Yes it would. In my case though I know all of the users that should have remote access snd I’m more concerned about unauthorized access than ease of use.
If I wanted to host a website for the general public to use though, I’d buy a VPS and host it there. Then use SSH with private key authentication for remote management. This way, again, if someone hacks that server they can’t get access to my home lan.
Their setup sounds similar to mine. But no, only a single service is exposed to the internet: wireguard.
The idea is that you can have any number of servers running on your lan, etc… but in order to access them remotely you first need to VPN into your home network. This way the only thing you need to worry about security wise is wireguard. If there’s a security hole / vulnerability in one of the services you’re running on your network or in nginx, etc… attackers would still need to get past wireguard first before they could access your network.
But here is exactly what I’ve done:
Now I can just turn on my phone’s VPN whenever I need to access any one of the services that would normally only be accessible from home.
P.s. there’s additional steps I did to ensure that the masquerade of the VPN was disabled, that all VPN clients use my pihole, and that I can still get decent internet speeds while on the VPN. But that’s slightly beyond the original ask here.
A couple of options in my opinion, as I just did this myself:
You can use the CLI tool to “upload” them. You can even do this from the server itself. So upload times would be as fast as your network card can process or however fast your server is, whichever is slower. It does require that you create an API key for the user in question though.
Otherwise you can create an external library and link that to your account. Now Immich will still index this library but it won’t move or manage the actual files. I’m not sure though if it looks at those files for duplicates (i.e. if you try and upload the same photo from your phone to the server). This external library will also prevent deleting photos as well, FYI.
There might be other options that I’m not aware of, as I’ve only been using Immich for about a month now.
Edit: link to the CLI documentation: https://immich.app/docs/features/command-line-interface/
Fair enough. Sometimes you can’t help but go down these rabbit holes though.
How do you account for the duplicate Riker in TNG? Who’s the real one and where did the extra matter come from then to assemble William vs Tom?
(It’s been a long time since I’ve seen that episode so I don’t remember if they covered that but on-screen)
A similar question could be raised for the Rascals episode…
I’m also running Ubuntu as my main machine at home. (I have a Mac and do Android development for my day job).
But at home, I do a lot of website and backend dev.
docker buildxdocker compose up -dThat looks like 8.8.8.8 actually responded. The ::1 is ipv6’s localhost which seems odd. As for the wong ipv4 I’m not sure.
I normally see something like requested 8.8.8.8 but 1.2.3.4 responded if the router was forcing traffic to their DNS servers.
You can also specify the DNS server to use when using nslookup like: nslookup www.google.com 1.1.1.1. And you can see if you get and different answers from there. But what you posted doesn’t seem out of the ordinary other than the ::1.
Edit just for shits and giggles also try nslookup xx.xx.xx.xx where xx.xx… is the wrong up from the other side of the world and see what domain it returns.
Another thing that can be happening is that the router or firewall is redirecting all port 53 traffic to their internal DNS servers. (I do the same thing at home to prevent certain devices from ignoring my router’s DNS settings cough Android cough)
One way you can check for this is to run “nslookup some.domain” from a terminal and see where the response comes from.
Thank for sharing the results.
I can say one of the most requested features I keep getting requests for is a global search as well. I’m just blocked by a bug in Lemmy at the moment.
A tool to see better recommendations on who to follow could be interesting as well. I’ve recently added a new feature that allows for users to search communities (on Lemmy and Kbin) about what posts are actually talking about. I wonder if something similar could be built for users…
But again thanks for sharing.
Problem is finding the difference between repost bots and bots that are helpful like automod and link redirectors.
Maybe. 2nd idea I’ve got is that if no one is replying after say 24hrs and something like 75-80% of your posts are as such and you have at least 100 such posts, you get added to the list?
Main concern I see about something like this is false positives and how someone real could end up getting blocked.
I definitely want to think on this some more but it might have some legs.
…I wonder if there’s a programmatic way to detect these bots? Some sort of analysis on their posting behavior?
If they’re playing nice they’ll have the bot flag checked in their profile, and then maybe build a list of any bot that creates posts? As most of the “good” bots just reply to comments? Anyway just thinking out loud. But I’m thinking I could easily add a public API to my search engine that just returns a list of “posting bots”…
Cloudflare? Namecheap?
Not sure exactly what features you’re after but the vast majority of them support what you mentioned above.
The target folder may be quite large. You can look at the dependencies for my project but my end binary is only a few MB.
I don’t see anything wrong initially. Can you also test with something like postman? It’ll allow you to control the headers etc… that you send.
You can also compare to what I have here and see if that helps: https://github.com/marsara9/lemmy-search/blob/b6c88355aba49abca52862473650526821ee165a/server/src/api/lemmy/fetcher.rs#L123
Anyway I think we can build a search engine that can respect their wishes and keep them out of the index.
I’d love to hear your ideas on this. At least initially I don’t see a way to build a crawler that can ignore select individuals. But I haven’t really dug into the Mastodon APIs just yet.
I don’t run my own instance, at least not publicly, but I’m very curious in the answers to some of those questions and I don’t want to skew your results by voting.
As I’m already working on on search engine, that’s already public for Lemmy but I hope to add Mastodon in the future. So far many Mastodon users seem to be very anti-search, so I’m curious of your results.
Ya, I’ve got a few public services out there and I would love for a better way to manage them. But the fewer ports I open the better. I think there’s also portainer edge agent that’s more secure for prod environments, but I’ve yet to look into it much.
Slightly off topic, but are there not security concerns about opening up a portainer instance to the internet? I run portainer for all of my intranet hosted containers but I have reservations about running either the agent or portainer itself on something external to my lan. It seems like an easy attack vector but maybe I’m just overly worried?
What phone do you have? I just upgraded last night and everything appears to be working like normal. But I did notice that you appear to have a smaller screen size than I do. First I’d try adjusting the display size and see if that helps. You can find that setting (on a pixel) under: Settings -> Display -> Display Size and Text.
You can also try adjusting the accessibility settings and increase or decrease the font size to see if that helps. Which you can find in the same menu above.
Lastly, you might try enabling developer settings and adjusting the smallest width:
Edit: none of these should be final solutions but to help troubleshoot what’s wrong. You can then use what you find with these three options to raise a ticket and hopefully the developers can then narrow down the actual root cause.