podman rootless running services with quadlet is not a bad start.
Quadlets are pretty nice but require podman > 4.4 to function properly. Debian 12, for example, still only has podman ~4.3 in its repos.
Readit Newspahae commented on A story on home server security raniseth.com/blog/2025-01... · Posted by u/todsacerdoti
pahae commented on Add coffee stains to LaTeX documents (2021) ctan.org/pkg/coffeestains... · Posted by u/todsacerdoti
I actually like their take on the vacat page [0] even more.
pahae commented on Roundcube open-source webmail software merges with Nextcloud phoronix.com/news/Roundcu... · Posted by u/mikece
Do you have recommendations for a self hosted webDAV server that could act as a Dropbox / GDrive replacement? I‘m using Nextcloud only for that use case because I haven’t found anything that seemed as stable.
We used Seafile in $old_job a couple of years back. Still had some rough edges back then (mostly with user management) but the rest was rock solid. Loved working with it, managing and sharing files was pretty easy.
pahae commented on Would we still create Nebula today? defined.net/blog/would-we... · Posted by u/carride
Aside from defined.net, what are the best frontend/management tools for nebula? Last I looked it was all manual config (which is fine for most of us, but limits adoption elsewhere)
I'm not a aware of any other full-fledged solution. There is some opinionated tooling written in Python [0] and Go but nothing coming close to defined.net. This is definitely a point where other overlay solutions look way better.
After having searched (and implemented) this myself for work, the only practical solutions I found were 1) smallstep [1] or 2) Terraform (with the nebula provider [2]) and a CM tool of your choice. The latter can be nicely combined with the ansible provider if that's your CM of choice.
0: nebula-cert-py 1: https://smallstep.com/docs/step-ca/integrations/#nebula 2: https://registry.terraform.io/providers/TelkomIndonesia/nebu...
pahae commented on Intel Launches Arc A580: A $179 Graphics Card for 1080p Gaming anandtech.com/show/21090/... · Posted by u/rcarmo
Is there any reputable website to easily compare GPU performances? I know it depends on the specific game/benchmark, but some kind of standardized score would really help.
Catering more to a German speaking audience but nonetheless a pretty good overview (updated quarterly?):
Performance: http://www.3dcenter.org/artikel/fullhd-ultrahd-performance-u...
Performance/Price w/ German market prices: http://www.3dcenter.org/artikel/grafikkarten-marktueberblick...
pahae commented on The Bvp47 - a Top-tier Backdoor [sic] of US NSA Equation Group pangulab.cn/en/post/the_b... · Posted by u/l0new0lf-G
It is striking that such a backdoor in seemingly safe OSs like Linux and FreeBSD, is nearly completely unknown one year after the revelation. No social media outcries, no mention on the TV, no debates, no comments from people like Torvalds and Stallman (though I by no means imply they were direcly involved).
The reason why is remains a "secret" is that the whole matter is deeply, deeply political.
We are amidst a new Cold War -this time between the US and China. The sole purpose of this backdoor could be exactly to spy on the Chinese government or corporations.
Yet we all know that the NSA would not limit the use of the backdoor to that.
> It is striking that such a backdoor in seemingly safe OSs like Linux and FreeBSD [...]
Not saying these are a 100% secure but you're plying this was _built_ into Linux (and other OSes). It was not. And the PDF makes no such claim either.
Don't forget Nebula[1].
[1] https://slack.engineering/introducing-nebula-the-open-source...
Nebula is fantastic, absolute love it. We use it in production. Cert management can be a bit of a pain on a large scale but there's an excellent Terraform provider [0] that can help. Coupled with the Terraform ansible provider and a little bit of scripting you can automate anything related to cert provisioning and renewal.
[0] https://registry.terraform.io/providers/TelkomIndonesia/nebu...
Tinc is incredible, it has worked flawlessly for me for 6+ years with exactly 0 maintenance.
As trustworthy as it is, I am sadly on the hunt to replace it. Compared to wireguard, the throughput ain't great, and it takes way too much CPU on my low power nodes. I would pay good money for "tinc, but with wireguard transport" -- there's of course projects purporting to do this but I haven't found one I trust yet.
You should give nebula a try. I've recently switched my private VPN setup from wireguard to nebula and am looking into using it for work. It has some really nice features (for our use case), so ymmv. But so far it's been fantastic and very easy to use.
Deleted Comment
Worse, the linked bug report is from a DECADE ago, and the comments underneath don't seem to show any sense of urgency or concern about how bad this is.
Have I missed something? This seems appalling.
[0] https://docs.docker.com/engine/network/packet-filtering-fire...