DeltaTangoLima

DeltaTangoLima , 3 days ago

The first time or the second time?

The first time was because I was sick of paying the "Australia tax" for new releases that took longer to reach us than most of the rest of the world. The second time was due to subscription fee hikes with associated reduction in quality & range of content.

DeltaTangoLima , 3 days ago

this isn’t reddit.

Correct, hence downvoting here is meaningless.

DeltaTangoLima , 6 days ago

increasingly uncomfortable with paying forever

And paying more and more as time goes on. The thing that shits me the most is the increased prices but decreased range/quality of content. That's clearly not a business model aimed at customer satisfaction.

DeltaTangoLima , 6 days ago

Dat port number in the compose file

DeltaTangoLima , 5 days ago

I just wish Smarttube would support Piped instances - that would 100% complete the puzzle for me. Being able to use Piped on my streaming stick.

DeltaTangoLima , 12 days ago

I use Home Assistant, and install that on all my old, re-purposed smartphones (usually as cheap CCTV). Each phone is plugged into a smart power socket.

I then use automation to turn a phone's charger off when it hits 80%, then back on when it reaches 50%. No overcharging, no overheating, and actually helps keep the batteries in good shape.

DeltaTangoLima , 12 days ago

I already use Home Assistant for a number of other things, so not really complex. Also, you're assuming Android only.

DeltaTangoLima , 12 days ago

For my wife, I have a separate library folder, mapped to just her account in Plex. It doesn't appear in my library at all, so I don't really care. Even better, I've spun up an Overseerr instance for her, so she can just search and auto-add anything she wants for herself.

DeltaTangoLima , 12 days ago

Depending on the local climate, yes - evap cooling is typically the go. The data centres I work in here in Melbourne use evap free cooling (EFC).

For much of the year, due to our temperate climate, the cooling simply uses (filtered) outside air. During bouts of warmer weather (typically 29C+), we use evaporative cooling. Waste water from the EFCs is discharged into storm water drainage, and reported to our local water authority for billing.

DeltaTangoLima , 11 days ago

An excellent question, that I suspect the answer to will vary in many jurisdictions.

We do re-use the water we use in our EFCs, but only a limited number of times. After a specified number of uses, local regulations require that we discharge it into storm water, to mitigate against the risk of things like legionella and other potentially deadly airborne bacteria.

We’re also required to test and treat all stored water monthly.

DeltaTangoLima , 20 days ago

• Phone: yoda
• Desktop: bb8
• Firewall: c3po
• Switch: macewindu
• NASes:
  • anakin
  • r2d2
• Wireless APs:
  • biggs
  • garven
  • poe
  • typho
  • thane
  • wedge (virtual controller)
• Proxmox nodes:
  • chewy
  • hansolo
  • obiwan
• Raspberry PIs:
  • bobafett
  • lando
  • jangofett
  • quigon
  • rey
  • finn

DeltaTangoLima , 25 days ago (edited 25 days ago)

Not heaps, although I should probably do more than I do. Generally speaking, on Saturday mornings:

• Between 2am-4am, Watchtower on all my docker hosts pulls updated images for my containers, and notifies me via Slack then, over coffee when I get up:
  • For containers I don't care about, Watchtower auto-updates them as well, at which point I simply check the service is running and purge the old images
  • For mission-critical containers (Pi-hole, Home Assistant, etc), I manually update the containers and verify functionality, before purging old images
• I then check for updates on my OPNsense firewall, and do a controlled update if required (needs me to jump onto a specific wireless SSID to be able to do so)
• Finally, my two internet-facing hosts (Nginx reverse proxy and Wireguard VPN server) auto-update their OS and packages using unattended-upgrades, so I test inbound functionality on those

---

What I still want to do is develop some Ansible playbooks to deploy unattended-upgrades across my fleet (~40ish Debian/docker LXCs). I fear I have some tech debt growing on those hosts, but have fallen into the convenient trap of knowing my internet-facing gear is the always up to date, and I can be lazy about the rest.

DeltaTangoLima , 25 days ago

It's not just about data hoarding, though. It's also about a social media company having considerable influence over the messaging seen by a very large part of the voting population.

Yes, it's no different to other social media companies, but with one exception: the company in question is subject to the whims of the Chinese government. Something the US government is clearly fearful of.

DeltaTangoLima , 25 days ago

Yep, agreed, but at least the government of the day can try and reign them in with legislation and regulation. Not saying they are (or will), but they'd have the option, if they had the balls to do it.

DeltaTangoLima , 26 days ago

It all comes down to what you trust each type of device to do and how you want to handle their traffic.

I have seven VLANs, with each one's traffic being treated very specifically. The subnets for each VLAN route to specific interfaces on a virtualised OPNsense firewall, which is where my traffic handling and policy enforcement takes place.

Also remember VLANs are just plain useful for segregating traffic, particularly broadcast traffic, without having to invest in separate switching/routing for each subnet. Having a single managed switch that limits the broadcast domains for you is a really efficient way to (physically) setup your network.

DeltaTangoLima , 26 days ago

Yeah, 100% agree on the client devices. One of my VLANs is for the kids' devices. I don't trust their schools' admins or their shitty BYOD policies, so I just let them access Plex (via Nginx reverse proxy); Pi-hole, and the internet.

DeltaTangoLima , 26 days ago

Believe it or not, a Netgear. Specifically this one. I don't have any fibre connected gear (yet!) and 180W of PoE+ was more than enough for my few PoE cameras and WAPs.

DeltaTangoLima , 1 month ago

After 10 years on Android, I just switched back. Because I admire Apple's commitment to privacy, and simply don't trust Google any more.

DeltaTangoLima , 1 month ago (edited 1 month ago)

I need to use my phone for work, which means I can’t use custom ROMs due to our BYOD policies.

For me, iOS is still by far the better option, especially as I use privacy-respecting apps and services (Firefox, self-hosted Immich, etc).

DeltaTangoLima , 1 month ago

I have an always-on Wireguard VPN, and use my Piholes at home. So far, so good!

DeltaTangoLima , 1 month ago

Yep - not sure what point you're making, though?

A commercial use is one primarily intended for commercial advantage or monetary compensation

My phone isn't used "primarily for commercial advantage or monetary compensation". It's my own phone that my company reimburses me some of the monthly cost of running, for being able to use it to contact me.

DeltaTangoLima , 1 month ago

Yep. I get all that, but that’s not an option with my employer.

I’m comfortable with the separation I have, and iOS is key to part of that satisfaction.

DeltaTangoLima , 1 month ago

Interesting (kinda) coincidence. I've just switched from Android back to iPhone, after about 10 years away from the platform.

But I use an always-on Wireguard VPN back to my home network, with my DNS set to my Pi-hole servers and my firewall rules blocking access to all external DNS servers, except from my Pi-holes for upstream resolution.

I'm yet to do some p-caps to see what I'm missing in this setup - while I'm confident it did a great job of protecting me from a lot of Google's data-harvesting shenanigans, I'm yet to investigate what I need to do to achieve a similar outcome for my iPhone.

DeltaTangoLima , 1 month ago

if you disable “Allow Apps to Request to Track”, it prevents non-Apple apps from tracking entirely cross-site/apps.

Thanks for that - great tip for new players.

DeltaTangoLima , 1 month ago

I haven't gone into detail on this, but I suspect some shiny-suited, greasy-haired wanker lawyer has been able to make a case that things like site-specific CSS classes and the like can somehow be covered by DMCA.

I'm 100% speculating (not American, not a lawyer) but it's more than URIs and Javascript, is what I'm saying.

DeltaTangoLima , 1 month ago

Thanks for the share - have grabbed the latest Firefox repo for my private Forgejo.

DeltaTangoLima , 1 month ago

I use Nginx Proxy Manager and Authelia for just this. Authelia supports a wide range of identity and MFA providers.

Edit: although Authelia has an article on how to set it up, I found it still missed some key info. This article was the one that helped me most in getting it to work.

DeltaTangoLima , 1 month ago

I run Proxmox with a few nodes, and each of my services are (usually) dockerized, each running in a Proxmox Linux container.

As I like to keep things segregated as much as possible, I really only have one shared Postgres, for the stuff I don't really care about (ie. if it goes down, I honestly don't care about the services it takes with it, or the time it'll take me to get them back).

My main Postgres instances are below - there's probably others, but these are the ones I backup religiously, and test the backups frequently.

1. RADIUS database: for wireless auth
2. paperless-ngx: document management indexing & data
3. Immich: because Immich has a very specific set of Postgres requirements
4. Shared: 2 x Sonarr, 3 x Radarr, 1 x Lidarr, a few others

DeltaTangoLima , 1 month ago (edited 1 month ago)

This dual-port charger can only output 45W of power when using one port at a time, with the output halved at 22W to each device when plugging in two simultaneously.

Yes. That's literally how max power ratings on devices like this work. And, to be that guy, even when plugging in two devices and getting 22.5W on each socket, the charger is still outputting 45W.

This feels like a paid advert written by Ikea's press department - not The Verge itself.

DeltaTangoLima , 1 month ago

Thunderbolt v3 handles up to 100W. I have a 90W USB-C port on one of my monitors for just that purpose.

Edit: lol. I see my mistake. Edited. I deal in kW and MW for my job. I'll call it muscle memory.

DeltaTangoLima , 1 month ago

Lol. The perils of replying to Lemmy posts while in work mode.

Helluva Thunderbolt cable, eh?

DeltaTangoLima , 2 months ago

If feel this is (unintentionally) stretching the use of the word cyberattack. Rightly or wrongly, most people consider a cyberattack a form of hacking/attack that's executed via a network or the internet.

I know its true definition any form of attack against data, network, or computing device (including smartphones), but this headline could easily lead people to think their phones could be set on fire by some anonymous l337 hAx0r over the internet.

While technically true, it requires physical exploit first.

DeltaTangoLima , 2 months ago

Is that the one started by the bloke on YouTube - Jerry Rig Everything?

DeltaTangoLima , 2 months ago

It's a bullshit headline. The real benefit is quicker access to new, native features in the OS. So, for that reason, I'm happy they're making the move. But making it about how a utility product looks just seems... unimportant to me.

¯\_(ツ)_/¯

DeltaTangoLima , 2 months ago

If you're starved for RAM, there's nothing wrong with a shared instance, as long as you're aware of the risk of that single instance bringing down multiple services.

I run a three node Proxmox cluster, and two nodes have 80GB RAM each, so my situation is very different to yours. So, I have four Postgres instances:

1. Mission critical: pretty much my RADIUS database, for wireless auth and not much else (yet)
2. Important: paperless-ngx, and other similarly important services
3. Immich: because Immich has a very specific set of Postgres requirements
4. Meh: 2 x Sonarr, 3 x Radarr, 1 x Lidarr (not fussed if this instances goes down and takes all of those services with it)

DeltaTangoLima , 2 months ago

Lol - Immich is one of those stacks that I let Watchtower auto-upgrade. I don't consider it mission critical if it breaks and it takes me a day or so to notice it (all my photos and videos are also backed up using Syncthing).

I've gotten used to just going to the repo if the error message for the container doesn't immediately lead me to the fix.

DeltaTangoLima , 2 months ago

Each to their own. Immich devs themselves strongly recommend not relying on Immich as a backup solution.

I don't, therefore I don't consider it critical enough to worry about.

DeltaTangoLima , 3 months ago (edited 3 months ago)

OK - count me as another convert to Heliboard. This is what I hoped Openboard would achieve. Awesome.

DeltaTangoLima , 3 months ago

I use rclone, with encryption, to S3. I have close to 3TB of personal data backed up to S3 this way - photos, videos, paperless-ngx (files and database).

Only readable if you have the passwords configured on my singular backup host (a RasPi), or stored in Bitwarden.

DeltaTangoLima , 3 months ago

Backblaze don't have a POP in my country, unfortunately.

DeltaTangoLima , 3 months ago

10 (11?). You shall put critical thinking before assumption; empathy before judgment.

6. s/food/[food/coffee/beer]/

DeltaTangoLima , 3 months ago

Tossing in my vote for Proxmox. I'm running OPNsense as a VM without any issues. I did originally try pfSense, but didn't like it for some reason (I genuinely can't recall what it was).

Either way, Proxmox virtual networking has been relatively easy to learn.

DeltaTangoLima , 3 months ago

Might be time to look into Proxmox. There's a fun weekend project for you!

DeltaTangoLima , 3 months ago

No headaches here - running a two node cluster with about 40 LXCs, many of them using Docker, and an OPNsense VM. It's been flawless for me.

DeltaTangoLima , 3 months ago

I'm intrigued, as your recent comment history keeps taking aim at Proxmox. What did you find questionable about them? My servers boot just fine, and I haven't had any failures.

I'm not uninterested in genuinely better alternatives, but I don't have a compelling reason to go to the level of effort required to replace Proxmox.

DeltaTangoLima , 3 months ago (edited 3 months ago)

OK, I can definitely see how your professional experiences as described would lead to this amount of distrust. I work in data centres myself, so I have plenty of war stories of my own about some of the crap we've been forced to work with.

But, for my self-hosted needs, Proxmox has been an absolute boon for me (I moved to it from a pure RasPi/Docker setup about a year ago).

I'm interested in having a play with LXD/Incus, but that'll mean either finding a spare server to try it on, or unpicking a Proxmox node to do it. The former requires investment, and the latter is pretty much a one-way decision (at least, not an easy one to rollback from).

Something I need to ponder...

DeltaTangoLima , 3 months ago

Something about Magic Earth unsettles me. It appears highly polished, but free. It's not clear how they're making enough money to stay afloat.

Also, crowd-sourced realtime traffic is only as good as the crowd it's sourcing from. I'm speculating, but I somehow doubt there's a big enough crowd using Magic Earth where I am.

DeltaTangoLima , 3 months ago

Looking through the list of data collected, most of it is anonymized. For now.

What concerns me is that their privacy policy only says they'll publish variations to it on their website - no mention of proactive notification to users.

For me, that'd be a hard pass, but others might not share my concerns. It definitely looks like a nice, polished alternative to the big G.