I don’t think they mentioned ecological benefits, but accelerating and braking is a lot more inefficient than driving a constant speed. And since there’s no way you’ll be able to sustain any speed higher than 30 in most city areas in Ireland it makes sense.
While YUNO is a great way to get started, I strongly encourage you to understand basic concepts, like docker, and maybe try to run something outside of it for fun. While not even remotely the same thing since YUNO is just the OS and “app store”, you would be very similarly tied to that ecosystem the same way you are to Google now. Not to mean that YUNO would have any control over your stuff, but you would be dependent on them for what you can self host.
Ok, so, there are multiple things you should be aware.
First of all you’ve set that DNS to be 10.0.0.41, that range of IPs is reserved for lan, similar to 192.168.0.41 would be. Only people in the same local network as you might be able to access it.
Also, usually your home router doesn’t use the 10.x.x.x range, but some ISPs might do it in their internal network, which means your router doesn’t get an internet IP, instead your ISP router does and it shares the same external IP with different houses, so you would need to use something like https://www.whatsmyip.org/ to know what your external IP is.
But there’s more, since you don’t control that router putting that external IP in the DNS won’t work either.
You need to do something more complicated, I recommend you read on cloud flare tunnels for example.
And one final piece of advice, don’t share your urls with randoms on the internet, security by obscurity is not security and all, but publicly advertising your url is asking for trouble, even without doing that you will see several attempts of logging into your servers constantly.
No, it also wasn’t communist so not sure what’s your point.
On paper I should love Authelia, I’m a sucker for y’all configured services, I can write a couple of files on my Ansible and boom, everything works… However I never had much luck setting Authelia up, Authentik on the other hand was very painless (albeit) manual (via UI) configuration. I don’t do anything crazy, so any of them would work for me though, I just failed on setting Authelia and tried Authentik and had had no reason to change.
What problem are you having? Docker is very straightforward, just copy the compose file and run a command.
Kodi is a graphical app, like Firefox, so you won’t use docker for it.
My point is that of those 120 probably 110 have never been compromised nor forced you to change the password due to expiration policies. The remaining 10 are the ones that require some mental gymnastics, so while the problem exists it’s not as serious as it sounds. I probably have more than 120 identities using this method since I’ve been using it for years, and I don’t think I ever had to use the counter, it’s a matter of being consistent in how you think about websites, for example if you know how you refer to a site slugify it and use that for the field, so you would use spotify, netflix, amazon-prime.
Yup, but most of that is easily solvable by being consistent, e.g. always use lowercase and your email (even if it’s not the login for that site). But yes, you need to know to be consistent so it’s a good point to make.
I noticed that my Ansible playbook failed to do a docker pull on readarr, I just commented it and was going to investigate further today. This sucks, especially because rreading-glasses did in fact completely solve the issue they’re facing. Not sure why they didn’t consider migrating to it officially, it’s only a config change.
It’s strange how I never see this mentioned anywhere, but there’s a way to get unique secure passwords for every site/app without needing to store them anywhere. It’s called LessPass, and essentially generates passwords based on 3 fields (site, username, master password) and works relatively well, because the advantages are quite obvious I’ll list the potential downsides:
Another vote for Silverbullet, it allows you to write your code blocks in a certain manner that you can query them, so it suits very well the use case.
I had that same problem, then I saw some YouTube videos where the guy recommended using Ansible to do stuff and it’s been night and day, not only it’s reproducible so if I ever want to move a service to another machine all I have to do is move a couple of roles around and possibly copy stuff over to keep the data but also it acts as documentation, because if I ever forget something I can look at the code.
Also I decided to write the roles myself instead of relying on pre-existing ones, so there’s some logic to how my stuff gets deployed and it’s easy to extend for any new stuff I want to add.
Depends on what you want the server to do. A Minecraft server and a Pihole server have vastly different requirements. As a general rule, any old laptop or desktop will do, think on requirements for your grandma and that should cover most (except gaming servers) needs.
It’s not. Imagine Immich required library X to be at Y version, but another service on the server requires it to be at Z version. That will be a PitA to maintain, not to mention that getting a service to run at all can be difficult due to a multitude of reasons in which your system is different from the one where it was developed so it might just not work because it makes certain assumptions about where certain stuff will be or what APIs are available.
Docker eliminates all of those issues because it’s a reproducible environment, so if it runs on one system it runs on another. There’s a lot of value in that, and I’m not sure which resource you think is being wasted, but docker is almost seamless without not much overhead, where you won’t feel it even on a raspberry pi zero.
There are two ends here, as a user and as a developer. As a user Docker images just work, so you solve almost every problem you’re having which would be your users having them and giving up on using your software.
Then as a developer docker can get complicated, because you need to build a “system” from scratch to run your program. If you’re using an unstable 3d party package or missing packages it means that those problems would be happening in the deploy servers instead of your local machines, and each server would have its own set of problems due to which packages they didn’t have or had the wrong version, and in fixing that for your service you might be breaking other service already running there.
I tried Tandoor and Mealie. Currently I use Mealie because Tandoor crapped it’s pants on me and I lost everything I had there, Mealie is simpler and allows export/import to JSON or similar so I can keep a backup that can be converted into any other format I want to.
That being said I don’t use the list feature, and we use Bring at home, so KitchenOwl mentioned here also seems like a good idea for lists and I might check it out.
You still need a GPU, otherwise your CPU is wasting precious operations drawing the screen instead of simulating dwarves.
Lots of questions, let’s take it one step at a time. You have a domain, now you can point it to your public IP, so that whenever someone tries to access example.com they ask their DNS server and it replies with 10.172.172.172 (which btw is not a valid public IP). Now that request will hit your router, you need to configure your router to redirect ports 80 and 443 to 192.168.200.101, that way the request to example.com gets to your local machine.
Ok, so now you need your local machine to reply on that port, I recommend using Caddy it’s very easy to setup, but NGIX is the more traditional approach. A simple Caddy config would look like:
example.com {
respond "Hello"
}
jellyfin.example.com {
handle {
reverse_proxy http://192.168.200.101:1020/
}
}
So after the request reaches Caddy it will see that the person tried to access, example.com and respond with a “Hello”.
If instead you had tried jellyfin.example.com the DNS would have sent you to 10.172.172.172, your router would send that to 192.168.200.101, Caddy would then send it to 192.168.200.101:1020, which is Jellyfin so that would get returned.
There are some improvements that can be made, for example if both caddy and Jellyfin are docker you can share a network between them so Jellyfin is only exposed through caddy. Another possibly good idea is to add some authentication service like Authelia or Authentik to harden stuff a little bit. Also as you might have noticed Caddy can forward stuff to other computers, so you can have one machine on your network exposing multiple services on multiple machines.
Ansible.
I use docker for most of the services and Ansible to configure them. In the future I’ll migrate the server system to NixOS and might slowly migrate my Ansible to NixOS, but for the time being Ansible is working with relative ease.