Elvith Ma'for

Former Reddfugee, found a new home on feddit.de. Server errors made me switch to discuss.tchncs.de. Now finally @ home on feddit.org.

Likes music, tech, programming, board games and video games. Oh… and coffee, lots of coffee!

I � Unicode!

  • 0 Posts
  • 83 Comments
Joined 9 months ago
Cake day: June 21st, 2024
  • Elvith Ma'for@feddit.orgtolinuxmemes@lemmy.worldLinux is too hard
    10·
    2 days ago

    I’m currently trying to migrate my stack on my VPS from docker to podman. Bonus points if I get it running rootless.

    Somehow, podman compose just wouldn’t work with my existing docker compose file. I quickly found out that podman has many options, but quadlets are preferred. It took me a while to understand what they even are and their concept. I did get the idea and the concept from the docs, but everything else was demonstrating how to set up a very simple one (think a hello world container). Or I found some blog posts with ready made complex examples for some random stacks that were way over my head. But a simple tutorial on how to map the fields/parts of a docker compose to a .container, .network or .volume file for my stack consisting of several containers in a few networks with a reverse proxy in front of it? Nope.

    I’m the end I found podlet and used that to convert a docker-compose. While the result wasn’t completely working (e.g. a problem with some environment vars that got passed and switched in a few “layers” that podlet understandably messed up), it was enough to understand all of it with the docs and complete the quadlet. Now I just need to experiment with the rootless part.

    Currently, my first and foremost pet peeve is, that different distros use different approaches and utilities, but many blog posts or guides don’t tell you what distro they’re for. If you google the problem and find the fourth guide on how to solve it and realize halfway through, that it’s again e.g. for Debian based systems, while you’re running on SUSE or RedHat or Arch or… can be very frustrating.

  • Elvith Ma'for@feddit.orgtoGames@lemmy.worldGOG seems to be considering paid membership optionEnglish
    11·
    2 days ago

    I also got this survey and I had the same feeling. It felt more like a patron for their game preservation program with possible features like a members-only-community, interviews or documentation about the preserved games, their publishers/studios and the efforts to keep them running or some kind of loyalty rewards/discount coupons. Maybe even ‘special builds’ like ‘experience the OG version 1.0 of $game’.

    There was one option, that I interpreted like ‘maybe we will put future compatibility updates after purchase (e.g. supporting Windows 12 or whatever) behind the membership’ - but that’s purely my interpretation of a single bullet point style line in that whole several page long survey

  • Elvith Ma'for@feddit.orgtoSelfhosted@lemmy.worldDo I really need a firewall for my server?English
    32·
    9 days ago

    If done correctly, those may only be open from the internet, but not from the local network. While SSH may only be available from your local network - or maybe only by the fixed IP of your PC. Other services may only be reachable, when coming from the correct VLAN (assuming you did segment your home network). Maybe your server can only access the internet, but not to the home network, so that an attacker has a harder time spreading into your home network (note: that’s only really meaningful, if it’s not a software firewall on that same server…)

  • Elvith Ma'for@feddit.orgtoSelfhosted@lemmy.worldDo I really need a firewall for my server?English
    111·
    9 days ago

    Instead of thinking with layers, you should use think of Swiss cheese. Each slice of cheese has some holes - think of weaknesses in the defense (or intentional holes as you need a way to connect to the target legitimately). Putting several slices back to back (in random order and orientation) means that the way to penetrate all layers is not a simple straight way, but that you need to work around each layer.

  • Elvith Ma'for@feddit.orgtoSelfhosted@lemmy.worldWhat does the 3-2-1 rule look like for you?English
    1·
    1 month ago
    • Daily incremental (and occasionally full) backup to an external HDD - a full image of my PCs, so that I should be able to restore anything back to what it was in the last ~14 days, assuming no ransomware or fire or…
    • All the data I care about gets synced to my Nextcloud (VPS, not home lab) - somewhat ransomware protected as I could restore VPS backups independently from my PC.
    • Most precious data (mostly photos) gets backed up regularly to an encrypted zip file and then gets send to a glacier tier S3 bucket. Some manual retention is done on the zip file level, so that I can get a tad older backup restored.
    • At least monthly a full backup image of my PCs is created on a separate external HDD which is not stored at home, but in a place I could access 24/7 if I really needed to restore something fast.

    Phones, etc? Just sync to the mentioned Nextcloud, PC downloads from there and everything gets then into the aforementioned backups.

    Homeserver? See “PC” above. With the caveat that some VMs/containers are not in the backup cycle, as they do not store any valuable data besides temp files, etc. For these, only things like docker compose files, custom config, ansible playbooks,… are in my backup.