DevOps as a profession and software development for fun. Admin of lemmy.nrd.li and akkoma.nrd.li.
Filibuster vigilantly.
Laptops/desktopes: no real naming scheme, they use non-static DHCP leases anyway.
Physical servers: NATO phonetic alphabet. If I run out of letters something has gone terribly wrong right.
VMs: I don;t have many of these left, but they are named according to their function and then a digit in case I need more. e.g. docker1, k3s1. This does mean that I have some potential oddities like a k3s cluster with foxtrot, alpha, and k3s1 as members, but IMO that's fine and lets me easily tell if something is physical or virtual. I am considering including the physical machine name in the VM name for new things as I no longer have things set up such that machines can migrate... though I haven't made a new VM in some time.
Network equipment: Named according to location and function. e,g, rack-router, rack-10g, rack-back-1g, rack-ap, upstairs-10g, upstairs-ap. If something moves or is repurposed it is likely getting reconfigured so renaming at that point makes sense.
Quoted because those were the first paragraphs from Wikipedia, just sucked to try to credit properly on mobile.
Identified by their distinctively grotesque costumes, Gwar's core thematic and visual concept revolves around an elaborate science fiction-themed mythology which portrays the band members as barbaric interplanetary warriors, a narrative which serves as the basis for all of the band's albums, live shows and media. With over-the-top violent, sexual, and scatological humor typically incorporating social and political satire, Gwar has attracted both acclaim and controversy for its music and stage shows, the latter of which notoriously showcase enactments of graphic violence that result in the audience being sprayed with fake blood, urine, and semen. Such stagecraft regularly leads Gwar to be labeled a "shock rock" band by the media.
Tiny Desk Concerts is a video series of live concerts hosted by NPR Music at the desk of All Songs Considered host Bob Boilen in Washington, D.C.
Magic.
I switched to Fogejo just by swapping out the image. So far gitea hasn't been malicious with its trademarks now being owned by a private company, but I feel better using software that is more closely tied to a nonprofit. I see no reason to switch back.
- You host it yourself
- You can get a cool domain name
- It's pretty low maintenance
I have owned and otherwise dealt with a few different Startech 4-post open racks and have been very happy with them. I currently use one of their 25U racks for my lab, but am running out of space...
I started on Gitlab, which was a monster to run. I moved to Gitea, until the developers started doing some questionable things. Now I'm on Forgejo (a fork of Gitea).
Yeah, all I know is that I am definitely seeing images loaded in from domains other than that of my instance as I load/scroll pages, which I want to be loaded via my instance for privacy reasons.
I believe the Pictrs is a hard dependency and Lemmy just won't work without it, and there is no way to disable the caching. You can move all of the actual images to object storage as of v0.4.0 of Pictrs if that helps.
Other fediverse servers like Mastodon actually (can be configured to) proxy all remote media (for both privacy and caching reasons), so I imagine Lemmy will move that way and probably depend even more on Pictrs.
IIRC Lemmy preloads all thumbnails for posts in communities you subscribe to into pictrs to be cached for like a month or something. So, yeah...
The servers aren't even identified in the listing as R610s (or E01S
, they misread that as "EOLS"), so who knows...
Lemmy has a feature/setting called "Private instance" that I think could be used to achieve this, but I think that got broken at some point because it got tied to turning federation off... not sure what the current state is but may be worth looking into.
I switched from Plex to Jellyfin several years ago and haven't really looked back. Overall I just didn't like the direction plex kept going (pushing shit streaming services, central auth, paywalling features), and dropped it even though I grabbed a lifetime plex pass back in the day. The only thing I miss about plex was the ease of developing a custom plugin for it since you could pretty much just drop python scripts in there and have it work, though their documentation for plugin development was terrible (and I think removed from their site entirely).
I run my own for myself and some friends who don't really use it. If you are interested in doing so I say give it a shot.
I love tinc, it's so simple. I wish there were something just as easy that leveraged wireguard instead of whatever custom VPN/tunneling stuff tinc uses, as using it scares me with how seemingly little maintenance tinc gets. Like if tailscale/headscale and tinc had a baby, haha.
Is there a way to run tinc on your phone or similar? To me that's another bonus of tailscale at least.
Docker isn't super necessary, there are some scripts out there that hide a good bit of how it works like the official ansible playbook or lemmy-easy-deploy.
I use docker to easily run many pieces of software in isolation from each other, it's like VMs if you're familiar with those, but different in some key ways that don't really matter for this discussion.
I would still go with one that isn't one of the biggest. My general advice is to find one that fits the vibe you're going for, communities you're interested in (e.g. some are focused on art or cybersecurity, etc), or is somehow tied to your locality. It shouldn't matter that much, though some servers will be a little more (or less) strict with things like federation, content warnings, alt text, etc. Usually the server will have some info telling you some of this, and their admin should be linked and likely has a post or two pinned to their profile explaining some of this as well.
I am partial to kind.social, though have opted to run my own instead of joining up anywhere.
Honestly it depends on what your experience level with running software is and what you want out of it. For me things have been rather smooth sailing as I already host a number of things for myself (so know all about domains, DNS, servers, reverse proxies, docker, etc.) and I am the only one actively using my instance right now so (local or admin-level) moderation isn't really an issue either.
I am very aware of what it takes to run a small instance, you are indeed correct that domain registration is not the hardest part.
Having a "source of truth" makes many things easier but less resilient. One place to go get the latest version of something mutable. The fediverse/ActivityPub needs to get on board with some form of DID or something similar before worrying about improving the ID system (and the ID system is inherently tied to JSON-LD, so AP would need to stop using that or there would need to be a new version of it) IMO.
Lemmy Security Vulnerability - Cross-Site Scripting via post URL's.
I tried what another user reported and it worked. I submitted a github issue as the security email seems to be unmonitored based on me trying to contact it (regarding a different issue) for over a week now.
Be careful about links you click in Lemmy, I guess.
cross-posted from: https://sh.itjust.works/post/774797
What is XSS?
Cross-site scripting (XSS) is an exploit where the attacker attaches code onto a legitimate website that will execute when the victim loads the website. That malicious code can be inserted in several ways. Most popularly, it is either added to the end of a url or posted directly onto a page that displays user-generated content. In more technical terms, cross-site scripting is a client-side code injection attack. https://www.cloudflare.com/learning/security/threats/cross-site-scripting/
Impact
One-click Lemmy account compromise by social engineering us