Port forwards in the router + DynDns.

Though those leaks showed they actually did it on a large scale. I don’t think they stopped for some arbitrary reason. Why would they? And technology developed further, surveillance is only getting easier. I’d say even without a tin-foil hat on, it’s more likely they do it than not.

Well, centralization and giving up your freedoms, letting someone else control you, is always kinda easy. Same applies to all the other big tech companies and their platforms. I’d say it applies to other aspects of life, too.

And I’d say it’s not far off from the usual setup. If you had a port forward and DynDns like lots of people have, the Dns would automatically update, you’d need to make sure the port forward is activated if you got a new router, but that’s pretty much it.

But sure. if it’s too inconvenient to put in the 5 minutes of effort it requires to set up port forwarding everytime you move, I also don’t see an alternative to tunneling. Or you’d need to pay for a VPS.

Ah, nice. Alright. Thanks again. I’ll see how I can do it. Unfortunately I’ve already set everything up, joined Rooms and connected a few bridges. I hope it doesn’t break. I’ll do a backup first. Seems reasonable and not that hard to upgrade.

Oh well, seems both reasonable. Maybe I should switch before the projects diverge too much. Conduwuit seems pretty active. Hope it stays that way.

Do you happen to have a link where I can read the backstory myself? Thanks for the info anyways. Seems to be a good call.

I found that. Seems it mainly addresses caching and database performance, adds some admin and moderation commands. I’m not sure if it addresses any of the shortcomings I have.

My main question is: Which one is going to be maintained in the years to come and have the latest features implemented? And secondly: Why a fork? Why don’t they contribute their fixes upstream to Conduit?

Ah, well I only read the official documentation on https://docs.conduit.rs/

I’m gonna take a look at this later.

Depends a bit on how much images and videos get shared. If its mainly used for chat by a bunch of people and a few gifs and stickers in-between, it shouldn’t consume that much storage. But sure if you frequently share all your vacation photos, the cache is going to grow fast.

Definitely the whole server name. Other servers and clients can’t guess that information. I think it’s properly documented how to do it.

I installed it like 2 weeks ago. As of now it’s still running and has a really low memory footprint compared to Synapse. But a lot of things aren’t implemented. Chatting works fine. I get a lot of warning messages about not implemented things, though. Like my client (FluffyChat) trying to query some profile status … I’d say try it. I’ve done so. But I can really only give some good advise after a few more weeks of using it. Maybe there is a dealbreaker.

Seems the two German supermarket chains really like to have the same infrastructure everywhere. Everywhere I go the Aldis look exactly the same. They have slightly different products depending on the country. But the price tags, interior, … is basically the same. Okay and we don’t have “Flaschenpfand” everywhere… (deposit on the plastic bottles and the machines where you can return bottles.) I bet all of this makes it a lot easier for their techs and management. And it could also explain why they sometimes redo a store that still looks fine and fit it with the latest shenanigans.

And as an aside: I’ve shopped in the first Aldi store ever. It’s not far from where I live.

Nice, didn’t know about HomeBox. Are there other good inventory systems for home use?

They’re already widely adopted in supermarkets here (Germany).

You could also try the ROCm fork of KoboldCpp

Koboldcpp bundles an interface ontop of llamacpp. And generally it’s relatively easy to get it running.

And cosmos-cloud.io too.

I think you mentioned the major ones. I don’t think I’d give any of them perfect score. But I’ve had a look at most of them. And I’ve been using YunoHost for years.

I’d really like to have something that I can recommend to people, without any downsides. Maybe for small businesses, too. Or non-profits / clubs etc who need a mailinglist and a Nextcloud.

We probably need one super popular self-hosting solution. With SSO so it’s simple to invite friends. Atomic / A/B updates so it’s indistructible. Backups preconfigured and a Marketplace with 1-click installers. Backed by a non-profit or nice community and non-commercial.

As of now all advice here is kinda missing the point or wrong… (Exept the one recommendation to do updates ;-) I wouldn’t use Cloudflare as it’s really bad for freedom, watches your traffic and most interesting things aren’t even in the free/cheap plans… You can’t restrict connections to the “Established state” or you can’t ever connect to your server… And SSH is a safe protocol. Just depends on the strength of your passwords… And yeah, opening ports is never 100% safe. Neither is using computers. They can be hacked but that’s not helping… And I’d agree using Wireguard or Tailscale would help. But you already said you don’t want a VPN…

I didn’t have a proper look at the Forgejo Docker container. I’d say it’s safe. It’s probably using keys instead of passwords(?!) I hope they configured it properly if they ship it per default. And it’s running sandboxed in your Docker container anyways and not running a system shell on the machine.

The issue with SSH is, there are lots of bots scanning the internet for SSH servers and testing passwords all day. Your server will be subject to a constant stream of brute-forcing attempts. Unless you take some precautions. Usually that’s done by blocking attackers after some amount of failed login attempts. This is either preconfigured in your Docker container (you should check, or watch the logs.) Or you’d need to use something like fail2ban on top. Or ignore the additional load and have all your users use good passwords.

(What I do is use Git over https. That worked out of the box while ssh would have required additional work. But I also have lots of other ports forwarded to several services on my home-server. Including ssh. No VPN, no Cloudflare … I have fail2ban and safe passwords. I’m happy with that.)

It depends on the exact specs of your old laptop. Especially the amount of RAM and VRAM on the graphics card. It’s probably not enough to run any reasonably smart LLM aside from maybe Microsoft’s small “phi” model.

So unless it’s a gaming machine and has 6GB+ of VRAM, the graphics card will probably not help at all. Without, it’s going to be slow. I recommend projects that are based on llama.cpp or use it as a backend, for that kind of computers. It’s the best/fastest way to do inference on slow computers and CPUs.

Furthermore you could use online-services or rent a cloud computer with a beefy graphics card by the hour (or minute.)

As far as I know you want a web application firewall to block attacks. A reverse proxy is just to proxy requests and doesn’t necessarily care if it forwards legitimate traffic or attacks.

Maybe you can find a guide/tutorial on how to set it up?

Usually you need the correct packages installed on your system to enable something like VAAPI or QSV. Then you need a version of ffmpeg with that enabled. And then configure it in Jellyfin correctly.

I don’t have any specific insights on how to do it with Fedora. I suppose it’s very similar to how it’s done on other Linux distros.

Hmm. There is value in both. When I started out with NixOS I read lots of wiki articles. And we all know there is some room for improvement. And I also read several configs of other people to see how things tie together. And to look up things that aren’t documented. Nowadays I just put in what I’m looking for and “language:nix” into Github. So there’s lots of personal configs that turn up. Sometimes with useful stuff. So I think anything is better than nothing. But obviously if you have kids, prefer them and let other people come up with the detailed wiki articles 😆

Fair enough. I personally think someday someone will have the same niche issue I’ve already tackled and be happy to stumble over my code while googling it. So I just drop most things I do somewhere for other people to find. Regardless.

But concerning NixOS, I also still need to switch over a few things to agenix and generalize parts of my config before publishing it.

Just put it on Codeberg or Github. Having other people’s config for reference is always nice. Especially for beginners.

I’d recommend YunoHost, too. It’s pretty beginner friendly and you’ll probably get some positive results without learning all at once. I mean you have quite something on your plate if you’re learning Linux, Docker, Docker-Compose and maybe networking and Dev-Ops all at the same time.

Out of curiosity: Did you measure the idle power consumption?

A second-hand used laptop. Or an used Intel NUC.

I’d say it’s difficult to buy anything new for $100 that’s actually worth spending that money.

I’d recommend one if the Mini PCs like

• https://www.amazon.com/-/de/dp/B0BVFKN7ZL
• https://de.aliexpress.com/item/1005004822965821.html

But that’s about twice your budget with a decent amount of RAM and some storage. (And way faster than a RasPi.)

Hmm. I wasn’t trying to recommend privileged or non-privileged mode, just trying to use that to single in on the actual issue.

Alright, if it’s just av1, maybe try to use a tool like vainfo to find the supported codecs. I think ffmpeg fails if an unsupported codec is explicitly specified. But take care if Encoding is mentioned. Some hardware has decoding capabilities only.

It’s a complicated topic. And it also took me 2 whole evenings to get the permissions and everything right. I’m using systemd-nspawn, so my experience doesn’t directly translate. And it’s not any easier than docker.

For video acceleration I found the Arch wiki somewhat helpful. But it’s lots of info and not specific to Docker. Maybe it helps anyways: https://wiki.archlinux.org/title/Hardware_video_acceleration

Hmm. I mean now reading your first output in privileged mode properly, I don’t see any errors, or am I missing something… Seems it loaded vaapi sucessfully?!

Have you tried verifying it’s not the group permissions? You could preliminarily temporarily set permissions with chmod 666 /dev/dri/render128

My older Skylake processor has a bit worse video quality (occasional artifacts) with QuicSync.

Maybe a port forward can do it? That’s under Network -> Firewall. in the “Port forward” tab.

I’d need more info on the intended use-case and what’s the requirement for a tunneling software that’s making ssh tunnels and vpn tunnels unsuitable.

I think that’s a good question. And a nice video. The findings in the paper seem to arrive at that conclusion and we might need to find a better approach. Mind that (as he pointed out) it doesn’t rule out growth in AI. It just hints at probable stagnation with the current methods. I’m already fascinated by the current tech and the new possibilities. But AI is really hyped as of now and I too, think we should take the claims of the big AI companies with a grain of salt. I’m sure the scientists at OpenAI are already concerned with exactly this as they do research for the next generations of ChatGPT. It’s a bit of a bummer that lots of the research get’s done behind closed curtains and we’re going to have to wait for a bit longer to find out.

To follow that up: 45W isn’t that bad. Depending on where you live, I’d say it’s worth it if you get something out of it. (Be able to fit the HDDs, upgradability, …)

Ultimately you’d need to do the maths. Check what it costs to afford an additional 20W of power in a year and whether you should spend that money on better hardware. If my maths is right, 20W for a year at a high price of 30ct/kWh is about $52. So there isn’t that much to be gained. And your electricity might be considerably cheaper anyways.

Hmmh, No I don’t think you can make the idle power consumption go down. Sure, you got to set the right options in the BIOS and Linux. But there is a baseline and that’s with which chipset the mainboard was designed and what kind of components they chose.

And there’s the efficiency of the power supply. Usually they’re built to have a certain degree of efficiency (>80% or >90%) but that’s measured at a certain percentage of the maximum power draw. They’re not at all that efficient at 40W draw. You’d need an expensive PSU not to lose additional efficiency at low power. And generally they don’t come with a standard PC.

So you’d probably end up replacing half of the components of a standard PC while making it more power efficient. And I don’t think that’ll be cheap. You better find something that’s already designed to factor that in. Sadly it’s not what they print on every PC. You have to look for that info and sometimes it’s buried in some PC magazine forum or on Reddit. Sometimes they have additional tricks to squeeze out a tiny bit more, but you better be fine with that number.

I think mostly it’s about the mainboard. Most of the time there are some chipsets that are known to be more power efficient than others. But I’m not up to date anymore and can’t give any good recommendations.

If you want it cheap and most power efficient, generally the advise is to use an old laptop. They’re made to idle at like 10-15W. But you won’t get any SATA ports that way. You’d need external HDDs and connecting them via USB isn’t really super reliable. It’s frowned upon to use a setup like that for RAID or advanced things… But it’s how I started back in the day.

With the upgradability it’s always the question. That’s an additional requirement that makes it more difficult. If it’s an old machine you could end up needing to replace most of it anyways, since you need a new mainboard for a new CPU and along with that the next generation of RAM and then you’ve replaced most of your computer anyways. I’d say there is a limited window of opportunity when upgrading makes sense. But if you’re buying an old machine it may not always be a good idea to make it a requirement.

Most important thing with FUTO is, they learn how to do open source and engage with a community. Maybe it helps if they adopt a few projects with existing communities and which are more than source available.

Most mainboards in full-sized PCs aren’t optimized for power efficiency. But there are some (few) efficient mainboards and PSUs available.

The german c’t magazine publishes guides to build efficient home-servers or workstations every other year. But that’s well above your budget: https://www.heise.de/ratgeber/Bauvorschlag-fuer-einen-sparsamen-Heimserver-aus-c-t-3-2024-9587594.html (400€ new, 17W idle)

The Lenovo seems to draw around 45 Watts on idle. You could go well below 20 Watts if you wanted.

I’d say for most power efficiency along an extremely low budget, you want an old laptop as a home server, or a mini pc like an Intel NUC. But you might want to refine your requirements… What do you need that thing for? How many SATA-Ports etc do you need? Are you more willing to compromise on price or power efficiency?

It’s a shame that nowadays everything “needs” a phone number. I just put in a proper prefix code and then all zeroes as a number if some company forces me to. That works for some of the websites. Some stores even print that on a shipping label. So it might supposedly be there for a reason. But I’ve never heard this helps if a parcel gets lost or something. They won’t call anyways and the real reason is they can store it in some database and depending on the exact business do all kinds of other stuff with it.

Seems in this case they got own domains and independent stores.

And Aliexpress and Temu are very different. Aliexpress seems to be a halfway decent platform. Never had any major issues with them, except what’s to be expected when importing stuff from China. I think it’s very similar to ordering the same thing on eBay.

Temu isn’t. That platform is made to harvest data and prey on their “customers”.

And I can’t comment on Wish. I haven’t been interested in cheap crap.

Hehehe. Yeah they put everything in on their site. From a canary to their company ethics, to an origin story, all necessary buzzwords, job offers (which they have none), a marketplace … Lot’s of flowery words. And honestly, it doesn’t even smell like AI generated text. They’ve probably mastered the bullshit bingo and decided to go all in. I kinda like it (in a twisted way.)

Oh wow, thx. No. I’m just clueless. And there is a cultural difference, so souvereign citizens aren’t the first thing that comes to my mind when reading that word… But thanks for explaining the joke to me, anyways 😅

And how do ultra-libertarians tie into the topic of hosting open source services?