Enough to run Chrome and 2 Electron apps!
Enough to run Chrome and 2 Electron apps!
+1 for Immich. It's the most complete and competent Google Photos replacement yet.
This here OP! ☝️
Jellyfin lets you do this easily.
Timeshift with BTRFS kicks ass. I have mine set for daily snapshots, retained for a week. Only the changes between snapshots are stored, so the extra disk usage is minimal, and easily justified by the peace of mind in case of fuck-ups or broken updates.
Just echoing what others said, Plank does not run on Wayland. You can install the "Dash to Dock" Gnome extension for a very similar experience (minus widgets). If using KDE, consider replacing Guake (which is GTK) with Yakuake (Qt).
RustDesk sort of fits the bill. It's open-source, has 2FA, can be self-hosted (but not needed), the client runs on anything, but the main issue here is that no amount of workarounds will make an untrusted machine any less untrusted, you're essentially extending the display and input from a dubious machine into your own.
If you're really worried about the security aspect, my suggestion would be to only use your phone as the client, and if you need to do anything more complex, use a Bluetooth keyboard connected to it. There are some foldable keyboards that don't take too much space and are not terrible.
Cool. Time to get ready for another round of broken extensions.
My stuff is all in docker-compose with a stack/service structure, so listing it is as simple as running tree, and reading the individual YAML files if I need in-depth details.
Go to the fstab entry for that drive and add nofail to its options.
What you want are two servers, one for each purpose. What you are proposing is very janky and will compromise the reliability of your services.
This. And I recently found out you can also use includes in compose v2.20+, so if your stack complexity demands it, you can have a small top-level docker-compose.yml with includes to smaller compose files, per service or any other criteria you want.
https://docs.docker.com/compose/multiple-compose-files/include/
O2 has an on-by-default security filter that blocks all sorts of "bad stuff". For me, it was preventing connecting to any PIA VPN servers. Ping their customer support and they can disable it for you.
I don't have the source right now, but I had the same idea not long ago, and the tl;dr is swap on a zvol is a very bad idea. If your system ever runs low on memory and actually needs to do heavy swapping, you're setting yourself up for a catastrophe.
This looks about right, I have a similar setup for unauthenticated services here, with the difference that I'm using NGINX Proxy Manager instead of Caddy. The things I would try/check are:
code.test.example.com entry to point directly to Authentik's IP and port (in other words, both entries would look the same). In the config your posted, it seems like Caddy is redirecting through itself.I have a bunch of ST6000NM0095 (which are similar specs) in my NAS, and despite already being well used when I got them, so far only one needed to be replaced in nearly 5 years of (my) usage.
My only advice with these is: if you notice a maddening noise coming from them when they're idle, update them to the latest firmware and it'll go away.
Suggest your friend to give Eturnal a try maybe. I have it running on an Oracle free tier instance, and I use it daily to have video calls with my family using Synapse/Element (and Jitsi inside Element for group calls), and it works great. The documentation is very good too.
Edit: this is my Eturnal config, for reference:
eturnal: listen: - ip: "::" port: 3478 transport: udp enable_turn: true - ip: "::" port: 3478 transport: auto enable_turn: true - ip: "::" port: 5349 transport: tls enable_turn: true realm: turn. tls_crt_file: /etc/letsencrypt/live/turn./fullchain.pem tls_key_file: /etc/letsencrypt/live/turn./privkey.pem tls_options: - no_tlsv1 - no_tlsv1_1 - cipher_server_preference
And the compose file:
services: eturnal: container_name: eturnal image: ghcr.io/processone/eturnal:latest environment: ETURNAL_RELAY_MIN_PORT: 49160 ETURNAL_RELAY_MAX_PORT: 59160 ETURNAL_RELAY_IPV4_ADDR: ETURNAL_RELAY_IPV6_ADDR: ETURNAL_SECRET: volumes: - ./eturnal.yml:/etc/eturnal.yml:ro - /etc/letsencrypt:/etc/letsencrypt:ro restart: unless-stopped read_only: true cap_drop: - ALL security_opt: - no-new-privileges:true network_mode: host
Amazing work, these look great!
+1
If they take long or don't resolve it, try the live support chat. I used the chat inside their app to request it and it was unlocked pretty much instantly.
Mine are all anime characters. Currently I have:
Running the right command on the wrong SSH session/machine.