Phynecs 🌵​ :donor:​

working in IT

started in support and systems engineering
moving over to development

#selfhosting a lot of stuff

Phynecs 🌵​ :donor:​phynecs@infosec.exchange
2025-05-07

@pterlisten Hmm dann weiss ich auch nicht gerade, der einzige Ort, wo ich UDP verwende (meine Nameserver) nutzt network=host, also sowieso kein Port forwarding

Phynecs 🌵​ :donor:​phynecs@infosec.exchange
2025-05-07

@pterlisten Ich nehme an, du hast den Port wie folgt freigegeben, also mit `/udp`: `-p 443/udp`
ohne Protokollangabe ist es nur TCP

Phynecs 🌵​ :donor:​ boosted:
2025-02-12

@morgthorak I think you might want to make sure you don’t follow me.

Because your “woke communist propaganda” comment makes me think you’re a moron of the first order.

I strongly suspect I am one of those “woke communists” you worry about. But you probably couldn’t actually explain what either of those words actually mean, could you?

I’m a card-carrying atheist, I think a woman’s right to choose is very important, I think that “well regulated militia” means that guns should be carefully licensed and not just randomly given to any moron with a pulse, and I couldn’t care less if you decided to dress up in the “wrong” clothes or decided you’d rather live your life without feeling tied to whatever plumbing you were born with.

And dammit, if that all makes me “woke”, then I think anybody who uses that word as a pejorative is a f*cking disgrace to the human race. So please just unfollow me right now.

Phynecs 🌵​ :donor:​phynecs@infosec.exchange
2025-02-05

@elkcityhazard @gytisrepecka yes, I also just use the stdlib

Phynecs 🌵​ :donor:​phynecs@infosec.exchange
2025-01-09

@merlin you can also directly login at the .is nic and change some settings directly instead of via the registrar

Phynecs 🌵​ :donor:​phynecs@infosec.exchange
2025-01-01

@rachel @merlin well it's no longer jboss, still java tough (now quarkus)

also had to fight some time until I got the optimization and proxy config working ...

Phynecs 🌵​ :donor:​phynecs@infosec.exchange
2024-12-29

@_davd running nameservers (knot dns), gitlab, mailcow and more in "personal" production since mid 2022.
mailcow in docker everything else in podman quadlets
my ignition config is the bare minimum for most hosts, so just an ssh key

sometimes I stumble over selinux, but there were no other hurdles for me

Phynecs 🌵​ :donor:​phynecs@infosec.exchange
2024-12-27

@cholling not with nginx on its own, but looks like it might be possible together with fail2ban: gist.github.com/joecampo/84817

Phynecs 🌵​ :donor:​ boosted:
jwzjwz
2024-12-25

@cstross "If he's against it, I should be for it" is certainly a supportable position to take, but I've read a few articles like this one claiming that the Wikimedia Foundation is already swimming in cash and (in Mozilla fashion) almost none of it gets spent on making the encyclopedia better, so I don't know what to make of that: slate.com/technology/2022/12/w

Phynecs 🌵​ :donor:​phynecs@infosec.exchange
2024-12-07

@gehrke_test sie schreiben "saved in a Ceph cluster" in der Dokumentation und in der Job ausschreibung suchen sie auch einen ceph experten: hetzner-cloud.de/jobs/1827877

hab ich das doch nicht halluziniert ^^

Phynecs 🌵​ :donor:​phynecs@infosec.exchange
2024-12-07

@gehrke_test hetzner s3 ist minio? jetzt nicht nachgeschaut aber dachte das sei ein ceph gateway

Phynecs 🌵​ :donor:​phynecs@infosec.exchange
2024-11-21

@gbraad @nextcloud there are only two providers left on this page?, I remember a lot more, interesting ...

Phynecs 🌵​ :donor:​phynecs@infosec.exchange
2024-11-14

@adrian @winfried well Cloudflare probably only owns one.one.one. (one.one. is an other company) zero.one. is also not owned by cf, so that might also be a reason

Phynecs 🌵​ :donor:​phynecs@infosec.exchange
2024-11-13

@johanneskastl Ran my mail server on Hetzner for a long time, switched to a local smaller company, but not because I really had any problems.

Phynecs 🌵​ :donor:​phynecs@infosec.exchange
2024-11-11

@tendstofortytwo @fredbrooker well you can try using the h2 database, though it might be locked to dev mode, just make sure it's actually in the volume you expect it to be
on the other hand a postgres container won't use a lot of resources, probably less than have of what keycloak requires

Phynecs 🌵​ :donor:​phynecs@infosec.exchange
2024-11-11

@fredbrooker @tendstofortytwo
yes don't miss the production deployment configuration, for example: keycloak.org/server/containers

and be aware, keycloak is no longer using jboss, so the database is not located in /opt/jboss... I guess it's now located in /opt/keycloak/data/h2, but it shouldn't be used anyway, you're better off going with a separate postgres database

Phynecs 🌵​ :donor:​phynecs@infosec.exchange
2024-11-05

@xeiaso.net there is at least one more in the same area, the Norwegian buypass: buypass.com/products/tls-ssl-c

Phynecs 🌵​ :donor:​phynecs@infosec.exchange
2024-11-01

@ctietze well wireguard is the protocol used by the for-profit corp tailscale to provide a mesh network
tailscale supports(I think) an open-source reimplementation of their service called headscale

Phynecs 🌵​ :donor:​phynecs@infosec.exchange
2024-10-26

@fredonline @guyjantic this, it's pretty clear in the proof mails linked in the reddit post

Phynecs 🌵​ :donor:​phynecs@infosec.exchange
2024-10-06

@kev @amoroso Hmm, isn't the request for donation shown on Wikipedia for your local branch and not for running wikipedia.org? Or, at least as far as I remember, a big part of the donation goes to local actions instead of the foundation. If that's your intention, perfect.

I just hope Mozilla does not forget that they have a browser which should try to keep up with the standard.

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst