• 2 Posts
  • 67 Comments
Joined 1 year ago
cake
Cake day: June 18th, 2023

help-circle
  • node815@lemmy.worldtoLinux@lemmy.mlTinkering and Stability
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    9 days ago

    Instability you ask? This is like a slow creep to instability and freeze your system. It’s called the Bash Fork Bomb (look it up if you want), but it’s a copy/paste you put in and it slows your system down by consuming all the system resources and cause it to lock up HARD. It goes away after a system reboot, though.

    I was going to post the code here, but decided to play nice. But if you are curious:

    https://itsfoss.com/fork-bomb/

    (edit: Made ‘slow’ ‘slows’)



  • As a Gen X member who is 50 yrs old, a grandparent of two Grand kids, I never touched a computer until I was 12 years old (1986), this, I think gave me a head start into the computer world with an old Radio Shack Color Computer II (hooked up to my TV) with a Tape Drive to load programs with. With some of the older Gen X group starting to reach retirement age, I think we will probably have a larger portion of the population more adapted to computer than the Boomers before us. That’s not to say that during the 80’s and 90’s everyone was into computers though. The important thing was that schools had Timex Sinclair computers and mostly Apple II computers which were the workhorses even into my high school years in the early 90’s, so exposure to computer basics such as copy/paste and Word processing were certainly well know then!

    I say all of this to mention that while right now, some of the older generation generally knows how to copy/paste, isn’t scared of breaking the computer and pretty much get a long fine with them. I’m more skilled than my peers in a lot of areas but that’s because I’ve used them non stop for so long and the others used them only in school but never saw the value until around Windows 98 or Windows 2000.

    I believe there will be a shift of more computer literacy as the Millennials and Gen Z’s reach my age and older. The writers then may say that compared to the previous generation (ours), that they are miles ahead in their skills and literacy. Even my Grand kids are growing up with exposure to tablets and phones (VERY SPARINGLY), but also live out in the rural country so are getting great life exposure to great outdoors. :) (Ages 2 and 6). One can only dare to imagine what technology we may have 40-50 years from now when they reach my age range.


  • Hands down, Bitwarden app on phone and in browser. Vaultwarden self hosted. Since I host it at home, I know it’s always in my server. The winning thing for me is that Bitwarden Supports Webuathn now, you can use it as it’s own webuathn key you authorize to log in with, so basically go the site you want to login with and when it asks for the webuathn, you can either have Bitwarden use the credentials you stored for it or your own biometric or hardware key instead.

    With this, I sign into Authentik for my SSO just by clicking one link, and Bitwarden prompts to log in and I click the option. I’m auto logged into my server and no UN/PW passed to it.

    I’ve tested others and nothing quite comes close except for KeepassXC, but for me, it’s a matter of personal preference on my side. I’ve been with Bitwarden since the early days.


  • Some examples of using Tasker:

    • When a specific contact sends a text message, it alerts me using TTS so I can be aware they are trying to reach me. I have an older family member she lives closer to, so having an alert from her is important if anything should happen forbid it does. When I plug my phone in to charge, it auto silences the phone and keeps it silenced until I unplug it, built into the same task, if monitors for phone calls from my contact and a few others and overrides it.

    When a specific phone contact or contact calls, it raises the volumes to max. This is useful if you went to an appointment, set your phone on silent or vibrate but forgot to reset it. After the call has been completed, it returns the phone to the original volume you set.

    • When I scan a NFC Tag, i have it send a webhook to my August lock to unlock it. As an apartment dweller, if I go down to the car to unload groceries, the door by default auto locks. This means I have to pull the phone out, unlock it, open the August App, and then tell it to unlock the door and sometimes use the biometric to do so. Having the NFC tag do this means I can put it in my wallet and when I put my phone in the same pocket where the wallet it is, it triggers the door.

    • When connected to my computer only, it keeps the screen on all the time.

    • When I launch certain apps, it keeps the screen on until the app is closed. Very useful when you are at the grocery store working within a strict budget and want to see how much you have put in to the cart!

    • I have a widget on my screen which toggles my Private DNS on/off. This allows me to disable the adblock dns I use if I encounter a public wifi which insists I disable it. (I usually stay away from those, and use my mobile data, but sometimes it’s unavoidable when there is so much interference your 5G goes to NONE and you have to be there for a while.)

    • Likewise, I have a widget which toggles my Tailscale connection on/off which comes in handy as well. Again, if the Wifi spot rejects custom DNS’s and I’m in the scenario above.

    • If you have a Google Account (Sadly, this is the only way). You can view the list of profiles/tasks which other people have built. It’s a growing list. https://taskernet.com/shares/

    • Using third party software such as Wake on LAN, when I come home and connect to my WiFi, it wakes my computer. (Or really any condition I set to trigger it).

    I will say that the dev is very responsive and active in releasing updates and new features.

    With that said, it has a slight learning curve which he(the developer) is working on to help simplify things and modernize it more. Since taking over the project from the previous owner, it’s really grown.

    I admit though, I used to have a lot more tasks and profiles, but it seems that Android is starting to bake those functions in so it’s not as used on my end. But don’t let it it sway you. Your imagination is the only limit with what you can do with Tasker.

    Generally, for less than a cup of coffee, it’s worth the purchase price. :)




  • I use Technitium DNS as both my DHCP and DNS Server on my network. I then have my ISP Router’s DHCP turned off, and point the primary DNS IP To Technitium’s on my network. I have roughly 66-67 network devices at a given time on my network, mostly wireless. (Think wiFi locks, Lights, Outlets etc) then I have my phones and gaming systems an any given thing.

    To manage my IP’s I use an Airtable type of database via BaseRow, also self hosted. Through my router’s records, I copied/pasted every single MAC address I found, into a column in my BaseRow table there, and then added the device name or friendly name to another with an assigned IP I want to use. I have a more organized system of ranges 192.168.1.1-10 is mobile devices, 192.168.1.11-30 is IoT etc…

    By having my network setup in this fashion, I accomplish a few things, all new devices which power on or connect to the router to get their IP assignment fail to get it since it’s turned off there, and they search the network for an available DHCP Server which lands squarely on the TechnitiumDNS server and are assigned it through there. I also have adblocking enabled through the same server so I have a more home wide adblock which works. (You’d be amazed at how much Telemetry a TV Sends out for every single remote keypress!) I have been able to block those with the adblock enabled. With the DNS server, you can also assign DHCP ranges address, it is really an overly complex server and probably overkill for a home network. I’ve only scratched the surface of what it can do.

    If you don’t want to fuss with TechnitiumDNS, there’s AdguardHome, or even PiHole you can use if you want to block Ads (or you can simply disable that function) and those also act as a DHCP Server.

    Or, if you are wanting to spend a few hours configuring it, you could run your own DHCP Server in a VM or dedicated device such as a Raspberry Pi.

    With all of these settings, it’s important to set your DHCP lease offer long enough that if you have to reboot the DHCP Server for kernel update, or it crashes, you won’t have any devices fail as some do regular polling to check for connectivity (My Linux computer does this a lot). I don’t remember if it’s KDE or Arch. Anyway, running the DNS Server also allows you to custom build your own “domain” system if you will. So could assign maybe your self hosted Calendar for example to http://calendar.local or http://calendar.internal.

    By setting up a dedicated DHCP Server, using the manual method or one of the different AdBlock systems, you can also turn off DHCP registration for ‘foreign’ devices or those which aren’t in your DHCP table. This offers a small element of extra security for your WiFi, but it’s not 100% secure if someone knows your IP ranges and Subnet Mask. Also, this will make it easier in the future for you if you upgrade your router or replace it as there’s just two settings to change. (DCHP Server off and the optional self hosted DNS).


  • Why not use a different DDNS service? There are plenty out there. :) I think this may solve your issue. I’ve been using freemyip.com’'s for a while and have had no problem in the past issusing LetsEncrypt SSL’s. At the moment, I’m on Cloudflare tunnels so it’s automatic with them, which I know is a huge trust issue for a lot of people, but I don’t mind it for my stuff. But I do like to have my DDNS as a backup service from time to time.


  • node815@lemmy.worldtoLinux@lemmy.mlAlpine as a desktop OS
    link
    fedilink
    English
    arrow-up
    2
    ·
    2 months ago

    I’ve dabbled in it, but not really committed to it. It’s a great lightweight server of course. I am a KDE Plasma user so I did a quick test of that and was able to install it via Alpine, but at the time, the support for javaws was not there which I needed at the time for my job, so that killed my plans on using it. I may venture back to it later on .


  • I have been using Tailscale, connected it to my domain, I use Authentik for my OIDC/SSO Sign in and tied it that way for the MFA OIDC Login Tailscale let’s you use. All I needed to do is setup a webfinger for it and once it verified my domain, I was able to give them my OIDC settings for them. Tailscale so far for me in the last year or so has been quite simple to use. Plus, being able to log into my admin console and any devices I enroll through Authentik’s front end, has given me peace of mind knowing it’s quite secure. (All of this on a Proxmox server BTW).

    One may argue about self hosting Wireguard and I agree, it’s quite easy to do if you use something like wg-easy which makes it simple to add phones to your network. My concern with it though was having to poke a hole into my firewall for the WG traffic to hit the server, once I got into Tailscale, it’s made it easier and I don’t have any open ports on the router now. I think this is primarily why the Jupiter Broadcasting guys push it so much on their podcasts, not to mention one of the hosts on his podcast is an employee for Tailscale as well, so that probably helps a bit.

    As for funding for both Nebula, or Tailscale, they do cater to enterprise customers so you have the assurance that they do have to answer to them if they revoke a service or ruin it. :)

    For Tailscale, it’s just a matter of them allowing you to add 100 devices for free and it’s simple command to install it on any client via the cli including Apple TV for example. For phones, I have Tailscale on my phone connected 24/7 to my exit node which is my Proxmox server which acts as one, and as a backup, my Raspberry Pi which acts as one as well. So, even if I’m on the road or away from home, I’m always on my home network (unless blocked by overzealous sysadmins on their public WiFi networks). There’s not much to manage via the phone, but I like to think it’s ‘set and forget’ really, once you have it all configured, it just runs in the background and they do not decrypt your traffic much less care what goes through it.


  • I took a quick read of the comments and I apologize in advance if this has been suggested already.

    I use a self hosted DNS server (AdGuardHome) I was using TechnitiumDNS for a long while, but moved over to the other recently so I could do some more blocking as needed (adult special needs house dweller sometimes needs limited internet). It also acts as a DHCP Server so it takes the role of both the DHCP assignments away from the router. As it so happens, this week, I got to experience the benefit of having this setup live when my main router also went down, I was able to switch to a spare router (My ISP provided one) and all I had to do was turn the DHCP off and optionally point the DNS To my AdGuardHome address, set the SSID’s up and I was in business. All of my devices happily reconnected and grabbed their assigned IP’s.

    In short, if you have a spare computer, SBC such as a raspberry PI or whatnot, you can easily host something like that and not have to worry about setting those again.




  • I’ve seen a few mentions of PiHole and AdguardHome, I started on PiHole, then moved to AdguardHome for adblocking. Then I heard about and have been using TechnitiumDNS server which is sort of overkill for our needs, but with the right ad-lists, it is fantastic at blocking advertisements on my home network. Super fast install too, even on a Raspberry Pi 2 :) I run that along with Proxmox-VE (Protected behind OIDC Login) and several other containers on my cranky old Dell Desktop server.

    Mostly Vaultwarden, and a few other services for home private use such as PairDrop for inter system sharing and a self destructing file sharing server for when we need to send documents to our Attorney’s (rarely but sometimes we need to) office via Pingvin.

    I also run:

    • Home Assistant
    • Transmission Dockerized so I can help contribute to the Linux community and share the ISO’s.
    • For some of my externalized sites, I run Authentik It acts sort of like a Reverse Proxy if you configure it to do so. I love that I can simply identify myself with my WebAuthn device skipping any passwords. :)

    With Authentik setup, I can login to things like my Fresh Tomato Router TechnitiumDNS (Both use HTTP Auth headers) and Memos which uses OIDC/SSO. It’s meant to replace our Google Keep notes.

    • Tailscale is installed and I connect to it from my phone when away from home to always stay on my network. Sometimes, hotspots block it so I generally avoid those as much as possible.
    • Wallos to help keep track of our re-occuring subscriptions.
    • Grafana and Promethus - both are staged and ready for configuration and one of those I will get around to eventually.
    • InfluxDB - I plan on moving Home Assistsant logging soon to that which should tie nicely into Grafana later.
    • Ben Phelps’ Homepage - it’s my main server dashboard my wife and I use to access our server. Quite simply one of the best dashboards IMHO.
    • Wyze Cam Bridge - One of the better services in which you can log into your Wyze cams and convert their streams to RTSP, RTMP or HLS streams easily. I have that feed to my Home Assistant Security Dashboard.
    • Baserow It’s a good Airtable alternative and I use it to keep track of my Static IP assignments, Sleep tracker (I suffer from insomnia), and other data points. It’s pretty amazing. I even created a pain logging for for my wife so she just accesses it and answers basic questions about her pain levels and it pushes it to the database for later retrieval.
    • Joplin Server - Sorry, I don’t have the link, but it’s installed via compose. I use Joplin Notes on my phone and computer for keeping my code snippets. I’ve tried Obsidian and it didn’t really meet my needs and Also Anytype, but that’s not self-hosted. Joplin server is for me and that’s become handy a time or two when on the road.
    • Bookstack - my grand plan for that is to build a Wiki for my family to use in the event something should happen to me, they can know how to manage the server with nice screenshots and instructional steps. I have that protected behind Authentik’s OIDC logins.
    • IT-Tools - hands down one of the coolest self hosted tool sets you can use.
    • Webcheck - All-in-one OSINT tool for analyzing any website https://web-check.xyz/ is their demo site. :)
    • Stirling PDF - Kind of like a Swiss-army knife for PDF’s. :)
    • Dozzle - For those times with you really need to see what your Docker logs and too lazy do run a docker logs -follow command.

    I still use Portainer-CE and am happy there, I may try Dockage or the others, but it’s fine for what I need it for (It’s also protected by OIDC)

    I’m sure I may have missed a few, but this post has gone on long enough. :)


  • I left Win8 to go full time on Linux. For several years before this, I used to host web sites professionally and build them so I was used to Centos and Debian servers but not comfortable enough to be able to manage them deeply. In other words, just enough to make them work, but more complex troubleshooting was not my strong suit.

    I later landed a job where their primary systems are Linux based and through that training and learning, I became more comfortable in the CLI and have never looked back.



  • You can always use something like SSHwifty It retains your logins through your browser’s session data and never on your server, but it will allow you to remote into your local system from anywhere on the WWW if you desire to do so. With Tailscale, once you are connected into your Tailnet, you can pretty much SSH into any of your devices as long as the subnet sharing flag is turned on I believe. I’ve never had any issues with mine not allowing any SSH connections.


  • For terminal, the first thing I install is Midnight Commander - dual pane file manager. https://midnight-commander.org/

    For all of my physical Linux machines - Cockpit and Cockpit-File Sharing plugin.

    Desktop

    • Thunderbird

    • Firefox

    • Vivaldi

    • Gnome

    • Chromium I use Firefox, wife uses Chromium and My WFH job I use Chrome. Vivaldi is a backup browser, I’ve been messing around with.

    • QEMU/LibVirtd - So I can run a Windows VM for my old Canon Lide 60 scanner which scans clearly there, otherwise in Linux, it’s contrasted super grey for some reason.

    • Kopia-UI - Backup system which supports NFS Shares - set and forget type of setup.

    • VLC - Need I say more? Lol

    • OnlyOffice - Better aesthetically IMHO than LibreOffice

    • PDF Arranger - Works well to re-arrange pages or rotate them after scanning them in. (I self host Sterling PDF and will probably switch to that later)

    And for some inspiration - the “Awesome Linux Software” list (Not mine) similar to the other Awesome lists you see around. https://github.com/luong-komorebi/Awesome-Linux-Software


  • If after 9pm M-F, and I plug it into AC Power (Not USB on desktop), then it mutes all system sounds until I unplug it from the AC power. During said time, if certain people call, it raises the ringer to full so I can answer it.

    I still have this enabled, but rarely ever use it, it came in handy about a year ago though - when near any of the WiFi hotspots at my work, then turn volume off, upon leaving the range, volume comes back up. Also, enabled my work profile which set an Autonotification to set a timer on my phone and watch for my break and meal periods. I now am full time WFH, so neither of these come in to play.

    While connected to Car bluetooth, cancel my work timers (above).

    I was working on but had to put on pause, a Google Voice interceptor - the goal behind it is to auto use Google Voice to make outbound calls if you are not calling a contact in your list otherwise, if you called one of your contacts, it would use your normal phone number.

    Taskernet share for above (Google Voice Robot) If link is broken, it should be searchable. It’s not guaranteed to work.