Any video of them testing this? Sounds really cool
Any video of them testing this? Sounds really cool
Any recommendations for basic equipment for someone wanting to get into ham radio?
I’m surprised no one mentioned this if you are already using kde
Vaultwarden itself is actually one of the easiest docker apps to deploy…if you already have the foundation of your home lab setup correctly.
The foundation has a steep learning curve.
Domain name, dynamic DNS update, port forwarding, reverse proxy. Not easy to get all this working perfectly but once it does you can use the same foundation to install any app. If you already had the foundation working, additional apps take only a few minutes.
Want ebooks? Calibre takes 10 mins. Want link archiving? Linkwarden takes 10 mins
And on and on
The foundation of your server makes a huge difference. Well worth getting it right at the start and then building on it.
I use this setup: https://youtu.be/liV3c9m_OX8
Local only websites that use https (Vaultwarden) and then external websites that also use https (jellyfin).
What type/brand do you have now?
Is it still a drop in replacement for gitea, I’ve been meaning to switch
Sleep mode seems to be working well for me on fedora atomic with kde (aurora).
Deep sleep works well and can stay sleeping for days.
Normally sleep rules are working well. The do not sleep toggle in the power menu also works to prevent it from sleeping.
Only thing that doesn’t work is flatpak apps can’t prevent the system from sleeping, so watching a video, using Handbrake to encode etc will all just allow it to sleep if there is no physical input.
I have a 2018 dell xps
And borgmatic makes retention rules with automatic runs super easy. It basically a wrapper that runs borg on the client side.
I’ve been using this for a few months now. Its really great.
Security in layers.
All your services should be using https. Vaultwarden in particular won’t even run without https unless you bypass a bunch of security measures.
This is how to setup local only and external https, I highly recommend this as a baseline setup for every homelab. It allows you to choose how much security you want on a per app basis and makes adding new apps trivially easy.
Anyone with the knowledge to self host will quickly discover 3-2-1. If they choose to follow it, that’s on them but data loss won’t be from ignorance
Borg backup to borgbase is not very expensive and borg will encrypt the data plus the vault is also encrypted
Keep vaultwarden behind wireguard for local only access then also use https certs and good master password. Very secure like this
Last in checked, there is an open PR for the PWA Android app the expose the share function. That will allow this to work however you will have to install the PWA via chrome since the share feature for PWA is proprietary. Sucks because I use Firefox with a bunch of privacy features .
Https is end to end encryption and doesn’t need to be on their road map
Encryption at rest could be an option but seeing as how many other projects have trouble with it (nsxtcloud), its probably best to have this at the fike system level with disc encryption
Same with jellyfin.
They basically don’t accept recurrent donations on purpose
I’ve got multiple apps using LDAP, oauth, and proxy on authentik, I’ve not had this happen.
I also use traefik as reverse proxy.
I didn’t manually create an outpost. Not sure what advantage there is unless you have a huge organization and run multiple redundant containers. Regardless there might be some bug here because I otherwise have the same setup as you.
I would definitely try uploading everything to the latest container version first
For people wanting the a very versatile setup, follow this video:
Apps that are accessed outside the network (jellyfin) are jellyfin.domain.com
Apps that are internal only (vaultwarden) or via wireguard as extra security: Vaultwarden.local.domain.com
Add on Authentik to get single sign on. Apps like sonarr that don’t have good security can be put behind a proxy auth and also only accessed locally or over wireguard.
Apps that have oAuth integration (seafile etc) get single sign on as well at Seafile.domain.com (make this external so you can do share links with others, same for immich etc).
With this setup you will be super versatile and can expand to any apps you could every want in the future.
The same as for anything else if your phone gets stolen. You restore from backups.
Aegis allows you to make a backup that you can keep yourself on your computer, your own cloud storage etc.
Every OS has some kind of built in vault/encryption feature. Put the file in there. It only needs to be updated when you add another 2fa account (so very infrequently)
Steamos is based on arch so they are helping with upstream development