Congrats on getting everything working - it looks great!
One piece of (unprovoked, potentially unwanted) advice is to setup SSL. I know you’re running your services behind Wireguard so there isn’t too much of a security concern running your services on HTTP. However, as the number of your services or users (family, friends, etc.) increases, you’re more likely to run into issues with services not running on HTTPS.
The creation and renewal of SSL certificates can be done for free (assuming you have a domain name already) and automatically with certain reverse proxy services like NGINXProxyManager or Traefik, which can both be run in Docker. If you set everything up with a wildcard certificate via DNS challenge, you can still keep the services you run hidden from people scanning DNS records on your domain (ie people won’t know that an SSL certificate was issued for immich.your.domain). How you set up the DNS challenge will vary by the DNS provider and reverse proxy service, but the only additional thing that you will likely need to set up a wildcard challenge, regardless of which services you use, is an email address (again, assuming you have a domain name).
Everything I mentioned works for LAN services as long as you have a domain name. You shouldn’t even need to point the domain name to any IP addresses to get it working. As long as you use a domain registrar that respects your privacy appropriately, you should be able to set things up with a good amount of privacy.
Yes, you can do wildcard certificates through Let’s Encrypt. If you use one of the reverse proxies I mentioned, the reverse proxy will create the wildcard certificates and maintain them for you. However, you will likely need to use a DNS challenge. Doing so isn’t necessarily difficult. You will likely need to generate an API key or something similar at the domain registrar or DNS service you’re using. The process will likely vary depending on what DNS service/company you are using.
I have been exploring the world of home servers/self-hosting for a little over a year now, and feel like I have at a decent understanding of a lot of things that go into this. The one thing I am not remotely comfortable with yet is networking. It’s like a foreign language to me....
Raspberry Pi + PiHole + PiVPN = Network Gateway Drug
Although, PiVPN is winding down so you might want to find something different instead. Setting up a regular Wireguard VPN isn’t so bad, but it may be simpler to setup a Tailscale Tailnet.
Didn’t look at the repo thoroughly, but I can appreciate the work that went into this.
Is there any reason you went this route instead of just using an user-overrides.js file for the standard arkenfox user.js file?
Does the automatic dark theme require enabling any fingerprintable settings (beyond just possobly determining the theme of the OS/browser)?
How are you handling exceptions for sites? I assumed it would be in the user.js file, but didn’t notice anything in particular handling specific URLs differently.
the only sites I give permenant cookie exception are my selfhosted services
This is what I was referring to. How are you accomplishing this?
I’m still looking for the switches to block all new requests asking to access microphone, location, notification
I can’t help with this at the moment, but if you’re still struggling with this I can provide the lines required to disable these items. However, I don’t know how to do this with exceptions (ie allowing your self hosted sites to use that functionality, but block all other sites). At minimum though you could require Firefox to ask you every time a site wants to use something. This may get repetitive for things like your self hosted sites if you have everything clearing when you exit Firefox.
I was looking for a free opensource sharing plateform first
What type of sharing platform are you looking for? A git repo? A single file sharing service? A code/text snippet sharing service? Something else?
There are many options available. Some have free, public instances available for use. Others require you to self host the service. Regardless, you’re not stuck using Github just to share your user.js file.
The F-Droid version (which is available on IzzyOnDroid’s repo) utilizes OSM. You’ll need a server to sync the data to though and it likely does not have all of the features that Life360 has.
How do you use your Beelink? More specifically what OS (and maybe core/most used apps) do you have installed? How do you interact with it (eg - wireless keyboard/mouse, USB IR receiver, etc.)?
Any downside to this approach compared to using the Smart TV/Android TV/Apple TV features?
I think that @theomegabit is asking for Proton to become an OAuth/OIDC provider. This would allow you to sign into any service, app, platform, etc. that supports it using your Proton account. Some common providers that are widely supported are Google, Apple, Github, Facebook, and Microsoft.
It is generally considered more secure than using “regular credentials” like username/email and password when using several services. There are a few downsides to this though. One of those downsides is that your OAuth/OIDC provider will have record of all your accounts used through OAuth/OIDC. For example, @theomegabit would like to avoid Google knowing about the various services used.
Hello fellow self-hosters! I am looking for an app/tool/macro/etc that can screen-scrape or API ping various merchants to track prices on specific products. Think camelcamelcamel but for any merchant. I have to believe such a tool exists and I’m not the first person to think of it....
Data never expires (there is a nominal annual fee to keep a plan active) and by default auto-refills whenever it gets low (up to a user-configurable limit every month). Data is purchased in blocks of 5GB and works on most major carriers in the USA and Canada.
This plan is prepay pay-as-you go and purely data, ideal for JMP customers who already have a phone number through us. No use-it-or-lose-it, no lock-in, just prepay 5 GB at a time for the data you actually use. Prepaid data never expires no matter how long it takes you to use it, and by default automatically buys another 5GB when your data gets low (you can change this in your plan settings).
Is this plan intended to be cheap? It’s likely cheaper to use a regular wireless data or hotspot provider if you use more than 3GB/month (roughly $22/month) or even 1.5GB/month (roughly $11/month) in some cases.
Basically I am using mull on android and librewolf on linux.I want to use firefox sync or something line that for syncing.So how good Firefox sync is, in privacy point on view. I am not anonymity paranoid I just want privacy so basically what do they collect and for what?
I’m not disputing the results, but this appears to be checking calls made by Firefox’s website (www.mozilla.org/en-US/Firefox/) and not Firefox, the web browser application. Just because an application’s website uses Google Analytics does not mean that the application shares user data with Google.
The analytics trackers that you mentioned would fall under Mozilla’s Websites Privacy Policy, which does state that it uses Google Analytics and can be easily verified a number of ways such as the services you previously listed.
However, Firefox sync uses accounts.firefox.com which has its own Privacy Policy. There is some confusion around “Firefox Accounts” as it was rebranded to “Mozilla Accounts”, which again has its own Privacy Policy. There is no indication that data covered by those policies are shared with Google. If Google Analytics trackers on Mozilla’s website are still a concern for these services, you can verify that the Firefox Accounts and Mozilla Accounts URLs do not contain any Google Analytics trackers.
Firefox has a Privacy Policy as well. Firefox’s Privacy Policy has sections for both Mozilla Accounts and Sync. Neither of which indicate that data is shared with Google. Additionally, the data stored via the Sync service is encrypted. However, there is some telemetry data that Mozilla collects regarding Sync and more information about it can be found on Mozilla’s documentation about telemetry for Sync.
The only thing that I could find about Firefox, Sync, or Firefox Accounts/Mozilla Accounts sharing data with Google was for location services within Firefox. While it would be nice for Firefox not to use Google’s geolocation services, it is a reasonable concession and can be disabled.
Mozilla is most definitely not a perfect company, even when it comes to privacy. Even Firefox has been caught with some privacy issues relatively recently with the unique installation ID.
Again, I’m not saying that Mozilla is doing nothing wrong. I am saying that your “evidence” that Mozilla is sharing Firefox, Sync, or Firefox Accounts/Mozilla Accounts data with Google because of Google Analytics trackers on some of Mozilla’s websites is coincidental at best. Without additional evidence, it is misleading or flat out wrong.
Are you saying Firefox shares data to Alphabet beyond Google as the default search engine? If so and if it applies to Sync (as if the question from OP here) can you please share sources for that?
You stated:
Mozilla does, sharing your account data
You also provided evidence that Mozilla uses Google Analytics trackers on the Firefox’s product information website. I mentioned that it’s not sufficient evidence of your claim as the trackers are independent of Firefox the browser and Sync. Additionally, the use of trackers for websites is clearly identified on Mozilla’s Privacy Policies and there is not much else mentioned on the Privacy Policies outside of those trackers and Google’s geolocation services in Firefox.
You’ve also mentioned Google’s contract with Mozilla, which is controversial for many people, but isn’t evidence of Mozilla providing user data to Google even in conjunction with the previously mentioned trackers. You then discussed various other browsers, but I’m not sure how that is relevant to your initial claim.
While it seems we can both agree that Mozilla and it’s products are far from perfect, it is looking like your initial claim was baseless as you have yet to provide any evidence of your initial claim. Do you have any evidence through things like code reviews or packet inspections of Firefox or Sync that hints Mozilla is sharing additional information to Google? At this point, I would even accept a user(s) providing evidence of some weird behavior like the recent issue where google.com wouldn’t load in Firefox on Android if someone could find a way to connect the weird behavior to Mozilla sharing data with Google.
As @vik stated, you’ll run into issues upgrading/installing InfiniTime if you’re using Android 14 with GadgetBridge v0.77.0 as stated in the release notes
Unfortunately there is a bug with v0.77.0 of Gadgetbridge on Android 14, that means that it can’t update InfiniTime. We have submitted a fix, which will be available in the next release of Gadgetbridge. In the meantime, you can use another device to do the upgrade or use a nightly build of GadgetBridge (it’s recommended to use the no pebble flavour, as that can be installed alongside your existing GadgetBridge app).
I’m using a Protectli FW6B as my opnsense firewall/router. I’m upgrading my internet service to 1.5 GB fiber and I’m not sure what to do with this device once I do. I could continue using it as my router (I guess put it on the LAN side of the supplied Bell “Gigahub” router/WiFi ap/whatever the fiber equivalent of a...
I run a full media server, as well do a few friends. Now we had the idea to share our media libraries. In a first quick attempt we, mounted each other’s library folder via an smb share and imported those in jellyfin (all servers connected by VPN) Works quite well, but is kind of cumbersome the more people get in. I had the...
I donate to the Mozilla foundation, and I love Firefox a ton. But I can’t seem to like the UI by installing a theme, and when I change it to look better the browser slows to a crawl. Does it really matter all that much if I use Chromium?...
tl;dr: A notable marketshare of multiple browser components and browsers must exist in order to properly ensure/maintain truly open web standards.
It is important that Firefox and its components like Gecko and Spidermonkey to exist as well as maintain a notable marketshare. Likewise, it is important for WebKit and its components to exist and maintain a notable marketshare. The same is true for any other browser/rendering/JavaScript engines.
While it is great that we have so many non-Google Chrome alternatives like Chromium, Edge, Vivaldi, etc., they all use the same or very similar engines. This means that they all display and interact with websites nearly identically.
When Google decides certain implementation/interpretation of web standards, formats, behavior, etc. should be included in Google Chrome (and consequently all Chromium based browsers), then the majority marketshare of web browsers will behave that way. If the Chrome/Chromium based browsers reaches a nearly unanimous browser marketshare, then Google can either ignore any/all open web standards, force their will in deciding/implementing new open web standards, or even become the defacto open web standard.
When any one entity has that much control over the open web standards, then the web standards are no longer truly “open” and in this case becomes “Google’s web standards”. In some (or maybe even many) cases, this may be fine. However, we saw with Internet Explorer in the past this is not something that the market should allow. We are seeing evidence that we shouldn’t allow Google to have this much influence with things like the adoption of JPEG XL or implementation of FLoC.
With three or more browser engines, rendering engines, and browsers with notable marketshares, web developers are forced to develop in adherence to the accepted open web standards. With enough marketshare spread across those engines/browsers, the various engines/browsers are incentivized to maintain compatibility with open web standards. As long as the open web standards are designed and maintained without overt influence by a single or few entities and the open standards are actively used, then the best interest of the collective of all internet users is best served.
Otherwise, the best interest of a few entities (in this case Google) is best served.
I agree that Home Assistant’s audit is a good thing. While I love that Home Assistant is open source, I’m not sure how that impacts the audit. Proprietary, closed source software can be audited with few differences from an open source software’s audit. The biggest difference is that you, myself, or anyone could audit open source software, but it would not be easy for that to happen with closed source software.
Your options will depend on how much effort you are willing to put in and what other services you have access to (or are willing to run).
For example, do you have a Network Video Recorder (NVR) or something like Home Assistant that can consume a Real-Time Messaging Protocol (RTMP) or Real Time Streaming Protocol (RTSP) video feed? Can you modify your network to block all internet traffic to/from the doorbell? Are you comfortable using a closed source, proprietary app to setup the doorbell? Is creating your own doorbell feasible?
I’m not aware of a doorbell that you can buy which meets all of your requirements without at least one of the items I mentioned above. Additionally, I believe the only doorbell that meets all your requirements is building your own doorbell. However, some other brands that will get close to meeting your requirements are Reolink and Amcrest.
Alerts, notifications, person recognition, object recognition, motion detection, two way audio, automated lights, event based video storage, 24/7 video storage, automated deletion of stale recorded video, and more can all be accomplished 100% locally.
Granted, much of this functionality is not easily accomplished without some technical knowledge and additional hardware. However, these posts typically are made by people who state to at least have an interest in making that a reality (as this one does).
What security benefits does a cloud service provide?
I wish to convince my friends and family to avoid using privacy-invading ad-based services and apps. Seeing people discuss how much data these companies collect off of us, I want to know if there is a way you could get a sample of that data by yourself and show it to them for them to realize the gravity of the situation...
This is a “simple” question, but unfortunately the answer isn’t as simple. Much of this isn’t necessarily Google “individually and directly attacking people”, but instead Google providing others with the (otherwise unavailable) means to do so.
Microsoft is bringing popular programming language Python to Excel. A public preview of the feature is available today, allowing Excel users to manipulate and analyze data from Python....
That’s true. It wouldn’t solve the dependency issue though (eg - I’m using Pandas v1.5.3, you’re using Pandas v2.0.3) and I’m not sure how well it would work for some platforms like the web or Teams.
Finally got my server to work properly. (Routing with custom local domain instead of ports) (programming.dev)
I spent all day today trying to get the routing to work correctly between Tailscale, Nginx and Adguard....
Best resources to learn more about networking
I have been exploring the world of home servers/self-hosting for a little over a year now, and feel like I have at a decent understanding of a lot of things that go into this. The one thing I am not remotely comfortable with yet is networking. It’s like a foreign language to me....
Sharing my personal Firefox user.js based on arkenfox's privacy policies.
Hi everyone :)...
Life360 Alternative with OpenStreetMap?
I’ve been trying to find an alternative to Life360 that doesn’t use Google/Apple map data....
I am looking for a privacy respecting android tv box/stick
Or an android tv supported by a privacy respecting custom rom.
App that tracks prices on websites?
Hello fellow self-hosters! I am looking for an app/tool/macro/etc that can screen-scrape or API ping various merchants to track prices on specific products. Think camelcamelcamel but for any merchant. I have to believe such a tool exists and I’m not the first person to think of it....
Newsletter: JMP Data Plan (blog.jmp.chat)
How good/bad is Firefox sync.
Basically I am using mull on android and librewolf on linux.I want to use firefox sync or something line that for syncing.So how good Firefox sync is, in privacy point on view. I am not anonymity paranoid I just want privacy so basically what do they collect and for what?
Released : InfiniTime 1.14 (github.com)
Protectli FW6B
I’m using a Protectli FW6B as my opnsense firewall/router. I’m upgrading my internet service to 1.5 GB fiber and I’m not sure what to do with this device once I do. I could continue using it as my router (I guess put it on the LAN side of the supplied Bell “Gigahub” router/WiFi ap/whatever the fiber equivalent of a...
pooling media libraries - like distributed storage
I run a full media server, as well do a few friends. Now we had the idea to share our media libraries. In a first quick attempt we, mounted each other’s library folder via an smb share and imported those in jellyfin (all servers connected by VPN) Works quite well, but is kind of cumbersome the more people get in. I had the...
How much does it really matter to use firefox?
I donate to the Mozilla foundation, and I love Firefox a ton. But I can’t seem to like the UI by installing a theme, and when I change it to look better the browser slows to a crawl. Does it really matter all that much if I use Chromium?...
Security audits of Home Assistant (www.home-assistant.io)
All reported issues have been addressed as part of Home Assistant 2023.9, released on September 6, 2023...
Privacy Respecting Ring Doorbell Equivalent?
I couldn’t find a post in this community about cameras so I figured I’d make one. Requirements:...
How to demonstrate to people the importance of privacy by showing the data collected about them?
I wish to convince my friends and family to avoid using privacy-invading ad-based services and apps. Seeing people discuss how much data these companies collect off of us, I want to know if there is a way you could get a sample of that data by yourself and show it to them for them to realize the gravity of the situation...
Microsoft is bringing Python to Excel (www.theverge.com)
Microsoft is bringing popular programming language Python to Excel. A public preview of the feature is available today, allowing Excel users to manipulate and analyze data from Python....