I almost went with OPNsense (having previously used pfSense), but everything else was already on OpenWRT so I decided to keep things consistent. OPNsense is a solid choice, too.

The barracuda I have is basically an x64 board in a 1U half-depth case with two extra network adapters (3 total including the onboard one). I have two of them: one’s running OpenWRT (my router) and the other vanilla Debian.

So if my router one dies, I can just either pull the drive from it or restore a config backup to another suitable PC that has two NICs (or promote the second unit I have).

The config in openwrt is abstracted. So if the hardware and NICs are totally different, you might need to reconfigure the device names in the config so they’re referencing the right NICs, but everything else should “just work” (e.g. WAN and LAN are just arbitrary labels).

If going the route of a backup solution, is it feasible to install OpenWRT on all of my devices, with the expectation that I can do some sort of automated backups of all settings and configurations, and restore in case of a router dying?

That’s what I do. Every device runs OpenWRT except my ONT. Backing up is just a cron script that calls each one and pulls the config.

For my router, I ended up buying an old Barracuda LoadBalancer 340 and installing OpenWRT (it’s an x86 device so it was super easy). It’s a little over-powered for a router, but the price was right. It’s got more than enough spare resources to run some extra stuff, including Docker, so I’m probably going to throw my PiHole container on there since I haven’t been impressed with AdGuard Home (which is available in the repos).

And if you go for an old Barracuda unit like I did, the default BIOS password is bcndk1

Pretty much my thoughts (and experience) as well.

I was thinking it could be used as a kind of exposure therapy to help with that aversion. At least, I’d be willing to try it out for that purpose.

Wouldn’t restoring from such a backup be equivalent to kill -9 or pulling the cable and restarting the service?

Disclaimer: Not familiar with Immich, but this is what I’ve experienced generally.

AFAIK, effectively yes. The only thing you might lose is anything in memory that hasn’t been written to disk at the time the snapshot was taken (which is still effectively equivalent to kill -9).

At work, we use Veeam which is snapshot based, and database server restores (or spinning up a test DB based off of production) work just fine. That said, we still take scheduled dumps/backups of the database servers just to have known-good states to roll back to if ever the need arises.

My current phone is about 8 years old and long overdue for replacement. If I can find a dumb phone that can also act as a hotspot, that’s probably going to be my “upgrade”.

Right?

I offered to take photos at the angles they wanted and email them to my agent, but they said it had to go through the app. I’m pretty sure the adjustor that came out used the same app, but hey, that’s his (work?) phone, not mine. Nor is it my personal info I’m signing away the rights to by clicking “agree”.

CSC eventually told him to get a refund through the company’s website, which in turn insisted he install CSC’s app to proceed.

That should be illegal. I already refuse to install most apps, and I certainly won’t install one for absolute basic customer support purposes.

Lol, like, I hit a deer a few years ago. Insurance wanted me to download their app, walk around my car and take pictures, and they’d send me a check the next day. Nope. I made them send an adjustor. I’m that dedicated to not installing apps. 😆

I’ve only had that happen once on public wifi, and just assumed they were doing SSL stripping like you linked. I worked around it by connecting to my Wireguard VPN and routing my traffic through that.

Also, if you know of any good networking Lemmy communities, feel free to share them.

• !networking@programming.dev
• !networking@sh.itjust.works

Zabbix?

major record labels consider it a parasitic threat

Well, they would know. Takes one to know one.

What do record labels even do anymore? Broadcast radio is dying and even when it was less dead, it was the same 100 payola songs on repeat. It’s never been cheaper or easier to self-record and publish, and there are all kinds of online platforms artists can use to distribute their work and get paid.

Hell, the last few new artists I’ve found were from YouTube/Spotify/Band Camp and had Patreon accounts.

The music industry needs to die off already.

Yeah, if you find more info about that, please share.

If that is the case, DNS would definitely be a crucial service to self-host and make available.

If you already don’t know, Bangladesh was disconnected from the internet for majority of the last week due to government order. It was shut down without any warning. We were put under curfew 24/7, so no leaving home. On the second day of curfew, me, with nothing to do, figured the intranet in our country still worked.

Anyone know more about that? Is that just customer-to-customer communication?

I’ve been fortunate enough to never experience a government-mandated internet shutdown, but I figure the ISPs just disconnect the gateways. If I’m understanding that correctly, it sounds like they just used the ISP network to carry traffic internally. Very clever!

That’s a pretty good opening.

Am I the only one that thinks Scaringe looks like Steve-O?

Lol, you are not. I thought the same thing.

LOL¹⁰⁰

I have probably saved hundreds of links from such a fate in my org. People there use them for everything even though the media they’re using them in allows them to be clicked (e.g. they’re not going out to print where someone has to type them in).

Thankfully, I’m in a position to un-shorten them before they get published. lol

After some time, the domain fully expired and GoDaddy decided to buy it as soon as it did, and charged me £2,225 to renew the domain. I don’t understand how a price that large is justified, considering that my website gets barely any visitors and I basically only use the domain for hosting stuff. No idea how hiking prices this much is legal

GoDaddy is known to do that.

Technically, they’re not hiking the price. GoDaddy bought scalped it after it expired and then is re-selling it at an astronomically higher price. It’s one of the many, many reasons people hate them.

I’m ashamed to say I still have a couple of domains with GD that I haven’t migrated yet. This post might just light a fire under me to get that done.

The 60 EUR price limit may be your limiting factor. Everything else can be covered by the GL.iNet devices available on Amazon. I’ve got a couple of the older ‘n’ travel models, and they work pretty great. I flashed vanilla OpenWRT over top of their customized one, but the original OpenWRT-based software works fine too.

https://www.amazon.com/s?k=GL.iNET

I usually separate my router functions from my AP to make finding hardware easier, so I’m not well versed in router+AP combos these days, but those seem to be well-reviewed and my experience with an older model is also good.

Great news!

Let this be a reminder to show up to vote every opportunity. If your vote wasn’t important, they wouldn’t be working so hard to keep people from exercising that right.

I second this if OP’s not a fan of or doesn’t need all of Nextcloud.

unconditional upvoting of replies if you get one. That shows the other side that you’ve read it and appreciate they typed something for you.

I definitely use “upvote = mark as read” so I’m with you on that. 😆

I’ve looked at that, but not lately. Last I checked, it was kind of pseudo-LDAP and only really focused on user authentication. I can’t read through it now, but will check it out later. For OP’s purposes, though, yeah, that should do nicely as a user base for Authelia.

My LDAP server also backs my DHCP, DNS, SMTP/IMAP, SIP, and a few other things beyond user auth, so I kind of need a full LDAP server. The good thing is once you get OpenLDAP setup (and get a good grasp of the cn=config schema), it’s pretty easy to manage with Apache Directory Studio. Getting to that point, though, lol, is quite a mountain to climb.

I use OpenLDAP for my source of truth (user base) and have Authelia configured to use that for users.

Authelia supports acting as an OIDC provider as well as an auth source for apps I host behind Nginx.

For apps that support LDAP, they’re plumbed directly in to that and apps using more modern auth schemes (or apps that don’t support either OIDC/LDAP) are protected by Authelia - they use the same userbase in LDAP.

OpenLDAP isn’t easy, though, so you might want to look at something like FreeIPA or 389 Directory Server instead.

Should turn around and sue Nintendo for facilitating the facilitation of piracy by making the consoles in the first place.

Lol, yup.

Normally, you’d be right on the money. It’s always some former congressperson/staffer dishing out all the illegal things they saw. Except instead of reporting it to the authorities, they want you to buy their book and read about it.

To be fair / credit where it’s due, he was vocally anti-Trump when he was still holding office. He and Cheney both, and they were ostracized for it.

Can’t speak for OP, but the Vault software itself is fine. It’s their recent change in licensing that has a lot of people upset and looking for alternatives:

https://www.hashicorp.com/blog/hashicorp-adopts-business-source-license

That is why today we are announcing that HashiCorp is changing its source code license from Mozilla Public License v2.0 (MPL 2.0) to the Business Source License (BSL, also known as BUSL) v1.1 on all future releases of HashiCorp products. HashiCorp APIs, SDKs, and almost all other libraries will remain MPL 2.0.

BSL 1.1 is a source-available license that allows copying, modification, redistribution, non-commercial use, and commercial use under specific conditions. With this change we are following a path similar to other companies in recent years.

Have they actually proven this is a good idea, or is this a “so preoccupied with whether or not they could” scenario?

It’s businesses “throwing AI into stuff”, so I’m going to say it’s a safe bet it’s the latter.

Yep, 100%.

In college, I worked at a call center for one of the worst Banks of America (oops, meant banks in America 😉). Can confirm that, and I dealt with a LOT of angry customers.

This is giving me Black Mirror vibes. Like when that lady’s consciousness got put into a teddy bear, and she only had two ways to express herself:

• Monkey wants a hug
• Monkey loves you

I get that you shouldn’t go off on customer service reps (the reason you’re angry is never their fault), but filtering out the emotion/intonation in your voice is a bridge too far.

If you don’t get any other answers:

I run OpenWRT on my router (x86 hardware), and have Adguard Home and Wireguard installed on it.

AdGuard has its own webUI, and Wireguard peers can be managed through LuCI in OpenWRT. It also supports OpenVPN as well as other VPN types.

So you could run a VM with OpenWRT and get all that.

Does nextcloud deck have recurring tasks yet? I didn’t think it did.

Just checked, and no, it doesn’t appear to.

Back when I had roommates, we used a Kanban board. Trello is the “name brand” you may be familiar with, but there’s lots of self-hostable alternatives:

Nextcloud has Decks if you’re running that. If not, there’s also Wekan, Tagia, Planka, or Vikunja.

Most of my devices I was able to flash it right to it (or TFTP boot the installer and go through the steps via console cable). On x86, you just flash a boot image with dd. The hardest “install” was to a batch of enterprise APs where I had to attach a programming clip to its flash chip and use a Rapberry Pi to burn the image. After that, though, I could update them normally

If you’ve reached this point in your OpenWRT install, turn around. lol. I only kept going because I thought I was bidding $12 on a single Aruba AP-105 and ended up getting a lot of 20 (for $12), so I had to figure out some use for them.

Usage is pretty straightforward through the web UI (LuCI). For some more complex configs, it’s sometimes challenging to figure out the UCI syntax to configure (when I was playing around with B.A.T.M.A.N for example) but otherwise is pretty nice.

I read on OPNSense guide it needs 2gb ram

Good to know, thanks. I haven’t deployed it in years (have been using OpenWRT which will run on a potato). Getting ready to build a new router/firewall myself, but I don’t think the 2 GB is gonna be a problem. Have been debating sticking with OpenWRT or going to OPNSense.

Aside from being a little power hungry, then that should do the job. opnSense or OpenWRT should run really well.

Yeah, it would make a beefy router for sure. Wouldn’t be very power-efficient, but would handle the job well.

Outside of that, you’re most limited by the 512 MB RAM. Adding a larger drive would be an easy/cheap upgrade (though it may be SATA II speeds or possibly SATA I).

If you use OpenWRT for your router OS, you can also install AdGuard and get a bit more use out of it.

If you can add an HBA for better SATA speeds, and have room in the case, it might make a halfway decent NAS (or backup NAS).

Please don’t replace the post URL with either of these (so it’s clear where the story comes from), but here’s 2 you can add on:

• https://12ft.io/proxy?q=https://www.newyorker.com/magazine/2024/06/10/can-state-supreme-courts-preserve-or-expand-rights
• https://archive.ph/lF31H