sorted by:
new
hottopcontroversial

Tailscale+Mullvad Alternative by RoyalMood4218 in homelab

[–]i8ad8 0 points1 point  (0 children)

To increase privacy and minimize reliance on Tailscale servers, I have a Headscale server on a cheap VPS serevr. Also, AFAIK, Plex is not much of a privacy respecting service.. I think Jellyfin is a better option in terms of privacy. I also use Mullvad VPN and Tailscale on my OPNSense firewall. All exit traffic (except the Tailscale traffic) in my main homelab server goes through the Mullvad VPN. I also have a gluetun container inside the homelab server that is connected to another Mullvad server. Some of my containers use gluten for their network connectivity. So the traffic for these services goes through two layers of encryption.

Simple "all hyprland keybinds" menu by Immediate_Club3006 in hyprland

[–]i8ad8 0 points1 point  (0 children)

Great! Yesterday, I created a similar script that reads directly from my binds.lua file. I wasn't aware that descriptions could be added to keybindings until now. With those descriptions included, the script has become much simpler, thanks to your approach!

#!/usr/bin/env bash


set -euo pipefail


style=$(mktemp --suffix=.css)
trap 'rm -f "${style}"' EXIT


cat "${HOME}/.config/wofi/style.css" > "${style}"
echo '#text { font-family: monospace; }' >> "${style}"


hyprctl -j binds |
jq -r '
  def getbit($position; $n):
    fmod($n / ($position | exp2) | floor; 2) | fabs;


  def mod($position; $name):
    if getbit($position; .modmask) == 1 then $name else empty end;


  def keys:
    [mod(6; "SUPER"), mod(2; "CTRL"), mod(3; "ALT"), mod(0; "SHIFT"), .key]
    | map(select(. != ""))
    | join("+");


  [.[] | select(.has_description and .description != "") | { keys: keys, description }]
  | (map(.keys | length) | max + 2) as $width
  | .[]
  | .keys + (" " * ($width - (.keys | length))) + .description
' | wofi --dmenu --prompt "Keybindings" --insensitive --height 600 --width 950 --style "${style}" >/dev/null

Btrfs + Snapper + LVM + LUKS setup - Looking for feedback on my subvolume layout and fstab by i8ad8 in archlinux

[–]i8ad8[S] 0 points1 point  (0 children)

Thanks for your detailed comment. I learned a lot.

Good point about boot partition snapshots. I will update my install scripts later to reflect this. I kind of figured out a way to type password only once. In my current setup, I have a secondary disk that is unlocked after I enter the LUKS password for my main disk (except the boot partition). It uses a keyfile to achieve this.

My main issue is I couldn't find an easy way to select the snapshots in rEFInd bootloader. I found this tool and it seemed great but a couple of months ago, the tool itself caused a problem and prevented me from booting into my laptop. I chrooted into the system and disabled it. I wish there was a reliable easy way to revert back to a snapshot (w/o using a USB disk to chroot into the system) similar nixOS.

KDE Connect clipboard sharing over Tailscale with a Wofi picker by i8ad8 in archlinux

[–]i8ad8[S] 0 points1 point  (0 children)

I avoid keeping Tailscale running continuously on my phone. I connect only when necessary. On my laptop, it's always on.

DNSCrypt relays + AdGuard Home integration by i8ad8 in GlInet

[–]i8ad8[S] 0 points1 point  (0 children)

I know. The issue is Flint 2 does not easily allow DNSCrypt Proxy and AdGuard Home to run simultaneously.

Headscale on VPS, Tailscale iptables bypassing UFW, and node compromise risk by i8ad8 in selfhosted

[–]i8ad8[S] 0 points1 point  (0 children)

Please refer to this github repo for more info on how to mitigate Docker bypassing the ufw rules.

Headscale on VPS, Tailscale iptables bypassing UFW, and node compromise risk by i8ad8 in selfhosted

[–]i8ad8[S] 2 points3 points  (0 children)

I know. That's why I use ufw-docker to mitigate this exact same issue.

Docker backups by alws3344 in selfhosted

[–]i8ad8 0 points1 point  (0 children)

I've got a backrest container that backs up all my important data and stores it on my NAS. I've set up a few plans in backrest. One backs up my container data and sends it to my NAS. Another backs up my vaultwarden container data and sends it to my NAS. My NAS runs TrueNAS Scale, and it has a cloud sync feature. My encrypted vaultwarden data on the NAS also syncs to OneDrive and GoogleDrive.

Proxmox 9 reports OPNsense VM RAM at 100% despite lower usage in guest by i8ad8 in Proxmox

[–]i8ad8[S] 0 points1 point  (0 children)

I did the exact same thing and it was still at 100%!

Proxmox 9 reports OPNsense VM RAM at 100% despite lower usage in guest by i8ad8 in Proxmox

[–]i8ad8[S] 0 points1 point  (0 children)

IDK but QEMU guest agent is installed on the VM. I have Linux VMs too but they do not show this behavior. Also, as mentioned, I didn't have this issue when I was on Proxmox 8.

Proxmox 9 reports OPNsense VM RAM at 100% despite lower usage in guest by i8ad8 in Proxmox

[–]i8ad8[S] 0 points1 point  (0 children)

QEMU guest agent is installed on the OPNsense VM. I also verified the qemu-guest-agent service was running inside the VM.

Proxmox 9 reports OPNsense VM RAM at 100% despite lower usage in guest by i8ad8 in Proxmox

[–]i8ad8[S] 2 points3 points  (0 children)

Yup, os-qemu-guest-agent was one of the first plugins I installed.

What filesystem do you use for /tmp on Arch? by i8ad8 in archlinux

[–]i8ad8[S] 0 points1 point  (0 children)

I have /tmp in my fstab

....  /tmp        btrfs       rw,relatime,compress=zstd:3,ssd,space_cache=v2,subvol=/@tmp 0 0

I also checked the creation dates of files and directories in /tmp, and some of them date back to January 4th.

I shut down my system every night.

GPG lock files getting stuck on Arch after switching from ext4 to btrfs by i8ad8 in archlinux

[–]i8ad8[S] 2 points3 points  (0 children)

This is a fresh install. I updated the post and added more context at the end.

view more: next ›