I recently made a post discussing my move to Linux on Fedora, and it’s been going great. But today I think I have now become truly part of this community. I ran a command that borked my bootloader and had to do a fresh install. Learned my lesson with modifying the bootloader without first doing thorough investigation lol....
Heyha ! Read about dd on makeuseof after reading your post, to see how it works.
Restoring from an image seems exactly what I was looking for as a full backup restore.
However this kind of 1 command backup isn’t going to work on databases (mariadb, mysql…). How should I procede with my home directory where all my containers live and most of them having running databases?
Does it work with logical volumes? Is it possible to copy evrything except /home of the logical volumes?
Do not overthink they want to know about you everything.
That’s true, they probably already have everything they need… It’s not only about my personal data, and my example only points out to the web technology, but everywhere around us are some data hoarding devices that are either used to targeted ads, campaign, profiling, IA dataset feeding… whatever !
It feels like we already lost our right to privacy and how personal data, telemetry is used as a whole in our society…
This post was about browsers but my feelings when I wrote It was a more general “conclusion”. I only found out recently about some “hidden” privacy concerns with browsers (WebRTC leaking your real ip, fonts fingreprinting…) But when I found out about android’s default keyboard sending samples, IOT weaknesses, smart devices data hoarding… It really feels like a losing battle while being connected to the world…
Rethinkdns is probably your best bet! Right now they are missing an important feature where It takes wireguard’s DNS configuration into account, making it obsolete for those who have private dns in a local environnement with an upstream dns !
Hello everyone - I have been wanting to ditch windows on my gaming pc for a while now, and since I have recently finished a large project, I now have the free time to switch. I am relatively comfortable with Debian having used it for a while on my web server as well as school laptop, but I am concerned about using it on my...
I’m currently looking into xfce vs KDE plasma, something I need to pay attention to is a DE with x11 because nvidia hasn’t fully supported wayland ?
Am I right to consider it that way? Or do both support nvidia drivers?
I’m sorry, I only use debian as bare bone on my server and currently considering to switch my main desktop from windaube to linux and alot of informations on the web seem contradictory or incomplete :/
Do you consider testing a better choice than sid for desktop/gaming environment?
I’m really not sure which one I should use. I only have experience with bare bone debian stable as server, I’m trying to find the best choice when switching from windaube to debian :)
Thanks for your insights and personal experiences !
Thanks :) good to know I can switch between those two in KDE ! I need to test Plasma and xfce to see wich fits better my needs and has better suppport for my system !
Thank you for your insights and personal experiences :) I love Debian stable as server, never had any issues on a old Asus laptop ! I have only 2 years of “experience” and started with Ubuntu. Good introduction to linux but switched to Debian (<3)
That’s way I’m asking arround I don’t wan’t to have a too bad experience with Debian as main personal PC !
Thank you for your personal blog post and the wiki link :) will surely read through before making my final choice !
Strange enough TLS 1.3 still doesn’t support signed ed25519 certificates :| P‐256, NIST P‐384 or NIST P‐521 curves are known to be “backdoored” or having deliberately chosen mathematical weakness. I’m not an expert and just a noob security/selfhoster enthusiast but I don’t want to depend on curves made by NSA or other spy agencies !
I also wondering if the EU isn’t going to implement something similar with all their new spying laws currently discussed…
I already checked with apt show emacs and the output clearly shows emacs-gtk as depends on. And while installing the emacs package with: sudo apt-get install emacs it installed a ~400Mo package and all dependencies.
So why doesn’t sudo apt remove --purge --autoremove emacs removes everything ? I thought this command would be the exact opposite of sudo apt install package-name
Thank you very much for your enlighten answer :D !
Removing emacs-gtk itself will work as you expect
Yes that’s what I found out with apt show emacs-gtk, it shows all the dependencies but I found it quiet odd behavior (lack of knowledge).
I wasn’t aware of metapackages, something new to put into my knowledge database.
Edit: While writing my replay and searching through the web and my console, even though I wouldn’t have had understood it while reading it… It actually tells me in the description that emacs is a metapackage… Bad reading skills :/ sorry about that !
Description: GNU Emacs editor (metapackage) GNU Emacs is the extensible self-documenting text editor. This is a metapackage that will always depend on the latest recommended Emacs variant (currently emacs-gtk).
If you don’t mind I have a last question. Imagine I want to remove docker-ce, which depends on iptables among others, if I sudo apt remove --purge --autoremove docker-ce, this isn’t going to remove iptables and break my system right? Because it’s used by other packages, system… I guess, no?
I think a more general question would be how can I be sure I not going to fuck my system while removing packages? Maybe I’m to paranoïd and today it’s relatively safe to do so, compared to years ago??
Thank you for your input :). While this add-on has more flexibility on what to keep in your browser, it only deletes them after they have entered your system. It’s actually not as useful as it sounds because your data is already exchanged with the server.
If you are interested you can read my too long edit to see what I meant and how to block specific cookie before they enter your system. Also on how to spoof your user agent and activate privacy.fingerprintingProtection in firefox.
Yeah NC is way too much bloated and heavily unstable after some long term use. As an alternative for cloud storage I use ownCloud. The newer owncloudIS version needs a bit more maturing before it’s fully functional and less unstable for selfhosters, but the php version is fully functional and the native apps are awesome :).
While AIO is neat on paper, it’s most of the time buggy and not as good as native tools. Having all your tools bind together is a bad idea in my opinion… Having a hammer that’s also a screwdriver, a scissor… Leave them less functional as having them separated !
Yeah this takes more space and is less convenient, but the right tool for the right job is a principle that always works in the long term !
I tried it 3 months ago. It looked nice had some cool features, but It didn’t fit into my personal selfhosted Home server.
This is more or like to help less-tech savy people to secure their infrastructure, which is a good point, but can’t replace a complex wireguard, VPN, opnsense, 2FA , self-signed CA, docker installation.
It’s a bit like Nginx proxy manager, it’s good enough, does what it is suposed to do with minimal user inputs. Less prone to error, security issues…
Smallstep (own CA for self-signed full chain certificates)
Linkding
Gotify + watchtower
Adguardhome
Traefik
Wireguard
Took me to much time to make everything work perfectly together, but learned alot along the road ! Everything hosted on a old spare laptopt with docker containers.
never issue a command not related to package management with sudo or an su’d shell without trying it as a user first, and if it doesn’t work as a user, stopping and thinking about why not and what you were trying to do in the first place.
Thank you ! Because I was always using the root user for everything I also fucked-up my home directories, which really didn’t looked great ! I fixed everything right now (New user, new directory/file system, everything to the correct owner…) and will only add my specific user to the needed groups. I like that workflow, because having to sudo to everything with the root user really give me security concerns ! 👍
I has some degree of privacy. A better way to look at it is to say: It’s less worst ! But full privacy is to shut down all your connected electric aplliances, never connect to the web, sell your house and go living of the grid.
Thank you :) Will look at it, right now I’m happy with selfhosted linkding, but I really miss the native bookmarking way of firefox (tags, folder, subfolders, keywords.)
I wish It could be so simple for everyone… Docker is great when you have an old spare laptop and want to self host a few nice things: vaultwarden, traefik, searxng… Sure it’s relatively new compared to VMs and is going to have some security flaws and reworks during the maturing process… But VMs had also their ups and downs long time ago before It got in a stable maturing state !
VM are nice but we (in my opinion) as human species need to find other solutions to get away from energy, rare metal hungry devices… something in between docker and VMs. But that’s just my opinion.
Plus, docker and derivatives are also really interesting technologies where you have to read manuals and gain deep and durable knowledge to understand the future of virtualization.
Searxng is great ! I totally ditched and blocked all google's DNS/api requests and while the search results are okayish, It isn't as good as google search engine.
Sometimes I get the exact same link from the previous page, sometimes twice and the results aren't as precise as google's engine. But that's a trade I'm willing to take when degoogling !
Also, the docker-container/compose version needs sometimes some inter-docker intervention. If you're not tech-savy and have no idea of python scripts and how to exec into containers, this can sometimes create some frustration, when all engines are raising errors !
Thankfully, if you're not a selfhoster enthusiast, there are plenty of public instances !
It's probably the most important selfhosted service in my stack :) !
Yeah It's probably just me and my learning process ! There was a case, where duckduckgo didn't worked anymore, opened a github issue and followed some steps to change some specfic strings in a python script inside the container (nothing fancy actually).
After the testing process they update the searxng docker image. You probably didn't nocticed it if you regularly pull the new image.
Except for that specific case, it runs smooth as butter :))
Thank you for the insight ! So, I could have used " " instead of ` . Which I normally do, but because I tried to follow the docs blindly, I just used their syntax without questioning the single quotes !
So Podman is an open source container engine like Docker—with “full”^1^ Docker compatibility. IMO Podman’s main benefit over Docker is security. But how is it more secure? Keep reading…...
This makes me anxious… How do you cope with all these different technologies… I mean everything is evolving so fast and everyone wants to have his OWN way of doing things… This is messed up ! Right now IT seems a big maze of technologies and nobody seems to be in sync with each other… specially in devOP and Networking…
I don’t know about Podman, but it’s baffling how much you need to know and understand in IT… And If every 3 years you have to relearn everything, it’s a never ending chase of dying and abandoned technologies and a wast of time :/
I think the more you dig the more you find you could learn
True, but it’s really frustrating to spend time to learn something that’s maybe going to be useless ? Just look at networking in linux distros between networkd, NetworkManager, netplan, nmtui, nmcli, networkctl, ifupdown… all working in different locations and all having their own way of doing things… This is is fucked up :/
Imagine learning docker’s all subtilities and next year it’s deprecated in favor of another technology with his own flavors and commands… :/
Just moved to Linux: a follow up
I recently made a post discussing my move to Linux on Fedora, and it’s been going great. But today I think I have now become truly part of this community. I ran a command that borked my bootloader and had to do a fresh install. Learned my lesson with modifying the bootloader without first doing thorough investigation lol....
Does it even make sense to care about privacy?
Heyha !...
Blocking app access to the internet
Question for the group on a problem I’m trying to solve: How can I block internet access for some apps on standard, OOTB Android?...
Switching to Debian on my gaming pc
Hello everyone - I have been wanting to ditch windows on my gaming pc for a while now, and since I have recently finished a large project, I now have the free time to switch. I am relatively comfortable with Debian having used it for a while on my web server as well as school laptop, but I am concerned about using it on my...
OpenSSH is about to change. (For the better.) (youtu.be)
OpenSSH’s ssh-keygen command just got a great upgrade....
[Q] Removing/deep cleanup of installed package doesn't work as expected. (remove, purge, autoremove)
Hi everyone :)...
Selective cookie blocker ? (GitHub)
Hi everyone !...
Nextcloud as Personal Cloud – Brno Hat (enblog.eischmann.cz)
Cosmos 0.12 major update (github.com)
Backups on Linux seems overwhelmingly complicated...
Yeah another post about backups, but hear me out....
Hey selfhosters, what are you selfhosting?
https://chatsubo.hiteklolife.net/pictrs/image/c786875e-7455-4f5b-8e56-d1af5f1e0cfa.png...
[Question] Debian sudoers and user best practice
Hi everyone 🙂...
Data privacy: how to counter the "I have nothing to hide" argument?
I know data privacy is important and I know that big corporations like Meta became powerful enough to even manipulate elections using our data....
Looking for Self-hosted Bookmark Manager
Does anyone know if there is a self-hosted bookmark manager that has integration with Firefox/Chrome/Brave where I can import all my bookmarks?
Home Server Security
Hey guys,...
SearxNG installation is pretty simple (docs.searxng.org)
Today I decided to install SearxNG, just to for $h1ts and giggles, and to avoid a little bit of tracking by those creeps at Google and Bing....
Traefik, yaml format and backticks...
Hi everyone !...
Linkding/searxng selfhosters: Linkding injector extension !
For those selfhosting linkding and searxng (or using google, duckduckgo, brave) there is a very cool and useful extension: linkding injector !...
Podman is awesome—and totally frustrating
So Podman is an open source container engine like Docker—with “full”^1^ Docker compatibility. IMO Podman’s main benefit over Docker is security. But how is it more secure? Keep reading…...