If not for political reasons then why limit first version to Google/GitHub rather than starting with generic OIDC (which should include those two anyway)?

We also took your feedback seriously and we are now implementing proper sign-in options like: Google GitHub (and more coming later)

Sounds like you have a stable life and infra needs and either very lucky or really good with backups and keeping secondaries around. Good on you.

The advantage to using something like terraform is repeatability, reliability across environments and roll-backs.

Very valuable things for a stress-free life, especially if this is for more than just entertainment and gimmicks.

I’d rather stare at the terminal screen for many hours of my choosing than suddenly having to do it at a bad time for one… 2… 3… (oh god damn the networking was relying on having changed that weird undocumented parameter i forgot about years ago wasnt it) hours. Oh, and a 0-day just dropped for that service you’re running running on the net. That you built from source (or worse, got from an upstream that is now mia). Better upgrade fast and reboot for that new kern… She won’t boot again. The bootdrive really had to crap out right now didn’t it? Do we install everything from scratch, start Frankensteining or just bring out the scotch at this point?

Also been at this for a while. I never regretted putting anything as infra-as-code or config management. Plenty of times I wish I had. But yeah, complexity can be insiduous. Going for High Availability and container cluster service mesh across the board was probably a mistake on the other hand…

NFS works great for media files and stuff but be careful and know what you are doing before you go put database storage on it.

One way to go about the network security aspect:

Make a separate LAN(optionally: VLAN) for your internals of hosted services. Separate from the one you use to access internet and use with your main computer. At start this LAN will probably only have two machines (three if you bring the NAS into the picture separately from JF)

• The server running Jellyfin. Not connected to your main network or internet.

• A “bastion host” which has at least two network interfaces: One connected outwards and one inwards. This is not a router (no IP forwarding) and should be separate from your main router. This is the bridge. Here you can run (optional) VPN gateway, SSH server. And also an HTTP reverse proxy to expose Jellyfin to outside world. If you have things on the inside that need to reach out (like package updates) you can have an HTTP forward proxy for that.

When it’s just two machines you can connect them directly with LAN cable, when you have more you add a cheap network switch.

If you don’t have enough hardware to split machines up like this you can do similar things with VMs on one box but that’s a lot of extra complexity for beginners and you probably have enough of new things to familiarize yourself with as it is. Separating physically instead of virtually is a lot simpler to understand and also more secure.

I recommend firewalld for system firewall.

I do not ask you to read?

So that’s the mistake I made and the important part. Thanks for clarifying.

I still feel misled that it’s labelled as somehing it isn’t (“my reasoning”).

It is indeed with the help of llm. But reasoning is still solid and very curated.

It isn’t your reasoning and promoting it as such when asking us to read doesn’t feel honest at all.

Try answering the questions I asked for yourself and see if anything comes up!

Linux MATE desktop is pretty established and I think has a similar audience. Pretty confusing name choice… “want to install mate on linux? Try linuxmate (no relation)”

BTW are those actually your reasonings on the blog as you say? It reads very LLMy.

What makes you suspect the Nginx config instead of Lemmy? Do you have any failing requests (timeout or statuscode >= 400) in nginx log? What are the failing endpoints?

Both can be true.

I think such character assessment and calling names is unnecessary and off-topic here though. Better engage with substance than judging by vibes and doing ad-hominem.

Called it.

https://feddit.online/post/1372107/comment/6758185

No one listen grug til chicken come to roost

I guess they now have large enough number of users that it would be wise to shift some focus to supply-chain security from growth-hacking.

This is growing pains.

Cool! Keeping up with platform changes is a challenge for projects like this. I think to be successful beyond initial popularity you need an active community that can do this together. It’s draining for just one person - especially once you get big enough that they might actively break things just to mess with your integration. Following maintenance of alternative YouTube clients as well as searx-ng is illustrative.

Not to discourage but be prepared. Best of luck!

https://cadence.moe/blog/2022-09-01-discontinuing-bibliogram

deleted by creator

Just to rule it out (wouldn’t be the case on default debian):

Is SELinux enabled? sudo getenforce (if command missing or false, it’s not your problem here)

You are not running with podman as compose backend? sudo systemctl status podman shouldn’t show an active service unless you use it.

It was certainly not intended as a character assessment and it’s unfortunate you took it that way. I’m talking about how the release notes (and in passing your post) were written and not about you as a person or maintainer, or even the project itself.

I do hold release notes of a public project with thousands of users to a different standard than anon lemmy.world comments in a feedback thread. Is that interesting or surprising?

I believe there was actionable feedback given. You are of course free to dismiss it.

Maybe I don’t understand the use case for bentopdf, and considering how popular it is, that is likely true

Especially in this day and age, be careful with believing something is right (or even popular) just becuse it looks popular. Talking about generalities of gameable metrics and the cognitive pattern, not to dunk on the project apart from their communications doing the same mistake.

It’s not as much the general style as the particular contents of this release. Your previous release notes did not give the bad impression this one does. Since you did ask for any feedback I let you know why I am now less likely to use or recommend the tool compared to before. The amount of text and emojis spent begging for TrustPilot reviews also contributes.

FWIW, netstat is considered legacy and deprecated. The in-vogue way to do the same thing is ss -lpn | grep 8080.

netstat like ifconfig still works and is shipped in the net-tools package if you like it but if you’re learning it’s better to build a habit with ss and ip right away.

https://arturogl.com/2023/10/18/linux-new-tools-replacing-netstat/