NFS works great for media files and stuff but be careful and know what you are doing before you go put database storage on it.

Chimera Linux is very interesting. Has anyone here tried running it?

My guess is some firmware or modules that just makes it that big and if you want room for snapshots you need to resize (or uninstall some variant if not needed). OS installer might have too small default size for a setup like this.

300MBish for a kernel is totally normal and you have 3 variants installed.

One way to go about the network security aspect:

Make a separate LAN(optionally: VLAN) for your internals of hosted services. Separate from the one you use to access internet and use with your main computer. At start this LAN will probably only have two machines (three if you bring the NAS into the picture separately from JF)

• The server running Jellyfin. Not connected to your main network or internet.

• A “bastion host” which has at least two network interfaces: One connected outwards and one inwards. This is not a router (no IP forwarding) and should be separate from your main router. This is the bridge. Here you can run (optional) VPN gateway, SSH server. And also an HTTP reverse proxy to expose Jellyfin to outside world. If you have things on the inside that need to reach out (like package updates) you can have an HTTP forward proxy for that.

When it’s just two machines you can connect them directly with LAN cable, when you have more you add a cheap network switch.

If you don’t have enough hardware to split machines up like this you can do similar things with VMs on one box but that’s a lot of extra complexity for beginners and you probably have enough of new things to familiarize yourself with as it is. Separating physically instead of virtually is a lot simpler to understand and also more secure.

I recommend firewalld for system firewall.

Here, you dropped this: /*

BTW ncdu -x /boot

Regarding the questions on Bluetooth security, his great presentation from last month covers a lot of your questions and more.

https://media.ccc.de/v/39c3-bluetooth-headphone-jacking-a-key-to-your-phone

Bluetooth hacking is quite rare.

I wouldn’t be so sure.

Watch this.

Partitioning in the Debian installer being half-broken is something nobody talks about but IME still a thing.

What do is step through the installer to the point where you’re at, ctrl+F* to get a shell, set it up manually using fdisk/mdadm/lvm/cryptsetup/mkfs, and then back again to rescan and just assign the mounts and filesystems

I think I still have a half-written guide for just this in drafts somewhere actually. If you get stuck you can DM and maybe I dig something up

deleted by creator

I think it depends a lot on what you are building.

For bigger projects and apps leveraging the mobile platform I’m 100% with you.

These kinds of frameworks can still be a good fit for a quick MVP demo, as a stepping stone for porting an existing web app, or if all you really want is a glorified web view (or are PWAs enough for the last one these days?)

Specifically RN is in terrible shape and IMO something to avoid though.

Everything in there is relevant and applies to flatpaks too. Being aware of the risks is important when using alternative distribution methods. With power, responsibility.

Tricking users into using Snap without realizing it, making them unknowingly vulnerable to exploits like this, would be really really bad and unethical on Canonical’s part.

That is not what is happening at all.

Just so nobody is confused or gets afraid of their install: Getting the Firefox snap installed via Ubuntus apt package does not make users vulnerable to what is talked about here and is just as safe as the apt package version. For Firefox snaps might even be safer since you will probably get security patches earlier than with apt upgrades and get some sandboxing. In both cases you are pulling signed binaries from Canonical servers.

The post is about third-party fake snaps. If you run a snap install command from a random web site or LLM wkthout checking it, or making a typo, then you are at risk. If Ubuntu didnt have snaps, this would be malicious flatpaks. If Ubuntu didnt have flatpaks, it would be malicious PPAs. And so on. Whatever hosted resource gets widely popular and allows users to blindly run and install software from third-parties will be abused for malware, phishing, typosquatting and so on. This is not the fault of the host. You can have access to all the apps out there you may ever want or you can safely install all your apps from one trusted source. But it’s an illusion that you can never have both.

People have opinions about if snaps are a good idea or not and thats fine but there shouldnt be FUD. If you are using Canonicals official snaps and are happy with them you dont have to switch.

I do not ask you to read?

So that’s the mistake I made and the important part. Thanks for clarifying.

I still feel misled that it’s labelled as somehing it isn’t (“my reasoning”).

It is indeed with the help of llm. But reasoning is still solid and very curated.

It isn’t your reasoning and promoting it as such when asking us to read doesn’t feel honest at all.

Try answering the questions I asked for yourself and see if anything comes up!

Debian has this (well, for sources at least) and I think it’s somewhere between 20-30 DVD images for actually-everything. Maybe not something for the day-to-day but great to keep on hand for preppers and the paranoid (:

Linux MATE desktop is pretty established and I think has a similar audience. Pretty confusing name choice… “want to install mate on linux? Try linuxmate (no relation)”

BTW are those actually your reasonings on the blog as you say? It reads very LLMy.

Digg is just a shallow VC play that acquired the name and brand I think. No actual relation to OG Digg AFAIK. At launch they had only closed Android and iOS apps, no web.

OP: What makes you interested in thes and what’s your own take? BTW please try to put a more descriptive title for future posts!

What makes you suspect the Nginx config instead of Lemmy? Do you have any failing requests (timeout or statuscode >= 400) in nginx log? What are the failing endpoints?

Both can be true.

I think such character assessment and calling names is unnecessary and off-topic here though. Better engage with substance than judging by vibes and doing ad-hominem.