usrdef

joined 1 year ago
[–] [email protected] 2 points 11 months ago

You can still self-host on a rented VPS. And unless you have a managed VPS, then you're still responsible for the security, and managed hosting is far too restrictive in terms of what you can do. It's just up to you to decide if you trust that company to host your box.

And running one at home is cheap as hell.

This is exactly why I host my own stuff. I know how to tighten up the security to the point where it's just as safe as it would be sitting on some other companies' system, and I don't have to worry about what they're doing with my data, or a data breach. Seen too many companies that are lax on security (such as LastPass).

I throw extra encryption in place when means even if someone were to be able to gain physical access; they've got a hell of a brute force to go through just to break one part.

[–] [email protected] 1 points 11 months ago (1 children)

$5 gives you anyting you want.

[–] [email protected] 1 points 11 months ago

Yup. The feature smacks you in the face.

[–] [email protected] 2 points 11 months ago (2 children)

It's good if you like self-hosting stuff.

However, what I tell people is this:

If you know jack about security and how to lock down a machine that is running Vaultwarden, then it's useless. You should go with Bitwarden.

If you're looking to install it just to play around with, I would be very cautious about what you store there, unless you can lock the system down to where it's not accessible by the outside internet and localized only to your network.

And I have redundant backups in place in case one decides to fail, which are all encrypted with GPG and a few other measures.

If you have it installed and not accessible to anyone else but you, it's a fun project. I like using VW and BW.

The other bonus would be no one is going to look to target you specifically unless you're turned into a target.

Whereas if BW were to be breached, it wouldn't have anything to do with you.

However, BW utilizes encryption, so even if they did somehow manage to get in, they can't read your passwords.

[–] [email protected] 1 points 1 year ago

Honestly, what I'm missing is I wish Keybase would release their server source code.

Zoom has ran that software into the ground and buried keybase in a pile of sh*t. It would be like 10 Christmases in one if someone reversed the client to create an open-source server solution or Zoom released the server code for keybase.

I love Keybase. Absolutely love that program. I HATE the company who owns it.

[–] [email protected] 3 points 1 year ago (1 children)

You should be backing up your secrets to some type of app like Vaultwarden or KeePassXC.

And you shouldn't need to VM host an android OS just to have a secondary means of authenticating. There are plenty of apps out there that support adding your secrets.

Vaultwarden, Bitwarden, KeePassXC, or hell, a Yubikey 5 device and then use Yubikey Authenticator.

[–] [email protected] 1 points 1 year ago

Another option which I've used in the past is that you can set your domain up with Cloudflare and then either utilize a Tunnel, or restrict the domain to your own IP address and it will block all external traffic. I've utilized it for several projects and it has always worked flawlessly. Haven't tried the Traefik / HAproxy method.

But Certbot / LetsEncrypt is extremely easy to use.

[–] [email protected] 1 points 1 year ago (5 children)
  • Vaultwarden + VW Backup
  • UptimeKuma
  • Prowlarr
  • Gitea
  • OpenGist
  • SyncThing
  • Duplicati
  • Docker + Portainer

I want to use VS Code Server, however, I've had an issue with getting an error and not being able to enable syncing. So I sorta gave up on the project for now.

[–] [email protected] 1 points 1 year ago (1 children)

Oh damn, thanks. I'll throw this in Obsidian.

Reverse proxy is exactly why I don't have more things setup in docker. I haven't quite figured out how it, nginx, and the app work together yet.

I had to setup caddy when I installed vaultwarden, and while that was easy because I had a very good guide to assist me, I would have been completely and totally lost if I had to setup caddy2 on my own.

So I definitely need to sit down one day and just do a full day's read on reverse proxy, how it works with Docker and its function, and what I can do with it. Because the vaultwarden setup made it no easier to understand.

I wanted to actually move nginx and mysql over to docker, but reverse proxy is also the reason that's holding me back.

[–] [email protected] 1 points 1 year ago (1 children)

Thanks, I saw the last link when I first set this up, but not the first two. I'll go through them and see if I can find the sweet spot.

It's hard to tell because while I'm the only user using my Gitea repo website, which is pretty much your own personal Github. However, from what I've read, even though there may only be one or two users, the usage of Elastic greatly depends on how much code it has to cache. Then when you search for something, Elastic has to go through all that code.

So from what I understand, the more code you have in a repo, the more Elastic has to work, which makes figuring out the memory a bit of a random gamble.

 

I have a very simple setup running Gitea which I love. However, I enabled Elastic Search because it makes searching much faster than the default method.

I have a VPS running 16GB memory. The only things running on it are Nginx, PHP, Mysql, docker, and a few other things. Very rarely I ever hit over 6GB usage.

The issue comes when I enable Elastic Search. It seems to wipe me out at 15.7GB usage out of 16GB as soon as I start it up.

I searched online and found out about the /etc/elasticsearch/jvm.options.d/jvm.options and adding

-XmxXG
-XmsXG

The question is, what should this amount be. I read that by default, Elastic uses 50%, however, when I started it up, it was wiping me out of memory and making the system almost have a stroke.

But setting it to 2GB seems to make it not as responsive on the Gitea website, sometimes even timing the website out.

So I'm not sure what "range" I should be using here. Or if I'm going to have to upgrade my VPS to 32GB in order to run this properly.

 

Installed vs code server yesterday. The program itself works fine, however, I've tried everything under the sun and I cannot get Turn on Cloud Changes to work, nor any type of sync.

https://i.redd.it/fobmx0v5tvub1.gif

Both the F1 and lower-left options don't work.

https://i.redd.it/y794i7w7tvub1.gif

It also appears that I have certain settings that refuse to load. As you can see in the middle of the screen.

Is their some step I'm missing?

I am accessing it via the local IP for the server. Tried both running it on the server itself, and on another machine networked to the server. Both present with the same issues.

Looked for this product.json file but I found very limited information online about it.

Another piece of info if it helps, currently not running it on a self-signed SSL certificate or certbot and it's not open to the outside. Didn't see anywhere that it was required so I'm not sure if it is a requirement.

view more: next ›