[-] funkless_eck@sh.itjust.works 2 points 2 hours ago

ok fair, I meant - via synecdoche - the cluster of (or lack of) employment laws that make things flexible for employers works both ways.

It is very different in countries with strict employment laws

[-] funkless_eck@sh.itjust.works 18 points 4 hours ago

40% of death penalty convictions are later exonerated.

If it was 1% you might have a case, but pretty much "clearly showing signs" is akin to flipping a coin right now.

[-] funkless_eck@sh.itjust.works 2 points 5 hours ago

they bought back Titan recently with a seasonal expansion with lots of underwater stuff and a story with the giant serpant that lives in the methane sea.

But when the season ended I think they took it away again.

[-] funkless_eck@sh.itjust.works 4 points 9 hours ago

it literally says they were fired for using a mouse jiggler.

However, I live in a so-called right-to-work state, which means my employer can do whatever the fuck they like - but the flip side is - so can I.

The contract I signed doesn't mention which or how many hours I work, just that I don't disclose privileged information to competitors.

[-] funkless_eck@sh.itjust.works 10 points 1 day ago

it's more interesting to me you think Britney Spears wasn't marketed towards men.

[-] funkless_eck@sh.itjust.works 13 points 1 day ago

drink verification can

[-] funkless_eck@sh.itjust.works 20 points 3 days ago

I mean do we understand evolution better than gravity?

The last panel indicates someone at the bleeding edge of science, at that level too, surely there's mystery in biology as well?

[-] funkless_eck@sh.itjust.works 27 points 3 days ago

eh I find their tall boys of sparking water have made it so I hardly drink alcohol at all now.

It's worth $1.57 to fool my brain, and certainly cheaper than the same amount of beer.

[-] funkless_eck@sh.itjust.works 6 points 3 days ago

in my org it's a single process to deprovision someone of access to all tools including home devices.

[-] funkless_eck@sh.itjust.works 29 points 4 days ago

I mean if I married a communist in 1919 or 1953 the Supreme Court would care...

[-] funkless_eck@sh.itjust.works 31 points 4 days ago* (last edited 4 days ago)

the area of Kaifeng in the Henan province of China is a Chinese-Jewish community dating back to 600 AD

Most common family names in that community are Ai, Shi, Gao, Gan, Jin, Li, Zhang or Zhao. Which has crossover with the most popular Chinese names, and the most popular names in the world (due to the population size of China).

In 1901 a group of this community met with Jewish leaders about the aftermath of the Boxer Uprising, one of the delegates was Li Jengsheng and his son Li Zongmei.

I am neither Asian nor Jewish so someone else will have to fill in if those names have any particular connotation.

17
submitted 4 months ago* (last edited 4 months ago) by funkless_eck@sh.itjust.works to c/selfhosted@lemmy.world

-all *arr apps in docker containers using docker compose -tailscale has friendly tailnet name -...magicdns enabled -...global nameservers have mullvad public dns in them

not very confident here, can I just follow this guide (link: https://tailscale.com/kb/1114/pi-hole/) and it works or do I need to change some settings? I notice it tells me to add a custom DNS but mullvad is already in there? how does it know which to use or in which order?

62

Please can someone show off how smart and sexy they are by answering these questions. I don't mind if you just link me to a video or guide explaining it (like I'm 5?) instead of typing it out - but please don't just send me stuff that says something like "To forward to ports correctly, simply forward the correct ports - but be sure to reverse-p the goeanity-2.0 exposed server flange via qPack*7_bingb (IMPORTANT put 1=2 in /conf!!!)" - which is what all the help documents read like to me right now.

Here's what I think I know, but I have probably got wrong, and would be delighted if you could not only tell me how wrong I am but what is the right answer instead:

-> I have a raspberry pi 4 running raspbian/debian bookworm, all software up to date.

-> I have installed docker and docker compose. Docker lets you run apps/programs in separate little cages so if they crash or do something insecure they don't crash or expose the whole computer (the Raspberry Pi), the operating system (Raspbian), or the other apps running in other containers. Docker compose allows you to fine-tune the settings of these apps from outside the container by changing a text file. Each docker container, controlled by a compose yml has a port, e.g. Jellyfin's is :8096

-> I can set up and configure radarr sonarr qbittorrent to download movies, for this I need a VPN. I paid for and installed mullvad (app) but it crashes a lot (for over a minute every 20 seconds), so it looks like I need to configure something like gluetun to do it instead. For this reason I want to stick with mullvad as I paid for it, gluetun is really confusing.

-> However, downloading is only half the battle - assuming I can get a VPN to work without crashing every 20 seconds so it takes less than 5 hours to download a single movie in 1080p(!!!) - I can only watch stuff by plugging an HDMI cable into my raspberrypi and a monitor and using a mouse and keyboard to navigate to the UI and click "play"

-> If I want to watch them on my TV I need to connect something to my TV that talks to the raspberry pi, so I have an NVIDIA shield with Jellyfin installed on it - but in order for the NVIDIA-Jellyfin to connect to the RaspberryPi-Jellyfin it needs to go through the internet (if this is not the case, how does one point the NVIDIA-Jellyfin at the Raspberry Pi jellyfin?)

-> Because it's going through the internet I need to hide my activities from prying eyes, and because it's on the internet it will have a web address (I bought the cheapest domain for a few bucks on namecheap), so a proxy and reverse proxy are neccessary to hide my activity on my end (proxy) and the activity on the internet (reverse proxy) from said prying eyes while allowing me to watch my stuff in peace.

-> I can set up my domain to point to Jellyfin, this means I configure mysubdomain.mydomain.com to point to Cloudflare on the internet. Then I set up Cloudflare to point to NGINX on my raspberry pi. But I really don't know what this entails or how to do it. I changed my nameservers to Cloudflare's on namecheap and that's where I stopped because I didn't understand any further.

-> So, in practical terms, I'm on my sofa and I want to watch a movie in my Jellyfin on my raspberry pi, I open the NIVIDA sheild, I open the jellyfin app and I tell the jellyfin app to go to mysubdomain.mydomain.com

-> I think I'm correct in saying that mysubdomain.mydomain.com is actually an IP address and a public port, so something like 123.456.7.8:443, then Cloudflare - which is the reverse proxy - gets involved (somehow? how?) to say "ah, 123.456.7.8:443, you obviously want to go to funkless.raspberry.pi:NGINX (or rather something like 987.654.3.2:443)" and then NGINX - which is the proxy-proxy, not a reverse-proxy - goes (somehow? how?) "ah, 987.654.3.2:443, you obviously want to go to 987.654.3.2:8096 which is jellyfin")

-> At some point in that last step SSL certificate(s?) need to be issued and used on Cloudflare and/or NGINX - but I don't know how or why - and/or a public and private key

Here's where the questions start:

  • First of all, is that all correct or have I misunderstood something?
  • How does mysubdomain.mydomain.com know it's me and not some random or bot?
  • How do I tell Cloudflare to switch from web:443 to local:443 (assuming I've understood this correctly)
  • Is this step "port forwarding" or "opening ports" or "exposing ports" or either or both? (I don't understand these terms)
  • If my browser when accessing mysubdomain.mydomain.com is always going to port 80/443, does it need to be told it's going to talk to cloudflare - if so how? - and does cloudflare need to be told it's going to talk to NGINX on my local machine - if so how?
  • How do I tell NGINX to switch from local:443 to local:8096 (assuming I've understood this correctly)
  • Is there a difference between an SSL cert and a public and private key - are they three things, two things or one thing?
  • Doesn't a VPN add an extra step of fuckery to this and how do I tell the VPN to allow all this traffic switching without blocking it and without showing the world what I'm doing?
  • Gluetun just looks like a text document to me (compose.yml) - how do I know it's actually protecting me?
  • From https://nginxproxymanager.com/ : "Add port forwarding for port 80 and 443 to the server hosting this project. I assume this means to tell NGINX that traffic is coming in on port 80 and 443 and it should take that traffic and send it to 8096 (Jellyfin) and 5000 (ombi) - but how?
  • Also from that site: "Configure your domain name details to point to your home, either with a static ip or a service like DuckDNS or Amazon Route53" - I assume this is what Cloudflare is for instead of Duck or Amazon? I also assume it means "tell Cloudflare to take traffic on port 80 and 443 and send it to NGINX's 80 and 443 as per the previous bullet) - but how?

If your reaction is "Asking how how to set up port forwarding from Cloudflare to NGINX is a cowardly question - just figure it out!" Please could you at least link me to something that will help me figure it out if all those words just look like gibberish to me?

Thank you so much for your help and time in advance.

391
  • Property mgmt company changed without our input

  • New company sent an intro email

  • This came a few days later. The entire email is like this with 11 ads in it.

  • Get in the fucking sea

127

I'd really like to get started with this stuff but finding the technical requirement exhausting.

Trying to install privoxyvpn- "simply add the proxy to your browser and ensure the configuration is correct" (no help as to what this means, or how to do it and following the basic instructions just renders my browser unable to connect - googling the error message gives me replies like "simply make sure you read the logs" (no description of how to get to the logs or how to read them)

hearing I need a proxy and a reverse proxy, install SWAG — "first, point the A name at your server and the CNAME at the A and then install the SSL certificate - but be sure to pick between directories and subdomains if you have fewer than 20 domains in your account."

Like what the fuck does any of this mean?

Then I hear if I have a proxy it might interfere with the reverse proxy and both might interfere with the VPN and vice versa.

How does one even get started?

355
36

when I see that whichever instance I choose is defederated from another bunch of random instances, is it possible to have those show in my feed without making a separate profile from other instances? and can I turn them off again if I see that defederating was the right idea?

99

the reverse angle

146
192
194
submitted 7 months ago by funkless_eck@sh.itjust.works to c/aww@lemmy.ml
409
view more: next ›

funkless_eck

2028 post score
11414 comment score
joined 10 months ago