Cool, thanks.
Cool, thanks.
Did you have to use a display to flash? Some of them don’t seem to have a display output and I don’t know if that will be an issue. The apple thing concerns me. There are a few macs and iPhones on the network, but the macs are m1, and the oldest iphone would be a 12. Do you think that would be an issue? Also, which R3 router are you using specifically?
They said they want a local backup so they don’t have to redownload because bandwidth is expensive. I think a RAID makes more sense. I also don’t think btrfs is a great idea for a boat. Power failures will probably be somewhat common, and btrfs is not the most stable, so I don’t think I would trust it in weird conditions. Documentation is definitely a great idea though.
For hardware, I would go with sata ssds for storage. I also would recommend a separate boot drive as it makes re installing without loosing data a breeze. You could go with a new processor from intel or amd, and make sure it has onboard graphics. You should also go into the BIOS, enable xmp (always do that. It’s free performance), and look for power saving settings. You could go for arm, but most arm computers lack expansion options and that can mean you use USB for drives which is unreliable. I think dc atx power supplies are a thing, but I know nothing about them. I would recommend doing ext4 and a raid, ideally 6 or 10. That will give you stability (from filesystem issues) and good reliability. I know RAID is not a backup, but in this case it may be what you want. RAID is for uptime, and it would be able to usually buy you enough time to finish your trip, or you could even have spare drives onboard and fix it while you’re out in like 10 minutes. Also, I would highly recommend researching how to power it well. Starting an engine can mess with the power and could fry a computer. I don’t know if a dc ups is a thing, but if it is, get it.
For software, use whatever you want, mostly. I always use debian for servers, but proxmox would probably be fine. You can use powertop to make sure it runs efficiently.
You can. I am lucky enough to not have been hacked after about a year of this, and I use a server in the living room. There are plenty of guides online for securing a server. Use common sense, and also look up threat modeling. You can also start hosting things locally and only host to the interwebs once you learn a little more. Basically, the idea that you need cloudflare and aws to not get hacked is because of misleading marketing.
I could be completely wrong, but I know they have a tagging system in place. The tags presumably come from metadata providers (they give basic information about the song, like who wrote it and when it was made, as well as pictures for album covers and such). After that they can pretty easily look for similarities, eg. two items both tagged funny. If you were concerned that they upload your listening history somewhere to come up with recommendations, they do not.
I agree, though I wouldn’t blame the article. If it is insecure, you shouldn’t be using it unless it is set up to allow you to run a real os on it.
Openhab is a project like HomeAssistant. Both are basically websites that offer pre made smart home functionaility and can run on your own server. Openhab doesn’t set a password by default (iirc), and when people expose it to the internet they end up with random bored people in another country somewhere flipping their lights on and off or adjusting their thermostat, though they could also get hacked. The openhab example was one of what not to do. I could have been more clear about that.
Security is an issue that people in this community are fairly opinionated on. Try to build up a practical knowledge of every tool you use (like tools for remotely managing your server). Think about how much access that tool gives you, and how easy it is to get. Ssh gets you basically full access to the system, except for bios level settings and things, but it is generally quite secure, and you can use keys instead of passwords. Cockpit, a remote management tool you can access from your browser, offers you a full terminal, so functionally the same access as ssh. However, hackers nearly got a back door into openssh (ssh is the protocol, openssh is the software on linux that implements that protocol), and cockpit is much less thoroughly looked at. Also cockpit doesn’t let you use keys.
You’re website will be static, which decreases the complexity and makes it easier to make it secure, so don’t worry too much. Here are some links that might be useful: https://www.digitalocean.com/community/tutorials/how-to-configure-ssh-key-based-authentication-on-a-linux-server
https://www.cyberciti.biz/tips/linux-security.html (this one seems to be geared more towards enterprise stuff, so not all of it is relevant, but a decent amount is.)
Edit: This one is good too. I recommend at least skimming it before the one above this. It will help you figure out which of the points in the link above are worth paying much attention to. https://owasp.org/www-community/Threat_Modeling
Yeah. I just forward SSH with keys only on a nonstandard port + fail2ban. Plus you can access local only services with an SSH port forward.
That’s also why I don’t use cockpit. It looks cool, but opens up vulnerabilities for very little benefit.
It sounds like you’re on the right track. As long as you aren’t hosting anything too important, just go for it. The only thing to keep in mind is security, which in your case should be fairly simple.
For how to learn simple html and css, w3schools is your friend. You can learn all the random stuff people become extremely opinionated on eventually, but don’t get overwhelmed by all of it and just do what works for you.
Sorry to see you got downvoted for saying something that Reddit did better than Lemmy. I think a lot (though probably not the majority) of lemmings as well as people invoiced in open source can’t take criticism, especially of an open source project they care about. It is unfortunate as it negates a lot of the benefits of open source / free software.
I know, but they didn’t pass much info. They told me it was serverhold and nothing else. They could have at least said it wasn’t them that did it.
They may be a registrar, but not the one I used. They were the registry that locked my domain.
I had mine through njal.la. It was the registry itself that locked it though. I switched registrar too after njalla took a long time to respond to my question with a vague, unhelpful, and short response.
I’m on a new domain now anyway. I will be more careful on this one, but I suspect they just didn’t look into it. I do really appreciate that you seem to be both knowledgeable and not an asshole. That seems to be a rare combination to find in this thread.
It typically is, and I won’t comment on whether mine is, but that isn’t enough reason to take it down. I was quite careful about who I gave access to, as well as making sure people had secure passwords. It is highly unlikely that anyone got in and saw any copyright violation before reporting it.
I didn’t get the domain through gen.xyz, they are the registry (not registrar) for the xyz tld. They are the ones who control every xyz domain which is why I warned against them.
It cost the same as my new .com one. It was the registry (not registrar) that took it down.
I kept it up for more than a year. By friends I mean like 3 people I know in real fucking life, and I made them all set secure passwords. Way to assume the worst about people, it is a very healthy attitude to have.
You can do that with pihole and basically any reverse proxy. The process is the same, so you can follow tutorials, you just have to set up your domain through your pihole instance instead of a registrar. You can set pihole as your dns for specific devices, or you can set it as the default dns for your network through the router.