently post them may be terminated.

@green_dot@le.fduck.net cover
@green_dot@le.fduck.net avatar

green_dot

@[email protected]

This profile is from a federated server and may be incomplete. Browse more on the original instance.

green_dot ,
@green_dot@le.fduck.net avatar

I was hit aggressively by HC sales team last year, we are using TF and Vault, and were looking to add consul, now it is pretty vauge how it will all pan put

[Rant] I swear to fucking god. Windows is harder to use than Linux. Have any of you ever USED Windows lately? Holy fuck.

I’m helping a family member build a pc. He wanted to use Windows because “Linux can’t play games” despite me having a perfectly good gaming laptop running Linux that runs all my games, even graphically intensive ones....

green_dot ,
@green_dot@le.fduck.net avatar

I use windows for 2 things - personal pc to play games, work laptop dualboot for excel usage if some super old messy sheets. everything else linux.

green_dot ,
@green_dot@le.fduck.net avatar

use dpkg -r to remove the packages:

openjdk-17-jre-headless:amd64 openjdk-17-jre:amd64 default-jre minecraft-launcher geogebra

Then install minecraft-launcher and see what it says. might be that openjdk is clashing with default-java.

my 2 cents just on this…

green_dot ,
@green_dot@le.fduck.net avatar

I’m using usenet.farm, works well

green_dot ,
@green_dot@le.fduck.net avatar

Check netmaker for wireguard vpn if you want a ui, but its straightforward to set it up manually.

green_dot ,
@green_dot@le.fduck.net avatar

I’d say, what kind of security are you talking about? Apart from standard HTTPS to keep things encrypted, there are other layers if you want to keep your service exposed to the internet.

Also how things are installed and if they are correct, proper file permissions. nothing different than having it on the server somewhere. You just need to keep thing up to date and you’ll be fine.

r/selfhosted is still rising, WTF? Come to Lemmy!!!

Hi all! I used to be a daily r/selfhosted lurker and a bit active user. Since the Reddit saga I thought that r/selfhosted would be one of the first and bigger community to move to Lemmy due to the IT knowledge of all of their users and the sensitivity about self host/privacy/open source, but I see that not only the community is...

green_dot ,
@green_dot@le.fduck.net avatar

I like it here on Lemmy as there are quality talks from people and not too much circlejerking same concepts around. I actually like going trough here.

green_dot ,
@green_dot@le.fduck.net avatar

About 6 year uptime on one machine before we shut it down and relocated.

green_dot ,
@green_dot@le.fduck.net avatar

What would be a benefit to run k8s at home, apart from bit dealing with it, compared to docker-compose on a single or two nodes? or docker swarm? Unless there is a big load of services that are selfhosted, which I get, and the autohealing from k8s as the orchestrator.

Just courious, not taking a swing. Thanks!

green_dot ,
@green_dot@le.fduck.net avatar

Thanks for the reply, flux is pretty good, I’m using ArgoCD, but both are basically following gitops priciples.

I might give k3s a look and see how ot all work together.

green_dot ,
@green_dot@le.fduck.net avatar

Best option is to directly NAT traffic from VPS to your home server, either directly to your IP or set up a wireguard peer and send traffic via wireguard to your local and do the SSL/TLS termination on your local.

You are best exposing just 443 port on the VPS and moving that traffic over wireguard. Server will have your local public key on the server, and you could implement a wireguard key rotation to change them frequently.

Traffic sent back will be encrypted with the certificate, and even if they get the wireguard server key, you can rotate it, but still they will see encrypted packets.

It depends what kind of things you’re doing on your local. If it is just a website thing, then reverse proxy is fine. Anything other than that, NAT would be cleanest one.

LUKS on the disks would encrypt it the data on the block storage level, and, in theory, they should not have a way of reding block storage files directly. But since it is a VPS they can, technically, gather data from host memory.

Next step might be going down a dedi server route, Luks encryption on disks. Only thing thats needed there would be sufficient network pipe.

Anyone hosting Lemmy and Mastodon on the same server?

I have Mastodon running on a VPS running Debian 11. Now I would like to add a Lemmy instance on the same server. I tried using the from scratch method from Lemmy documentation, but ran into errors that likely stemmed from minor version incompatibilities of the dependencies. I tried using the Lemmy easy deploy script but it wants...

green_dot ,
@green_dot@le.fduck.net avatar

I’m running both, via docker.

Here’s the basic setup:

NGiNX is standard installation, using certbot to manage the SSL certificates for the domains. Setup is via Nginx virtual hosts (servers), separate for Lemmy and Mastodon. Lemmy and Mastodon run each in their Docker containers, with different listning ports on localhost.

<pre style="background-color:#ffffff;">
<span style="color:#323232;">                  lemmy.domain.tld+------------------------+
</span><span style="color:#323232;">               +------------------+                        |
</span><span style="color:#323232;">               |                  |         Lemmy          |
</span><span style="color:#323232;">               |                  |         127.0.0.1:3000 |
</span><span style="color:#323232;">               |                  +------------------------+
</span><span style="color:#323232;">               |
</span><span style="color:#323232;">+--------------+----+
</span><span style="color:#323232;">|NGiNX with SSL     |   mastodon.domain.tld
</span><span style="color:#323232;">|and separate VHOSTS+--------------+-----------------------+
</span><span style="color:#323232;">|                   |              |          Mastodon     |
</span><span style="color:#323232;">+-------------------+              |          127.0.0.1:3001
</span><span style="color:#323232;">                                   +------------------------
</span><span style="color:#323232;">
</span>
green_dot ,
@green_dot@le.fduck.net avatar

I tried it, its great if you want to get started. or you want to run a vpn on a server that doesnt support wireguard. My main gripe with the client is that it can’t do high speeds, it’s just too cpu bound. Like going close to a gigabit transfer.

With wireguard I was able to get to 98% gigabit transfer. It was fine for a month I was using it, in the end I just setup a wireguard mesh with Netmaker.

There is headscale where you can run your own hosted central server, so you’re not using the tailscale one.

In the end netmaker did what I wanted, however they tend to introduce bit of changes in their releases, so if you’re not super technical it might pose a challenege with upgrading until they reach a super stable version. Like jump from 0.10.X to 0.20 had some big changes for the whole netmaker internals. Bit that does not impact wireguard connectivity.

green_dot ,
@green_dot@le.fduck.net avatar

I installed it yesterday, I’m using kitty as default one, and noticed its just better in displaying colors. They kinda have a bit of more depth there. Any other cool uses of wezterm that you might recommend? Thanks!

green_dot ,
@green_dot@le.fduck.net avatar

Oh that is sweet, I’ll look into it. Thanks!

green_dot ,
@green_dot@le.fduck.net avatar

Same here. There are few other apps than Jeroba (Click for lemmy, Liftoff, WefWef) that you could give a go.

But, if you give it time, and especially as “early” adopters of the fediverse, it will only grow and get better.

green_dot ,
@green_dot@le.fduck.net avatar

Yes, very active, there is the tag there where you can find people (and people find you).

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • lifeLocal
  • goranko
  • All magazines
    •