• 0 Posts
  • 30 Comments
Joined 1 year ago
cake
Cake day: June 1st, 2023

help-circle


  • You have to actually add the middleware into the (default) chain for your https entrypoint (I think in most tutorials it’s called websecure) - in my static conf I have this:

    entryPoints:
      https:                                                           
        address: :443                                                  
        http:                                                          
          middlewares:                                                 
            - crowdsec-bouncer@file                                    
            - secure-headers@file 
    

    And in my dynamic conf I have this:

    http:
      middlewares:
        crowdsec-bouncer:
          plugin:
            crowdsec-bouncer-traefik-plugin:
              CrowdsecLapiKey: "### Enter your LAPI Key here ###"
              Enabled: true
    



  • mbirth@lemmy.mltoSelfhosted@lemmy.worldImmich vs. PhotoPrism
    link
    fedilink
    English
    arrow-up
    7
    arrow-down
    1
    ·
    15 days ago

    Some food for thought:

    When I was looking to get my photos under control, in the end I decided to go all-in with Apple Photos. As I’m also using a Mac, the convenience can’t be beaten. Also, I can easily pull up any photo using Apple’s smart filters and can easily select photos from within apps without having to “share” them to the photos library first.

    But this was only decided after I found out that Apple Photos keeps all photos in separate files in original quality and all metadata in a local SQLite database. Using the osxphotos tool, you can query this database and easily pull out any photo incl. metadata - even when running on other OSes, no need for Apple Photos. This also makes it easy to move everything to another system, if needed.

    I’ve set my Mac to always keep original copies on disk and run a backup to my NAS every night. (Using CCC at the moment, but looking to switch to restic.) This way, all my photos are always off-site in iCloud, on my Mac and on my NAS.

    You’d just need a tool to upload your Android photos to iCloud. From a quick search it seems Sync for iCloud might do the trick - albeit manually … if I read the reviews correctly.




  • I’d suggest /opt/docker/_compose/ for all the compose files. Or, if you keep all the config files for your containers on your NAS, maybe create a share there and put all yml files in it, then mount it on the host. This way everything is on your NAS and nothing is lost if the host freaks out.

    And I’d add the NFS mounts to the compose files as well. When specifying volumes, you can use anything the host OS has a mount.xxx command for. Docker will take care of mounting everything.



  • That probably doesn’t work unless you power-cycle the picture frame after changing the photos.

    I had this with some offline Samsung picture frame and a Transcend WiFi SD card. The SD card runs a small Linux and can be unlocked to add own scripts. I had a script that would rsync files from my storage to the SD. However, while the new files were written to the SD just fine, the picture frame never re-read the list of files from the SD. And after power-cycling, my specific model needed to be turned on manually again. So, that wasn’t a satisfactory solution.



  • If it’s the system with the (locked) KeePass database on it, you should be fine. The encryption can be tweaked so that unlocking the database takes a second even on modern systems. Doesn’t affect you much, but someone trying to brute-force the password will have a hard time. It also supports keyfiles for even more security.

    If somebody infiltrates your end user device, no password tool will be safe once you unlock it.


  • After trying them all, I’m back at having a local KeePass database that is synced to all my devices via iCloud and SyncThing. There are various apps to work with KeePass databases and e.g. Strongbox on macOS and iOS integrates deeply into Apple’s autofill API so that it feels and behaves natively instead of needing some browser extension. KeePass DX is available for all other platforms, and there are lots of libraries for various programming languages so that you can even script stuff yourself if you want.

    And I have the encrypted database in multiple places should one go tits up.





  • Thing is, DMCA doesn’t apply all over the world. There are countries where whatever electronic device you buy is actually yours and you’re allowed to do whatever you want - including messing with the firmware. Also, I’d argue, the DMCA doesn’t apply if you dump the firmware/keys for yourself only without distributing it.

    That being said, it’s unfortunate that these people are mostly in the US where the party with more money decides when a lawsuit is over and not some sane judge that just throws this case back at Nintendo. But after the stuff with Disney+ and the recent one with Uber, I’m not surprised at all anymore.