I highly recommend OPNsense over pfSense for the UI improvements alone, but there are other reasons to use/support OPNsense over pfSense.
Can you list or summarize some of the other reasons?
I highly recommend OPNsense over pfSense for the UI improvements alone, but there are other reasons to use/support OPNsense over pfSense.
Can you list or summarize some of the other reasons?
Before Linux command line?
I host tt-rss in docker and use Tiny Tiny RSS in GrapheneOS.
When I install qbittorrent via docker, I see this in the docker logs:
qbittorrent-1 | 2024-11-04T15:25:25.201955254Z The WebUI administrator username is: admin
qbittorrent-1 | 2024-11-04T15:25:25.201974066Z The WebUI administrator password was not set. A temporary password is provided for this session: H7ct3xPes
That’s the default admin credentials for the instance. I can then change the login or pw in the UI.
Thanks for sharing about Backrest. I use Restic and Backrest looks like a great addition to it.
I should add the d.rymcg.tech includes step-ca if you want to host your own CA server, but I agree with @joe@discuss.tchnic.de : it’s not necessary for securely hosting services, and ir can be dangerous I’d not done carefully.
I have a similar setup. I use d.rymcg.tech (a configuration manager for Docker, as well as a collection of open source web services and config templates) and have Traefik (reverse proxy) on a Digital Ocean dropet connected to a VM in my home lab through wireguard. This framework allows me to put authentication and authoriation in front of any apps/services I’m hosting (HTTP basic auth, oauth2, mTLS). This setup allows me to control what is allowed access from outside of my home, without opening any ports.
I self-host forgejo. I’m not a heavy or advanced user, and it suits my needs. I barely use github any more: mainly to star repos I like, and find and use repos (there’s a ton there - it’s almost ubiquitous).
I self-host xBrowserSync. It’s a bookmark sync tool, not a link manager, but it does that very well (set-and-forget - it’s almost invisible). There are browser extensions and mobile apps
I’ve also used Shaarli, which is more of a link sharing tool. Don’t remember much about it, though - sorry.
I think most of the other suggestions seem like a better solution than WordPress, but there is a plugin for WordPress that exports static websites.
I run MiniO in Docker. Love it. I’ve never used Garage or Seaweed.
[SOLVED!] That Stack Exchange post was the solution! I had to ask ChatGPT for assistance (e.g., “how do I view the contents of a .crt and a .p12?”, “how do I add a CA to a client cert?”), but it worked. Thanks for your help, @Evkob@lemmy.ca.
I don’t think I would have ever thought that my client cert didn’t contain the CA, especially because when I clicked on the client cert that was installed in GrapheneOS, it showed me a summary that said it did contain a CA! grrrr
(tagging @one_knight_scripting@lemmy.world as he wanted to know the solution)
Wow! That sounds exactly like my issue. I’ll try the workaround tomorrow. Thanks, @evkob@lemmy.ca.
Thanks for your research and the suggestion, @Evkob@lemmy.ca.
I wasn’t able to make that work, but I don’t think it was trying to solve the problem I’m having, anyway. That procedure was to add self signed SSL certificate to Android, but my certificate is neither self-signed nor an SSL cert. At least I think not - I find certs very confusing. The cert I’m trying to work with is an mTLS cert, a client cert. It’s not used to establish a secure SSL connections, it’s used to verify that I (the person with the cert) and authorized to use the app.
Additionally, I’m able to successfully install the cert into Android, but the problem is that it seems to be ignored. The mTLS cert is installed in GrapheneOS’s “VPN & App User Certificate” section, and my CA cert is installed in the “CA Certificate” section. Vanadium, Fennec, and Mull browsers just aren’t using them. :(
Thanks for the reply, @Evkob@lemmy.ca.
I tried to install my client cert in “CA Certificate” but the certificate manager app in GrapheneOS said that it was the wrong kind of cert to be used in “CA Certificate”. It is, after all, a client cert, not a CA cert.
:(
I just installed this a couple days ago and already used it twice. It’s super easy and convenient.
Thanks for the help and suggestions!
It turns out that my template Debian VM doesn’t have a DE in it, and that’s why I couldn’t forward the GUI from the VM to my local machine: there was not GUI. I installed XFCE on the VM and now I can run XPipe on the VM from my local computer, without XPipe being installed on my local computer: ssh -X user@vm_ip_address xpipe open
I look forward to playing with XPipe - it looks cool and very helpful!
I host a bunch of containers on a few servers, but I don’t do any of it from my local computer. I have a VM (Debian) that I ssh into and do everything from there. Shouldn’t XPipe work the same on that VM as it would on my local computer? I wouldn’t think XPipe would care (or know) if it was running on a VM, as long as that VM has a shell it can integrate with.
But I suppose even if that’s true and XPipe works fine in the VM, there is still the issue of displaying the GUI on my local computer.
Thanks for that info, @AtariDump@lemmy.world