mb_

LOL

They are trying to bore only your customers, attackers have direct access (=

There are a few ways to do it, but you don't use caddy for SSH.

• host SSH on port 22, forgejo on a different port. Expose both ports to the internet
• host SSH on a different port, forgejo on port 22. Expose both ports to the internet
• host SSH on port 22. Forgejo on port 2222. Only 22 exposed to the internet. Change the authorized_keys user of the git user on host to automatically call the internal forgejo SSH app

Last option is how I run my Gitea instance, authorized keys is managed by gitea so you don't really need to do anything high maintenance.

~git/.ssh/authorized_keys:

command="/usr/local/bin/gitea --config=/data/gitea/conf/app.ini serv key-9",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty,no-user-rc,restrict ssh-rsa PUBLICKEYHASH

/usr/local/bin/gitea:

ssh -p 2222 -o StrictHostKeyChecking=no [email protected] "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" $0 $@"

127.0.0.14 is the local git docker access where I expose the service, but you couldn't different ports, IPS, etc.

Damn.. You too?

Hello fellow homelabber

distcc so you can compile on the faster ones and distribute it

I can't remember all the details, but depending on the CPU you are running you may need some extra configuration on opnsense.

There were a few issues, on my servers, running on older Intel Xeon CPUs, but I eventually fixed them adding proper flags to deal with different bugs.

Other than that, running on a VM is really handy.

I am usually more worried about the phone being in some blacklist or not, this has always been one of my issues with the used phone market.

On to your question - 32% battery health seems pretty bad. I just replaced my s22 ultra that I used quite heavily for the last 2 years, it is at 86% battery Healthy.

Hold my beer

https://revolt.chat

Although, I have never used it (=

On nvidia, there are still too many edge cases involving Wayland that are just crippled. Orca slicer doesn't work for me for example, you are completely missing any of the 3d accelerated graphics in there.

On the other hand, the AMD 7x00 series have different kind of bugs, with ring0 errors leading to full resets.

I think once nvidia drivers are squared out (the proprietary ones) it will be smooth sailing.

It is nice that you got it running, but when everything you end up doing is running services in low ports or needing specific IP address in different networks, rootless podman is just a PITA.

In my case I have one pihole running on a docker container and another one that runs directly on a VM.

Someone said before "what's the point of running in a container"... Well, there really isn't any measurable overhead and you have the benefit of having a very portable configuration.

I do think the compromises one has to go through for podman rootless are not worth in this case, for me, not even the rootful worked properly (a few years ago), but this is a nice walkthrough for people wanting to understand more.

Let's not talk about HDMI 2.1 with an AMD graphics card either..

It is user friendly, and technically incorrect, since nothing ever lines up with reality when you use 1000 because the underlying system is base 8.

Or you get the weird non-sense all around "my computer has 18.8gb of memory"...