Welcome to Incremental Social! Learn more about this project here!
Check out lemmyverse to find more communities to join from here!

timbuck2themoon

@timbuck2themoon@sh.itjust.works

This profile is from a federated server and may be incomplete. Browse more on the original instance.

timbuck2themoon ,

It really is. Like a lot of non alcoholic is crap (maybe if you're a rare drinker it's passable and unnoticeable). But Guinness 0.0 tastes very close to real Guinness. I'm not sure i could tell the difference in a blind test honestly.

timbuck2themoon ,

I've learned some Esperanto and still think the name is stupid. Make your app have a sane, pronounceable name to any old person.

timbuck2themoon ,

I haven't. The n9 with meego was amazing. The n900 too but I'm still sour thinking how great meego would be now instead of android.

timbuck2themoon ,

Official spin isn't enough. Oh no....

timbuck2themoon ,

I would agree with this. Also, compared to aves and fossify (which are both great) you keep metadata on your phone and only strip it when sharing.

timbuck2themoon ,

It's not going to be a shitshow at all. Business will mostly move to 11 whether they like it or not and consumers will just use unpatched win10. The exact same way they did with XP and the exact same way they did with 7.

It's only gonna be a shitshow if there is some earth shattering vulnerability found that a worm can exploit and even then MS would probably just push out an out of band update.

This is honestly going to be a "nothingburger."

timbuck2themoon ,

I might give this a go. Have been using bog standard ingress nginx for my k8s but have wanted to try a gateway supporting ingress product for a while.

Thanks op.

timbuck2themoon ,

Definitely interested but not sure what apps are in its app store and what osmc even is (only ever used kodi).

timbuck2themoon ,

Yep, looked more into it. Honestly it sounds great. A dedicated box AND remote with kodi and an integrated app store? I'm intrigued. Will give this os a go soon.

timbuck2themoon ,

I think you'd be better off stating people are too lazy to install Linux.

Just because they proved you completely wrong and millions of others using Linux daily prove you wrong too doesn't mean they're bringing "animosity."

Just accept the L and move on.

timbuck2themoon ,

Disagree. I've self hosted nextcloud for years without issue.

Just go with what you need. Some only need contacts and calendars, others want the whole thing.

timbuck2themoon ,

Cool. How about a repairable phone with a headphone jack? I'll be a day one buyer.

timbuck2themoon ,

It's only made worse that they are now so tied to whatever versioning they're using instead of semver.

timbuck2themoon ,

Iirc you can export everything. Most allow export of passwords of course but i think proton allows export of passkeys too.

So there's portability if they ever do disintegrate.

timbuck2themoon ,

People paying for what they use. It's that simple.

timbuck2themoon ,

Mandatory? And per month or year. Younger people might not remember but WhatsApp was $1/year (at least in the states.)

There shouldn't be anything wrong with expecting payment to pay for servers, etc. If it's free then you're the product right?

timbuck2themoon ,

Maybe. That is a one time payment but i guess they make their money on businesses. I like it but it's not the slickest app yet.

timbuck2themoon ,

I do this but sadly not viable for everyone. It is a great option though.

timbuck2themoon ,

It is. People who shit on gnome are insufferable. Just use your other de and stfu.

timbuck2themoon ,

Yes that's why the top enterprise distros all avoid systemd.

timbuck2themoon ,

Bingo.

timbuck2themoon , (edited )

Could simplify it by making a 28 block at most. That is 14 IPs per bridge which seems like way more than one would generally need anyhow.

{
  "default-address-pools": [
    { "base":"172.16.0.0/12", "size":28 },
  ]
}

Some banking apps don't appear in the Aurora Store (lemmy.ml)

This has happened a few times, but it was always related to the use of VPNs because the app is not available in the country of the server, but now, even if I disable the VPN, change the spoofing model of the smartphone, open from a direct link from the Play store (in which the app page opens, however, with almost no information,...

timbuck2themoon ,

This is usually related to the account used I've found. If one anonymous account doesn't work, log out, try another, then search again.

timbuck2themoon ,

They don't do it "senselessly"- the design clearly works for me and millions of other Gnome users.

It's fine if you don't like it but there's no need to bash clear design choices.

I don't particularly care for KDE design choices but a lot of people like it so what's it to me? I'm happy for them.

timbuck2themoon ,

Yep. I've got a test instance working with keycloak. Post up the problem you're having and i can check it against mine. I think all of it was configured via UI on both except there are two changes in the gitea config.INI that allowed that auth and auto created users if they didn't exist yet.

timbuck2themoon , (edited )

Does this do it all? It seems that it holds all your users like LDAP and can auth that way too. But it can also do simple oidc integrations too? Basically just want to see if it is the all in one. Looks like it does which is why i wonder why you use oauth2-proxy in addition.

I've otherwise been trailing keycloak/authelia as the oidc portion and lldap/freeipa as the ldap Backend that actually holds the users. Would love to simplify if possible.

timbuck2themoon ,

Awesome. Thank you.

Now to see how i make this work in k8s since they evidently mandate the cert inside instead of just allowing the ingress to have it.

timbuck2themoon ,

I could do this but sadly even just the trial did not work. I'm using podman but it gives me "invalid state" just trying to login with a user per the quickstart, etc. Can't reset the password cleanly, can't add a passkey via bitwarden, etc.

Unsure if I'm doing something wrong or if it's very alpha/beta.

timbuck2themoon , (edited ) 
0e2475ba-882a-4f61-8938-2642ca80193b WARN     │  ┝━ 🚧 [warn]: WARNING: index "displayname" Equality was not found. YOU MUST REINDEX YOUR DATABASE
0e2475ba-882a-4f61-8938-2642ca80193b WARN     │  ┝━ 🚧 [warn]: WARNING: index "name_history" Equality was not found. YOU MUST REINDEX YOUR DATABASE
0e2475ba-882a-4f61-8938-2642ca80193b WARN     │  ┝━ 🚧 [warn]: WARNING: index "jws_es256_private_key" Equality was not found. YOU MUST REINDEX YOUR DATABASE

I had to drop it for a few days. I got that at some point though. It's all brand new so I wouldn't know why. Seems a bit rough around the edges so far. I'll try to reindex and attempt again. I really want this to be the product I use since it's a nice AIO solution but we'll see.

Edit:

[~]$ podman run --rm -i -t -v kanidm:/data \
    kanidm/server:latest /sbin/kanidmd reindex -c /data/server.toml
error: unrecognized subcommand 'reindex'

Phew boy. Straight from the docs. Same with the vacuum command.

Looks like the docs need updated to specify the command is kanidm database reindex -c /data/server.toml

And further upon trying to login...

300e55b7-e30a-42a5-ac3e-ec0e69285605 INFO     handle_request [ 188µs | 0.00% / 100.00% ]
300e55b7-e30a-42a5-ac3e-ec0e69285605 INFO     ┕━ request [ 188µs | 72.94% / 100.00% ] method: GET | uri: /v1/auth/valid | version: HTTP/1.1
300e55b7-e30a-42a5-ac3e-ec0e69285605 INFO        ┝━ handle_auth_valid [ 50.8µs | 25.54% / 27.06% ]
300e55b7-e30a-42a5-ac3e-ec0e69285605 INFO        │  ┝━ validate_client_auth_info_to_ident [ 2.85µs | 1.51% ]
300e55b7-e30a-42a5-ac3e-ec0e69285605 WARN        │  │  ┕━ 🚧 [warn]: No client certificate or bearer tokens were supplied
300e55b7-e30a-42a5-ac3e-ec0e69285605 ERROR       │  ┕━ 🚨 [error]: Invalid identity: NotAuthenticated | event_tag_id: 1
300e55b7-e30a-42a5-ac3e-ec0e69285605 WARN        ┕━ 🚧 [warn]:  | latency: 204.504µs | status_code: 401 | kopid: "300e55b7-e30a-42a5-ac3e-ec0e69285605" | msg: "client error"

I think I'm gonna have to just nuke it and start fresh but yeah, this is not a great first impression at all.

timbuck2themoon ,

I will have to check. Still willing to try again. I'll update if i get it going better on round 2.

Thanks for the hint about the docs. I hadn't thought of that.

timbuck2themoon ,

Maybe give photoview a shot.

https://github.com/photoview/photoview

timbuck2themoon ,

I stopped using certbot when they made it nothing but a snap.

Lego, acme.sh, and tools like caddy, traefik, cert-manager can easily replaced it afaiac.

timbuck2themoon ,

Why would i ever buy this for sports? Do i want to be the only one watching it? Does absolutely no one have friends anymore?

A big TV is a far better investment for like 90+℅ of people.

timbuck2themoon ,

Car brain arguments are honestly the most stupid thing you can read some days.

timbuck2themoon ,

You are like the most miserable poster with so many axes to grind.

Relax man.

timbuck2themoon ,

Besides all the other stuff people mentioned, a concrete one is that you can stream TV via it for free vs Plex. Just add a TV tuner to it and away you go.

timbuck2themoon ,

Reolink or amcrest cameras paired with (software) frigate, blue iris, motioneye, shinobi, etc etc works fine.

timbuck2themoon ,

Maybe unpopular opinion but the name is still dumb and hard for English speakers to pronounce off the bat.

I'm at a similar crossroads though. I still think the whole thing was blown out of proportion but whatever. It is what is is.

timbuck2themoon ,

Evidently there is a part at the bottom of advanced in the keyboard settings where you can choose to load the library. Download it from the link on the github page.

timbuck2themoon ,

You know, you can recommend lxd and whatever without putting out FUD about proxmox and other tech.

timbuck2themoon ,

Boggles the mind. Let's remove functionality. God I hate the new internet bullshit.

timbuck2themoon ,

Thank you to the devs.

timbuck2themoon ,

Kudos. That is such a great analogy.

timbuck2themoon ,

There is a reason ansible exists and is widely used. Shell scripts are brittle and don't account for a ton of use cases.

For instance- are you going to write a shell script to determine the OS family of a server? Are you then going to do a bunch of if statements for things you want run on Debian hosts vs RedHat ones vs. Alpine? Are you going to manually make templates yourself or just use jinja templates and the template module in ansible (and use variables easily gathered by the setup module)? Are you going to manually select which hosts you're going to target or are you just going to use your ansible inventory that categorizes your machines based on location or purpose or whatever other arbitrary thing and use tags? Are you going to manually dig in and find out how many NICs are in a box, what IPs they have, what CPU, how many cores so you can set some service to use "X" amount of threads, define service templates using those machine variables, etc. etc. etc.? Are you going to make such well defined shell scripts that they can be reused over and over again against a variety of machines without breaking things and make it easy to include them in parent shell scripts?

This is all stuff ansible does quite easily.

It's not the end all be all of course. Some would argue (maybe rightfully) that Puppet or Salt can maintain config drift a bit better. I would argue it's not the tool to use for containerization really either. But it definitely has a real purpose in initial and maintained configuration management and in both cloud and on-prem deployments.

timbuck2themoon ,

No offense but if you're using at least three things nextcloud provides I'm not so sure it's overkill.

timbuck2themoon ,

Maybe. I found that using redis, the php cache, and disabling unused apps (like photos) sped it up. Personally it just provides a lot to me and is only one thing to manage.

Great for my use case. Maybe not anymore for yours but food for thought. Good luck on whatever you choose. Lot of good programs recommended here.

timbuck2themoon ,

Except an employee leaves and a new one doesn't mind using used monitors. Try that with a stinky used headset.

timbuck2themoon ,

For everyone else without all that time, just invest in an index fund and go. Vtwax and chill with the bogleheads

  • All
  • Subscribed
  • Moderated
  • Favorites
  • incremental_games
  • meta
  • All magazines
    •