talkingpumpkin

joined 2 years ago
sorted by: new top controversial old
3
Here's a nixos-rebuild wrapper script that formats and colorizes traces (lemmy.world)
submitted 15 hours ago* (last edited 5 hours ago) by talkingpumpkin@lemmy.world to c/nix@programming.dev
0 comments fedilink
 

Here it is https://codeberg.org/gmg/concoctions/src/branch/main/sh-scripts/nixos-rebuild

(if you try it and find any bugs, please let me know)

edit: I didn't realize the screenshot shows just instead of nixos-rebuild... that runs a script ("recipe") that calls nixos-rebuild so the output shown is from the (wrapped) nixos-rebuild

Which distro is closest to 'GUI/UX for everything, absolutely no CLI' approach like Windows or Mac + and just works (ie passes LTT Linux test) in c/linux@lemmy.ml
[–] talkingpumpkin@lemmy.world 18 points 1 day ago* (last edited 1 day ago) (3 children)

Is MacOs "absolutely no cli"? It wasn't when I was using it (admittedly, some 10yrs ago), except maybe for the basic things which any mainstream linux distro also provides.

What about Windows? Back in the day I would have paid to have a semi-decent CLI instead of being forced to use regedit (I hear regedit is still going strong, but I've not touched windows for an even longer period than MacOs)

Software Survival 3.0 in c/programming@programming.dev
[–] talkingpumpkin@lemmy.world 1 points 1 day ago

The future is 3.0 quantum AI blockchain .com (also orchestrated application server RAD microservices enterprise edition, but TBH those fads weren't as bad as the current ones)

Software Survival 3.0 in c/programming@programming.dev
[–] talkingpumpkin@lemmy.world 4 points 1 day ago

And there’s ceo’s listening to these ~~folks~~ fools [FTFY]

I think it's more like the other way around: the current exaggerated faith in AI did not start from the bottom

Installing **self-hostable** services on a cloud server isn't self-hosting ??? in c/selfhosted@lemmy.world
[–] talkingpumpkin@lemmy.world 16 points 3 days ago

Honestly, do we need a legal definition of what "self hosting" is and what isn't?

I didn't see your post and in the modlog I can only see it's title: "Apparently I'm into Web3, says Netcup" [ed: Netcup is a hosting company].

If your post was discussing stuff specific to your hosting provider, then the mods did well in removing it - if you were talking about things that would have interested this community, then they have probably been too rash in removing the post.

8
(home manager) can i somehow put ~/.local/bin before ~/.nix-profile/bin in my $PATH? (lemmy.world)
submitted 5 days ago* (last edited 3 days ago) by talkingpumpkin@lemmy.world to c/nix@programming.dev
3 comments fedilink
 

I'm trying to get my scripts to have precedence over the home manager stuff.

Do you happen to know how to do that?

(not sure it's relevant, but I'm using home-manager in tumbleweed, not nixos)

edit:

Thanks for the replies - I finally got time to investigate this properly so here's a few notes (hopefully useful for someone somehow).

~/.nix-profile/bin is added (prepended) to the path by the files in /nix/var/nix/profiles/default/etc/profile.d/, sourced every time my shell (fish, but it should be the same for others) starts (rg -L nix/profiles /etc 2> /dev/null for how they are sourced).

The path I set in homemanager (via home.sessionPath, which is added (prepended) to home.sessionSearchVariables.PATH) ends up in .nix-profile/etc/profile.d/hm-session-vars.sh, which is sourced via ~/.profile once per session (I think? certainly not when I start fish or bash). This may be due to how I installed home-manager... I don't recall.

So... the solution is to set the path again in my shell (possibly via programs.fish.shellInitLast - I din't check yet).

Private network storage for my users? in c/selfhosted@lemmy.world
[–] talkingpumpkin@lemmy.world 4 points 1 week ago (4 children)

IDK how much I'd trust them with tech stuff (not much, definitely). However I don't see how encrypted storage may become an attack vector?

I mean, they could clog up the HDDs with crap, but they can already do that via non-encrypted network storage (and in several other ways).

47
Private network storage for my users? (lemmy.world)
submitted 1 week ago* (last edited 1 week ago) by talkingpumpkin@lemmy.world to c/selfhosted@lemmy.world
27 comments fedilink
 

I'd like to give my users some private network storage (private from me, ie. something encrypted at rest with keys that root cannot obtain).

Do you have any recommendations?

Ideally, it should be something where files are only decrypted on the client, but server-side decryption would be acceptable too as long as the server doesn't save the decryption keys to disk.

Before someone suggests that, I know I could just put lucks-encrypted disk images on the NAS, but I'd like the whole thing to have decent performance (the idea is to allow people to store their photos/videos, so some may have several GB of files).

edit:

Thanks everyone for your comments!

TLDR: cryfs

Turns out I was looking at the problem from the wrong point of view: I was looking at sftpgo and wondering what I could do on the server side, but you made me realise this is really a client issue (and a solved one at that).

Here's a few notes after investigating the matter:

  • The use case is exactly the same as using client-side encryption with cloud storage (dropbox and those other things we self-hoster never use).
  • As an admin I don't have to do anything to support this use case, except maybe guiding my users in choosing what solution to adopt.
  • Most of the solutions (possibly all except cryfs?) encrypt file names and contents, leaking the directory structure and file size (meaning I could pretty much guess if they are storing their photos or... unsavory movies).
  • F-droid has an Android app (called DroidFS) that support gocryptfs and cryfs

I'll recommend my users try cryfs before any other solution. Others that may be worth it looking at (in order): gocryptfs, cryptomator, securefs.

I'll recommend my users to avoid cryptomator if possible, despite its popularity: it's one of those commecrial open source projects with arbitrary limitations (5 seats, whatever that means) and may have nag screens or require people to migrate to some fork in the future.

ecryptfs is to be avoid at all costs, as it seems unamaintaned.

Agent Psychosis: Are We Going Insane? in c/programming@programming.dev
[–] talkingpumpkin@lemmy.world 8 points 1 week ago* (last edited 1 week ago)

So basically... AI can be addictive (to vulnerable people)? Maybe the bubble will not burst then.

Agent Psychosis: Are We Going Insane? in c/programming@programming.dev
[–] talkingpumpkin@lemmy.world 5 points 1 week ago

Here it is:

Many of us got hit by the agent coding addiction. It feels good, we barely sleep, we build amazing things. Every once in a while that interaction involves other humans, and all of a sudden we get a reality check that maybe we overdid it.

In His Dark Materials, every human has a dæmon, a companion that is an externally visible manifestation of their soul. It lives alongside as an animal, but it talks, thinks and acts independently. I’m starting to relate our relationship with agents that have memory to those little creatures. We become dependent on them, and separation from them is painful and takes away from our new-found identity. We’re relying on these little companions to validate us and to collaborate with. But it’s not a genuine collaboration like between humans, it’s one that is completely driven by us, and the AI is just there for the ride. We can trick it to reinforce our ideas and impulses. And we act through this AI. Some people who have not programmed before, now wield tremendous powers, but all those powers are gone when their subscription hits a rate limit and their little dæmon goes to sleep.

Looking at Gas Town (and Beads) from the outside, it looks like a Mad Max cult. What are polecats, refineries, mayors, beads, convoys doing in an agentic coding system? If the maintainer is in the loop, and the whole community is in on this mad ride, then everyone and their dæmons just throw more slop up. As an external observer the whole project looks like an insane psychosis or a complete mad art project. Except, it’s real? Or is it not? Apparently a reason for slowdown in Gas Town is contention on figuring out the version of Beads, which takes 7 subprocess spawns. Or using the doctor command times out completely. Beads keeps growing and growing in complexity and people who are using it, are realizing that it’s almost impossible to uninstall.

Finding a new registrar/name server for .at in c/selfhosted@lemmy.world
[–] talkingpumpkin@lemmy.world 1 points 2 weeks ago (1 children)

I don't remember them asking for any ID. Then again I gave them my real name/address and I payed with my credit card so... it's not like they can't confirm it's me.

solved (sort of): How are people discovering random subdomains on my server? in c/selfhosted@lemmy.world
[–] talkingpumpkin@lemmy.world 2 points 2 weeks ago (2 children)

(I missed the first part so I'm not sure I follow)

How are the the subdomains resolved? If you registered them on a public DNS that might be what leaks them. Otherwise... maybe your browser?

Finding a new registrar/name server for .at in c/selfhosted@lemmy.world
[–] talkingpumpkin@lemmy.world 2 points 2 weeks ago (3 children)

I moved to infomaniak because registering domains come with a free mailbox (or at least they used to - IDK if it's still like this).

It works fine with lego (as should any other supported one).

Code Is Cheap Now. Software Isn’t in c/programming@programming.dev
[–] talkingpumpkin@lemmy.world 2 points 2 weeks ago* (last edited 2 weeks ago)

IDK.

I just asked this to perplexity as an experiment:

write a macos terminal command that makes a backup copy if all files in documents/ my home adding the current date and time to each filename

Here's what it concocted:

cd ~ && find Documents -maxdepth 1 -type f -exec sh -c 'for f; do cp "$1" "Documents/$(date +%Y%m%d-%H%M%S)_$(basename "$1")"; done' _ {} +

Now, I am no "prompt engineer" and surely there are better way to ask it stuff, but then again a layman is no prompt engineer either.

So the question is: would a layman be able to provide feedback and have perplexity fix its command?

My "layman-like" feedback (now that I re-read it, IDK how much a layman would have used "recurse"... I'm doing my best here):

I want the files copied to a "backups" folder in my home. It should also recurse into the "documents" folder.

mkdir -p ~/backups && cd ~/Documents && find . -type f -exec sh -c 'mkdir -p "~/backups/$(dirname "$1")" && cp "$1" "~/backups/$2/$(date +%Y%m%d-%H%M%S)_$(basename "$1")"' _ {} "$(pwd)" \;

Feeback:

it says "No such file or directory" (because of $PWD passed as $2 - of course I didn't say this to the LLM)

mkdir -p ~/backups && rsync -a --include='*/' --include='*.*' --exclude='*' --no-links ~/Documents/ ~/backups/"$(date +%Y%m%d-%H%M%S)"/

the date must be in the file name

mkdir -p ~/backups && find ~/Documents -type f -exec sh -c 'dir="~ /backups/$(dirname "${1#"$2"}")"; mkdir -p "$dir"; cp "$1" "$dir/$(date +%Y%m%d-%H%M%S)_$(basename "$1")"' _ {} ~/Documents \;

I don't think I need to continue?

BTW: the LLM also instructed me to do a whole bunch of seemingly useless stuff, like giving Terminal.app full disk access via System Settings > Privacy & Security > Full Disk Access (which I assume is actually a thing in macos but can't verify as I run linux)

edit: I hope I didn't misinterpret the bash commands (I didn't actually run them) and spotted the right bugs in them - even if I didn't I guess my point still stands?

Code Is Cheap Now. Software Isn’t in c/programming@programming.dev
[–] talkingpumpkin@lemmy.world 114 points 2 weeks ago* (last edited 2 weeks ago) (5 children)

Being able to use an LLM turns a layman into a coder no more than being able to use CAD turns them into an engineer.

It's a real pity that LLMs seem to have taken over as the sole topic of discussion in programming communities such as this one. It might be just me, but I find the whole topic barely interesting at all (ie. not more interesting than the discussions about stackoverflow coding we used to have).

27
Trump says he will meet Putin in Hungary in bid to resolve Ukraine war (www.euronews.com)
19
Highlights from Trump’s speech at the UN (www.whitehouse.gov)
submitted 4 months ago* (last edited 4 months ago) by talkingpumpkin@lemmy.world to c/europe@feddit.org
14 comments fedilink
 

Delusional.

264
UK, Canada and Australia recognise Palestinian State (www.euronews.com)
112
NATO at War With Russia, Kremlin Says (www.newsweek.com)
30
Why mount /etc/timezone and /etc/localtime in containers? (lemmy.world)
 

A lot of selfhosted containers instructions contain volume mounts like:

docker run ...
  -v /etc/timezone:/etc/timezone:ro \
  -v /etc/localtime:/etc/localtime:ro \
  ...

but all the times I tried to skip those mounts everything seemed to work perfectly.

Are those mounts only necessary in specific cases?

PS:

Bonus question: other containers instructions say to define the TZ variable. Is that only needed when one wants a container to use a different timezone than the host?

32
Simpler alternative to prometheus-alertmanager and/or graphana? (lemmy.world)
 

Prometheus-alertmanager and graphana (especially graphana!) seem a bit too involved for monitoring my homelab (prometheus itself is fine: it does collect a lot of statistics I don't care about, but it doesn't require configuration so it doesn't bother me).

Do you know of simpler alternatives?

My goals are relatively simple:

  1. get a notification when any systemd service fails
  2. get a notification if there is not much space left on a disk
  3. get a notification if one of the above can't be determined (eg. server down, config error, ...)

Seeing graphs with basic system metrics (eg. cpu/ram usage) would be nice, but it's not super-important.

I am a dev so writing a script that checks for whatever I need is way simpler than learning/writing/testing yaml configuration (in fact, I was about to write a script to send heartbeats to something like Uptime Kuma or Tianji before I thought of asking you for a nicer solution).

70
Do you know if it's possible to run a second session in a window? (lemmy.world)
 

I'm not much hoepful, but... just in case :)

I would like to be able to start a second session in a window of my current one (I mean a second session where I log in as a different user, similar to what happens with the various ctrl+alt+Fx, but starting a graphical session rather than a console one).

Do you know of some software that lets me do it?

Can I somehow run a KVM using my host disk as a the disk for the guest VM (and without breaking stuff)?

32
[SOLVED] Weird (to me) networking issue - can you help? (lemmy.world)
submitted 1 year ago* (last edited 1 year ago) by talkingpumpkin@lemmy.world to c/selfhosted@lemmy.world
19 comments fedilink
 

I have two subnets and am experiencing some pretty weird (to me) behaviour - could you help me understand what's going on?

Scenario 1

PC:                        192.168.11.101/24
Server: 192.168.10.102/24, 192.168.11.102/24

From my PC I can connect to .11.102, but not to .10.102:

ping -c 10 192.168.11.102 # works fine
ping -c 10 192.168.10.102 # 100% packet loss

Scenario 2

Now, if I disable .11.102 on the server (ip link set <dev> down) so that it only has an ip on the .10 subnet, the previously failing ping works fine.

PC:                        192.168.11.101/24
Server: 192.168.10.102/24

From my PC:

ping -c 10 192.168.10.102 # now works fine

This is baffling to me... any idea why it might be?

Here's some additional information:

  • The two subnets are on different vlans (.10/24 is untagged and .11/24 is tagged 11).

  • The PC and Server are connected to the same managed switch, which however does nothing "strange" (it just leaves tags as they are on all ports).

  • The router is connected to the aformentioned switch and set to forward packets between the two subnets (I'm pretty sure how I've configured it so, plus IIUC the second scenario ping wouldn't work without forwarding).

  • The router also has the same vlan setup, and I can ping both .10.1 and .11.1 with no issue in both scenarios 1 and 2.

  • In case it may matter, machine 1 has the following routes, setup by networkmanager from dhcp:

default via 192.168.11.1 dev eth1 proto dhcp              src 192.168.11.101 metric 410
192.168.11.0/24          dev eth1 proto kernel scope link src 192.168.11.101 metric 410
  • In case it may matter, Machine 2 uses systemd-networkd and the routes generated from DHCP are slightly different (after dropping the .11.102 address for scenario 2, of course the relevant routes disappear):
default via 192.168.10.1 dev eth0 proto dhcp              src 192.168.10.102 metric 100
192.168.10.0/24          dev eth0 proto kernel scope link src 192.168.10.102 metric 100
192.168.10.1             dev eth0 proto dhcp   scope link src 192.168.10.102 metric 100
default via 192.168.11.1 dev eth1 proto dhcp              src 192.168.11.102 metric 101
192.168.11.0/24          dev eth1 proto kernel scope link src 192.168.11.102 metric 101
192.168.11.1             dev eth1 proto dhcp   scope link src 192.168.11.102 metric 101

solution

(please do comment if something here is wrong or needs clarifications - hopefully someone will find this discussion in the future and find it useful)

In scenario 1, packets from the PC to the server are routed through .11.1.

Since the server also has an .11/24 address, packets from the server to the PC (including replies) are not routed and instead just sent directly over ethernet.

Since the PC does not expect replies from a different machine that the one it contacted, they are discarded on arrival.

The solution to this (if one still thinks the whole thing is a good idea), is to route traffic originating from the server and directed to .11/24 via the router.

This could be accomplished with ip route del 192.168.11.0/24, which would however break connectivity with .11/24 adresses (similar reason as above: incoming traffic would not be routed but replies would)...

The more general solution (which, IDK, may still have drawbacks?) is to setup a secondary routing table:

echo 50 mytable >> /etc/iproute2/rt_tables # this defines the routing table
                                           # (see "ip rule" and "ip route show table <table>")
ip rule add from 192.168.10/24 iif lo table mytable priority 1 # "iff lo" selects only 
                                                               # packets originating
                                                               # from the machine itself
ip route add default via 192.168.10.1 dev eth0 table mytable # "dev eth0" is the interface
                                                             # with the .10/24 address,
                                                             # and might be superfluous

Now, in my mind, that should break connectivity with .10/24 addresses just like ip route del above, but in practice it does not seem to (if I remember I'll come back and explain why after studying some more)

57
Simplest tool to maintain local mirrors of git repos? (lemmy.world)
 

I want to have a local mirror/proxy for some repos I'm using.

The idea is having something I can point my reads to so that I'm free to migrate my upstream repositories whenever I want and also so that my stuff doesn't stop working if some of the jankiest third-party repos I use disappears.

I know the various forjego/gitea/gitlab/... (well, at least some of them - I didn't check the specifics) have pull mirroring, but I'm looking for something simpler... ideally something with a single config file where I list what to mirror and how often to update and which then allows anonymous read access over the network.

Does anything come to mind?

view more: next ›