Flashing the stock Pixel ROM back is just as simple as flashing GrapheneOS, the instructions in GOS website are very good for both.
The only two things I can think of that might be issues are banking apps and Google Pay, if you use that. I use Play services in the main profile and honestly there’s not much difference to the stock ROM in terms of user experience. Even Android Auto works nowadays.
Portability is the key for me, because I tend to switch things around a lot. Containers generally isolate the persistent data from the runtime really well.
Docker is not the only, or even the best way IMO to run containers. If I was providing services for customers, I would definetly build most container images daily in some automated way. Well, I do it already for quite a few.
The mess is only a mess if you don’t really understand what you’re doing, same goes for traditional services.
Imagine if all the people who prefer systemd would write posts like this as often as the opposition. Just use what you like, there are plenty of distros to choose from.
I have recently repurposed and old Hp Stream to a home server and successfully run Immich. I really like it and even a small 500GB disk is way more than the 15GB Google offers....
There was a good blog post about the real cost of storage, but I can’t find it now.
The gist was that to store 1TB of data somewhat reliably, you probably need at least:
mirrored main storage 2TB
frequent/local backup space, also at least mirrored disks 2TB + more if using a versioned backup system
remote / cold storage backup space about the same as the frequent backups
Which amounts to something like 6TB of disk for 1TB of actual data. In real life you’d probably use some other level of RAID, at least for larger amounts so it’s perhaps not as harsh, and compression can reduce the required backup space too.
I have around 130G of data in Nextcloud, and the off-site borg repo for it is about 180G. Then there’s local backups on a mirrored HDD, with the ZFS snapshots that are not yet pruned that’s maybe 200G of raw disk space. So 130G becomes 510G in my setup.
At this stage I’ll probably just mirror my stuff from GH. I have a feeling they’ll be doing something stupid soon, forcing people to look for alternatives.
Would be nice to collaborate with others, but getting started is hard when you don’t have enough free time.
It seems Gitea has basic CI + package registries now, that will be plenty for my needs.
I am really struggling to replace facebook messenger / whatsapp for a few casual conversations. My friends and I are all wanting to move away. We are not heavy users of this but need it to work. I think the requirements are:...
I have a feeling you are overthinking the Matrix key system.
create account
create password you store somewhere safe
copy the key and store somewhere safe
when signing on a new device, copy-paste the key
Basically it’s just another password, just one you probably can’t remember.
Most of the client apps support verifying a new session by scanning a QR code or by comparing emoji. The UX of these could be better (I can never find the emoji option on Element, but it’s there…). So if you have your phone signed in, just verify the sessions with that. And it’s not like most people sign in on new devices all the time.
Wireguard runs over UDP, the port is undistinguishable from closed ports for most common port scanning bots. Changing the port will obfuscate the traffic a bit. Even if someone manages to guess the port, they’ll still need to use the right key, otherwise the response is like from a wrong port - no response. Your ISP can still see that it’s Wireguard traffic if they happen to be looking, but can’t decipher the contents.
I would drop containers from the equation and just run Wireguard on the host. When issues arise, you’ll have a hard time identifying the problem when container networking is in the mix.
Hi everyone! Can someone please walk me through changing dns on Fedora 38. I have pihole setup on my home server, but Fedora won’t use for the life of me. (It does work on my phone). Explain it like I’m 5, cos I’m losing my mind haha
@QuentinCallaghan Jostain syystä kommentit ei enää näy minulle kirjautumisen jälkeen…
Mutta samaa mieltä, tämä on kaikin puolin ihan järjetön lakialoite. Jos menee läpi, niin on kyllä usko yhteiskuntaan aika vähissä. Käytännössähän tuo menisi varmaan niin että “rehellisten” ihmisten viestit sitten luetaan ja muiden tavara kulkee edelleen salattuna, kuten tähänkin asti.
Briteissähän meni vastaava laki jo läpi, tosin höllensivät sitä, kun Apple uhkasi blokata iMessagen koko saarivaltiolta.
Saapahan hyvän syyn painostaa perhe ja tutut käyttämään Matrixia, jos Whatsappiin tulee takaportti. Se, että Meta pääsee viesteihin ei ole tuntunut hetkauttavan ketään.
Tässähän on se, että sitten ollaan ilmeisesti periaatteessa rikollisia kun käytetään takaportitonta viestisovellusta… Mutta en kyllä usko, että tuota lakia pystyy mitenkään valvomaan. Esim Matrix pyörii kuitenkin HTTPS:n alla, omien kotipalvelimien blokkaaminen olisi melkoinen operaatio.
Kaikista masentavinta koko jutussa on, että suurin osa ihmisistä ei tiedä tästä todella vakavasta yksityisyyden riiston riskistä yhtään mitään.
Vielä suurempi paskamyrsky tulee, kun joku kansanedustaja lähettää meemejä tai jopa jotain salaista Whatsapissa ja ne jotenkin päätyvät julkiseksi Venäjältä käsin.
Se, että Meta pääsee viesteihin ei ole tuntunut hetkauttavan ketään.
Niin, tuohan ei ole mikään uusi juttu. Päinvastoin, päästä-päähän-salaus on se uusi juttu…
Mutta tämän asetuksen myötä viranomaiset saisivat suoraan pääsyn kaikkeen viestintään, ja kaikki viestit sitten joku tekoäly kahlaa myös läpi. Lähettää kuvan lapsista uimassa mummolle, niin kohta on virkavalta oven takana.
Ja noin 5 minuuttia käyttöönotosta takaportti on käytössä kaikilla jolla on varaa maksaa lahjuksia.
Viestit on kyllä Whatsappissa salattuja, totta. Salausavaimet eivät vain ole käyttäjien hallinnassa, vaan Metan palvelimilla, joten halutessaan Meta saa kyllä viestien sisällönkin purettua.
Protonmail, but not really because of encryption. I just liked their Android client and webmail the most. I’ve had sensitive backups on Proton Drive for a long time, so that also played a role in the choice.
I hosted my own server for quite a few years, but the SMTP clients (Thunderbird, Evolution, K9 mail) all doing things slightly differently made me give up. Biggest push was that K9 mail didn’t really move deleted mail to trash. These were probably dovecot configuration issues, but I got tired of searching for solutions. Never had any deliverability issues.
For those of you who use Raspberry Pi’s in your home environment, I’m curious as to what you use them for. What applications are you running on them? Do you have your Pi’s setup in a cluster?
I used to run everything with Pis, but then got a x86 USFF to improve Nextcloud performance.
With the energy price madness last year in Europe, I moved most things to cloud VPSs.
One Pi is still running Home Assistant, hooked to my heating/ventilation unit via RS485/modbus.
I had a ZFS backup server with 2 HDDs hooked up over USB to a Pi 8GB. That is just way too unreliable for anything serious, I think I now have a lot of corrupted files in the backups. Looking into getting some Synology unit for that.
For anything serious that requires file storage, I’d steer clear from USB or SD cards. After getting used to SATA performance, it’s hard to go back anyways. I’d really like to use the Pis, but family photo backups turning gray due to bitflips is unacceptable.
They are a great entrypoint to self-hosting and the Linux world though!
on surface they may look like they are overlapping solutions to the untrained eye.
You’ll need to elaborate on this, since AFAIK Podman is literally meant as a replacement for Docker. My untrained eye can’t see what your trained eye can see under the surface.
Perhaps I misunderstand the words “overlapping” and “hot-swappable” in this case, I’m not a native english speaker. To my knowledge they’re not the same thing.
In my opinion wanting to run an extra service as root to be able to e.g. serve a webapp on an unprivileged port is just strange. But I’ve been using Podman for quite some time. Using Docker after Podman is a real pain, I’ll give you that.
What's the best strategy for changing to GrapheneOS?
I have a google pixel, and I know I could install grapheneOS on it. But I’m very, very hesitant, since I depend so much on my phone....
Why docker
Hi! Question in the title....
Jellyfin on a vps
I have a jellyfin instance running with radarr/sonarr/… for my media needs on my vps....
Systemd is far from being perfect
Systemd-init has a larger attack surface compared to runit, openrc, or sysVinit....
worth selfhosting immich or similar? what about backups?
I have recently repurposed and old Hp Stream to a home server and successfully run Immich. I really like it and even a small 500GB disk is way more than the 15GB Google offers....
what do y'all actually host?
hi there, comrades! just curious, what do you all actually host for yourselves?...
cross platform chat alternative to facebook messenger?
I am really struggling to replace facebook messenger / whatsapp for a few casual conversations. My friends and I are all wanting to move away. We are not heavy users of this but need it to work. I think the requirements are:...
Networking security question
I’d like to run a VPN locally, and am just double checking I understand the security correctly....
DNS help needed on Fedora 38
Hi everyone! Can someone please walk me through changing dns on Fedora 38. I have pihole setup on my home server, but Fedora won’t use for the life of me. (It does work on my phone). Explain it like I’m 5, cos I’m losing my mind haha
graphenos
Hey...
Suomi vastustaa Chat Control -asetusta (dawn.fi) Finnish
Jotain järkeä sentään löytyy päättäjiltäkin....
Suomen Chat Control (CSAM) kannasta äänestys perjantaina (dawn.fi)
Perjantaina ratkeaa, kannattaako Suomi vahvan salauksen kieltämistä Euroopassa....
GrapheneOS People being toxic again... and again... | The other face of "community-ran servers" (matrix.to)
There have been very very bad experiences with Daniel Mikay, the former (?) lead dev of GrapheneOS....
what E-Mail provider do you use and why
I’m currently still using gmail unfortunately...
Do any of you use Raspberry Pi’s ?
For those of you who use Raspberry Pi’s in your home environment, I’m curious as to what you use them for. What applications are you running on them? Do you have your Pi’s setup in a cluster?
Quadlets might make me finally stop using docker-compose (major.io)