• 0 Posts
  • 15 Comments
Joined 1Y ago
cake
Cake day: Jun 17, 2023

help-circle
rss

You can use (self hosted) gitlab as a registry storage. We do that locally so we have both code, pipeline and containers in the same place.



10-50 people normal use case?

For KeePass no, for VaultWarden yes.

Just got triggered for the comment above suggesting a solution that doesn’t work for quite a lot of deployments/users, but yes, my comment was a little bit out of place as for single user deployments KeePass is probably way simpler/better.


Totally agreed, but there are pros and cons.

File - harder to steal but once stolen hacker can bruteforce it as much as it wants. Web service - with proper rate limits (and additional IP whitelist so you can only sync on VPN/local network) - its harder to bruteforce. (But yes, you (sometimes) have also full copy locally in the local client, but …)

If it was only for me I probably would also go with KeePass as you will not update the same db at the same time, but with with multiple users it’s getting unmanageable.

I just got triggered as those CVEs are not that bad due to the nature that the app encrypts stuff on the client side so web server is more like shared file storage, while your answer suggested to switch to a solution that doesn’t work for a lot of people (as we already tried that).


Explain how can you use KeePass+Syncthing with 10-50 people (possibly different groups for different passwords) having different sets of access level while maintaining sane ease of use?

The passwords are encrypted in the first place so the security for them is only on the client side.


grep bat /proc/driver/rtc ❤️

Always learning something new, thanks :)


Because Nginx Proxy Manager exists.

And also because for me it started from web hosting where Apache and Nginx dominate and later because of many easy to understand example configs from the net including many “docker letsencrypt” examples.



Hastebin

Hastebin is a text store site or Pastebin tool that allows you to easily share plain text, such as code snippets, with others

https://www.toptal.com/developers/hastebin/about

FlashPaper

One-time encrypted password/secret sharing

https://github.com/AndrewPaglusch/FlashPaper

More at: https://awesome-selfhosted.net/tags/pastebins.html


I like the concept, you could also detect the compose file name automatically.

Or write down hashes for tag even if compose don’t use your variables so reading from compose, so people would not need to relay on the script but could use it as additional backup


Check also all parent directories, as the whole path need to have access (execute) permissions.


Sounds like a permission problem, probably when you did copy the files then permission did change from like www-data into your user, simplest solution would be to change the permissions for those files (for example to 777 as a temporary solution)


I would also vote for broken writer.

I had multiple issues with DVD drives that could write but then it would not work on any other DVD readers or don’t work at all even on the writer drive. And other way around. They are just to damn delicate, especially those you have in your laptops.

I would try to write the disk with slower speeds as it could improve it somehow like less vibrations or more laser burns.

But in your case l would check if that person does have a TV or even DVD player that could read from USB, or buy them some smart set top box with jellyfin/Plex/Disney+/…


PHP Fatal error: Unparenthesized a ? b : c ? d : e is not supported. Use either (a ? b : c) ? d : e or a ? b : (c ? d : e)