Thanks, I ended up going with Garage, but it has the same issue. I assumed I could just specify some buckets with their keys in the docker-compose or garage.toml, but no - they had to be done through the api or command line.
This is correct, I already installed the minio cli, but when I came back and read this, I tried it out and yes, once garage is running in the container, you can
alias garage="docker exec -ti <container name> /garage"
so you can do the cli things like garage bucket info test-bucket or whatever. The --help for the garage command is pretty great, which is good since they don't write it up much in the docs.
Thanks. I ended up going with Garage (in Docker), and installed the minio client cli for these tasks.
One I'm writing. I use the host file system (as I have a strong preference for simple) for it's storage, but I'm interested in adding Litestream for replicating the database onto AWS.
"Convert this text to make it sound like from a random person: "
Love the effort you've put into this question. You've clearly done some quality research and thinking.
When I asked myself this same question a couple of years ago, I ended up just buying a second hand Synology NAS to use alongside my mini-pc. That would meet your criteria, and avoids the (I'm not sure what magnitude) reliability risk of using disks connected over USB. It's more proprietary than I'd like, but it's battle tested and reliable for me.
Yep, it'd have to be a tiny town to not have a war memorial. If there's no war memorial there's probably an honour bord with the names of the fallen in the hall or RSL. Since ANZAC it's been a part of Australian culture that those who died in service of their country is a sort of sacred thing. It's significance has ebbed and flowed a bit over the years. Our pride in the services was especially damaged in the Vietnam war years, when ANZAC day crowds shrunk quite a bit and you could have imagined at the time that it might all die out. It's had a bit of a resurgence since.
After most big wars, the federal government has put a bit of money into war memorials, and it was pretty much just a matter of the local RSL or town council writing a letter to get a decommissioned artillery piece of some sort, or an old torpedo for the local park as a centrepiece for your ANZAC day ceremony. Also, if you read the plaques on 1950's or 60's buildings in the bush, you'll often see many of them are "War Memorials". War Memorial swimming pools and sports grounds are common ones. The reason communities did this is that at the time donations to "war memorials" were tax deductible.
You've made an interesting observation. For Aussies this is probably something they've never noticed. It's probably not an indication that we're very war worshipping, just that for a small country, the deaths involved in the wars we've been part of were significant, and perhaps especially so for little country towns where the surnames on the honour board match some of the street names and the bloke you were just chatting to at the post office.
Shoutout to Magic Earth, the (weirdly named) iOS app that uses OpenStreeMap data. Works on CarPlay, has reliable routing, and I get a buzz out of updating a changed a speed limit or something on OSM and then seeing the change implemented a few weeks later when I'm driving through there again.
This is a pretty great 1 hour introduction to AI from Andrej Karpathy. It includes an interesting idea of considering LLMs as a sort of operating system, and runs through some examples of jailbreaks.
starcoder2:latest f67ae0f64584 1.7 GB 3 days ago
phi3:latest d184c916657e 2.2 GB 3 weeks ago
deepseek-coder-v2:latest 8577f96d693e 8.9 GB 3 weeks ago
llama3:8b-instruct-q8_0 1b8e49cece7f 8.5 GB 3 weeks ago
dolphin-mistral:latest 5dc8c5a2be65 4.1 GB 3 weeks ago
codeqwen:latest df352abf55b1 4.2 GB 3 weeks ago
llama3:latest 365c0bd3c000 4.7 GB 4 weeks ago
I mostly use starcoder2 with Continue for code autocomplete, the big deepseek coder is a bit slow (I can feel it thinking), but it and the regular llama3 are good for chatbot type programming questions.
I don't really have anything to compare the M1 performance to. I guess the 8GB models output text a little slower than the web versions of the same models, and the 4GB ones about the same. Using ollama in the terminal, there's sometimes a 0.5-2 second pause before it starts outputting. Not with phi3 though - it's surprisingly snappy for the quality of answers.
An M1 MacBook with 16GB cheerfully runs llama3:8b outputting about 5 words a second. A second hand MacBook like that probably costs half to a third of a secondhand RTX3090.
It must suck to be a bargain hunting gamer. First bitcoin, and now AI.
edit: a letter
I use the Continue VS Code plugin with Ollama to use a couple of different models (deepseek-coder-v2 & starcoder2) to recreate a local only Github Copilot type experience for coding. This is on an M1 Apple Silicon though. For autocomplete the generation needs to be pretty brisk - I'm not sure how that would go in a VM without a GPU.
Thanks for your work on this grant, and especially for the fast work fixing the issues under pressure. I had fun benefiting from your efforts.
Yep, I think there's sound arguments for separating out your storage (NAS) and network (router/DNS/PiHole) infrastructure. After that, whatever suits your purpose. I virtualise all my serious services on one machine under Proxmox (mostly for ease of snapshots) then have another machine for things I'm fiddling with, usually again under Proxmox so they are easy to move to production when I'm happy with them.
My NAS and production server run 24/7, I've got a dev server that I turn off if I'm not expecting to use it for a week or so. Usually when I do that, I immediately need it for something and I'm away from home. I have chosen equipment to try and minimize energy use to allow for constant running.
My view on UPS is it's a crucial part of getting your availability percentage up. As my home lab turned into crucial services I used to replace commercial cloud options, that became more important to me. Whether it is to you will depend on what you're running and why.
I've heard that one of the most likely times for hard drives to fail is on power up, and it also makes sense to me that the heating/cooling cycles would be bad for the magnetic coating, so my NAS is configured to keep them spinning, and it hasn't been turned off since I last did a drive change.
I agree. Get a domain name, point it to the internal address of your NGINX Proxy manager (or other reverse proxy that manages certificates that you are used to). A bit of work initially, then trivial to add services afterwards.
I didn't really need encryption for my internal services (although I guess that's good), but I kept getting papercuts with browser warnings, not being able to save passwords, and some services (eg container repository on Forgejo) just flat out refusing to trust a http connection.
OP, I think you'll find !selfhosted@lemmy.world will be fine - please ask your 'probably super dumb' questions there, I'd be stoked to see some I could answer!
My step-up from Pi was to ebay HP 800 G1 minis then G2's. They are really well made, there's full repair manuals available, and they are just a pleasure to swap bits in and out. I've heard good things about, and expect similar build quality from the 1 liter Lenovos.
I agree that RAM is a likely constraint rather than processor for self-hosting workloads. Particularly in my case as I'm on Proxmox and run all my docker containers in separate LXCs. I run 32GB in the G2's which was a straightforward upgrade (they take laptop like memory). One some of them I've upgraded the SSDs, or if not, I've added M.2 NVME drives (that the G2's have a slot for).
- Climate change contributing to
- Climate refugees contributing to
- Breakdown in social cohesion contributing to
- Populism, oligarchs, and authoritarianism contributing to
- Breakdown of international cooperation contributing to
- Inter-nation conflict contributing to
- GOTO 10
Yeah na, put your home services in Tailscale, and for your VPS services set up the firewall for HTTP, HTTPS and SSH only, no root login, use keys, and run fail2ban to make hacking your SSH expensive. You're a much smaller target than you think - really it's just bots knocking on your door and they don't have a profit motive for a DDOS.
From your description, I'd have the website on a VPS, and Immich at home behind TailScale. Job's a goodun.
+1 for the main risk to my service reliability being me getting distracted by some other shiny thing and getting behind on maintenance.
I'm writing a specification for a web app that will store sensitive user data, and the stakeholder asked that I consider a number of fairly standard security practices, but also including that the data be "encrypted at rest", i.e. so that if someone gains physical access to the hard disk at some later date the user data can't be retrieved.
The app is to be Node/Express on a VPS (probably against sqlite3), so since I would be doing that using an environmental variable stored in a file on that same computing instance, is that really providing any extra security?
I guess cloud big boys would be using key management systems to move the key off the local instance, and I could replicate that by using (Hashicorp Vault?) or building a service to keep the key elsewhere, but then I'd need secure access to that service, which once again would involve a key being stored locally.
What's your thoughts, experience, or usual practice around this?
I asked for some advice here a couple of months ago about transitioning to espresso from Aeropress, and have since done that, and thought my journey my have some lessons for others, or y'all might have some ideas for my remaining issues.
Journey
Instant -> Nespresso pods -> Aeropress -> multiple daily espresso
Machine
After a bit of research, I was quite keen on the Sage/Breville Dual Boiler, but it was well out of my price range. I ended up purchasing "The Infuser" which is like their bean to cup Barista Express without the built in grinder. I had been planning on getting the Bambino, but the Infuser was less money (AUD350 - perhaps this model is being retired) and seemed more like a 'real' espresso machine.
The Infuser is a 54mm portafilter, PID, three way valve machine. The water heats quickly (although not as quickly as the Bambino) although I tend to turn it on and let it sit for a while to let the group head warm through anyway.
It's supposed to have volumetric dosing, but the volume output changes with the grind, so perhaps this is just setting how many pumps of the little piston pump or something. It's not time either. In any case, it does allow you to make repeatable shots once you've dialed in and set it. The setting is very simple to change.
The water tank is plenty big enough for me, and the drip tray might be on the small side - I generally empty it every coffee but you could probably do two.
Accessories
I have a personal failing wherein I buy too many gadgets when I'm excited about a new hobby. I'd originally started with a Rhinowares hand grinder with my Aeropress, but had found a 2021 Timemore C2 on eBay which is nicer to hold, and grinds the same amount of beans with a lot less turns. Perhaps it is visibly more consistent particle size, or perhaps I'm imagining that to justify this purchase.
I'm very happy with the eBay puck screen I purchased. I don't know that it's making the coffee any better, but it's keeping the group head clean enough that I don't bother scrubbing it after each shot, and the pucks I tip out of the portafilter have gone from 6.5 to a 3.5 on the Bristol stool chart.
I also got the cheapest ring that goes over the portafilter I could get for charging the basket, and that plus reducing to around 16gm of beans (I only use the double unpressurised basket) means I don't up with tiny specks of coffee all over the kitchen which was a constant issue when I started.
I also have a $2 eBay needle distribution tool, a couple of swirls with that means that when I bang the portafilter on the bench a twice I have a pretty flat, clump free looking bed of grounds that I've just been tamping with the supplied plastic tamp. I've never used anything different, so this seems fine to me although I wish it was a tiny bit bigger as there's a visible ridge left around the outside after tamping. This is probably a future upgrade.
I bought a couple of 220mlish ceramic cups, which I love the look and experience of. If you popped in to see me, that's what I'd serve you, but for daily use I use Duralex 220ml latte glasses since I'm still getting used to the milk frothing process and it's easier to see how that's gone in a glass.
The Experience
My main concern going to espresso was that it would be more mucking on than the Aeropress and that I'd give up and go back to that. Actually, it's probably a similar amount of carry on - just more bench space. They are both more time consuming than the Nespresso machine, but in my opinion worth it for the better coffee experience.
Dialing in has been a bit of a challenge - I'm chasing 16 in, 32 out in 30 seconds, but the click steps on the Timemore seem too big. For example on the medium roast I'm drinking this week that recipe goes from 22 seconds to 50 seconds with a single click. I'm not sure if I'm doing something wrong - I don't think so. In any case, I've just been choosing whatever is closest, and altering the dose and tamp pressure tiny bits to try and improve it a little as I work though that lot of beans. This seems fine for milk drinks.
Fussing on frothing the milk seemed like an optional thing to me, and I wasn't sure I was going to bother (with the Aeropress I just microwaved my milk) but that silkiness of the milk coffee when this is done correctly turns out to very worth. My latte art is highly variable, tending to mostly rubbish @daddyjones@lemmy.world knows what I'm talking about. I think my frothing is fine, but other people seem to be able to decide when the white blob appears on top, whereas mine randomly appears when it feels like it - often too close to the end of the pour when the cup is full. I'm sure this is to do with distance and speed of the pour and I'm missing something important. Feel free to offer suggestions.
The steam wand on this Breville is quite slow (which is probably a plus for me while I'm learning to steam milk), and makes a horrid squealing noise that no one would want to hear in the morning. I don't know if that's all steam wands in the world, just this model, or just my machine or my technique, but the cure seems to be to lower the jug and make half a second of stupidly large bubbles then put the tip back in.
Stopping steaming when I was burning my hand on the jug (which seems to be the standard advice) produced coffee that wasn't hot enough, so I purchased a milk temperature gauge, and highly recommend this. I've started counting how many seconds after the jug is too hot for my hand before the temperature gauge is just touching the red zone, so I could probably ditch it now.
Conclusions
Basically - no regrets. I'm enjoying lovely coffees that feel like a treat every day. I think a grinder with finer steps might be in my (distant) future, and I'd like to solve my latte art issues, but overall the experience has been a source of joy.
Ownership rights are buried in the fine print and downloading or buying physical copies may be the only ways to keep your favourites
*What rights do you have to the digital movies, TV shows and music you buy online? That question was on the minds of Telstra TV Box Office customers this month after the company announced it would shut down the service in June. Customers were told that unless they moved over to another service, Fetch, they would no longer be able to access the films and TV shows they had bought. *
I've been thinking about writing a script that would alert me if there was an updated version of an image I was running.
DockerHub shows an image digest on the page for that tag:
And I can extract the digest for an image I am running with:
docker inspect --format='{{index .RepoDigests 0}}' jc21/nginx-proxy-manager:latest
This matches the one from the DockerHub screenshot. But I can't see a CLI way to get the image digest from a registry. It seems like:
docker manifest inspect jc21/nginx-proxy-manager:latest
should do it, but it pulls out the digest of each of the architecture builds for that tag instead of the one shown in dockerhub.
Is there a way to compare the current local image with one in a registry from the command line? Or perhaps there's a more sensible way to do this?
I'm currently brewing in an Aeropress, and considering one of the lower end espresso machines.
But based on a few comments from James Hoffmann about him drinking filter coffee at home, I'm wondering if an espresso machine is something that people end up using every day, or if people are brewing with simpler methods and just making espressos when they've got time on the weekend or people over?
What's your experience, did you buy a machine and it mostly just takes up counter space, or is it a daily source of joy?
Somewhat bewildered by the millions of Aeropress recipes on youtube, I'm wondering if daily users end up settling into a reliable, simple process that's similar from person to person.
In particular, I note that my method (basically a french press) is vastly different from the one in the instructions which is ground much finer, uses less water, and starts dripping through the filter immediately.
Anyway, here's me:
- 12g mild-roast (coarse ground a touch finer than most people would use for a french press, done with a C2)
- inverted
- one filter paper, not washed, but damp enough to stick
- fresh boiled water (so probs 95°+) 180g
- stir enough to break up the floaties
- push the plunger in far enough that the liquid is almost at the top before I put the filter on
- tip over and start plunging at 1:30, finish by 2:00
- into ~70g warmed milk
I'd love to hear yours.
Moved from a Rhinowares to a 2021 Timemore C2, stumbled out to breakfast and used the same clicks without thinking.
I'm a coffee newb - bought an Aeropress and a Rhino hand grinder, and I've sort of flailed around changing things randomly and ended up with an enjoyable repeatable cup by sticking to the same beans, grind, water temperature, brew time & method that seems to work for me.
My issue is I'm not really sure about the terms used to describe the basic aspects of coffee taste - eg bitter, sour, acidic, under extracted, over extracted, etc. I feel like if I did understand them, that would give me the skill to try different things (such as a different roast) and adjust the other factors to match them to get something that suits me, or to be able to make a cup of coffee that would suit someone else's taste.
I'm wondering if you're able to tell me how to deliberately create these other tastes - I imagine I could comparatively taste them and mentally match the words to the sensations. For example, how can I deliberately create an obviously bitter cup, an over extracted cup etc.
The resources I've got for this project are the Aeropress and grinder mentioned, Nespresso machine, a medium and a dark roast, a French Press, and whatever coffee I can get from a supermarket.
Does this sound like a viable plan? If so, what are the tastes I should learn, and how can I create guaranteed and slightly exaggerated versions of them?
I started on Elitedesk 800 G1s when Raspberry Pis got hard to find and expensive, and I now feel they are better in every respect if you don't need the GPIO pins.
Every time I open them up to upgrade something I'm impressed with the level of engineering. There are quality manufacturer manuals for them, the cooling is good and they look great
The P20iX is a tacticool type 21700 size light. It's very floody - perfect for inside buildings or close range outside where you need a big field of view, and bright enough at 4000 lumens .
The bumps on the front are something super tough for breaking car windows etc - so I guess aimed at first responder types. I quite like the double clicky tail switch. One is a really solid on/off click and the other cycles between light levels.
It has two modes, I use it in the everyday mode where it remembers the light brightness from when you turned it off. There also a hard core mode where it always turns on in max.
The hard plastic holster has a hole in the bottom, which I assume is to avoid melting it with the 4 x 4 x CREE XP-L2V6 leds, but I have occasionally just turned it on in the holster for general lighting if I needed both hands.
Since it's quite easy to pull it out of the holster, I do have a slight worry that it will come out by itself if I'm clambering around somewhere - but it never has yet. The holster is intended for clipping on those massive duty belts - it would swing around a bit otherwise. I have a vague recollection it came with some clips to use on narrower belts but perhaps I've thrown them away.
The 21700 battery it needs is a weird Nitecore one with positive and negative contacts each end. I wasn't wild about that, but in practice I never carry spare batteries, so they can be weird or built in and it's no particular problem. If you really hate this idea, there is an optional caddy for 2 x cr123s - but less brightness and lower run times.
The RovyVon A5x is my EDC at the moment, and I love it enough that I bought another one when I killed it in the washing machine (it's IP66 - but only with the charging plug in - long story at the end).
Like a few of these little lights, it has ancillary LED's on the side. I chose the white+UV side LEDs. The other option is white + red which would probably be more useful, except this is the glow-in-the-dark case, and the UV supercharges that in a couple of seconds.
The GITD is not amazing, but if you're camping away from city lights, it's still bright enough to find the next morning right up till the sun comes up.
The choices for the main LED are CREE XP-G3 or Nichia 219C. I went with the Nichia with a warmer CRI. The Nichia is 450 lumens vs the Cree 650.
The battery is rated 330mAh and is USB-C chargeable (I think my old one was mini USB?). The story with the charging plug on my old one was I washed it in the pocket of some pants, and it still worked, but I could see a drop of moisture inside. I pulled the charging port stopper right out since it kept half closing itself in the rice. Then I couldn't get it back in (probably could have with tweezers) so I thought I'd do that later, then washed it again the following weekend without the plug in. I went all out with the drying attempts, but it was properly soaked through, and never came back from that.
It doesn't really tailstand unless you've got the magnet on (I do) and something to stick it to. It's just a lovely little general use torch for your pocket.
I own, and often carry, a lot of lights. The i1R2 probably hasn't got the most hours on it, but in terms of the number of times it gets turned on, it's by far the winner.
I've EDC'd something like this for about sixteen years. This is the RovyVon Aurora A5 (G3)-UV + White with the Nichia 219C LED. I mostly just use the UV to give the glow in the dark case a little charge as I'm dropping it on the nightstand.
It's not my first A5 - I've killed one in the washing machine. I replaced that one with a Fenix E05R which is way more washing machine proof, but I just never had the same love for it as I do for the A5.
Before those, for many years it was the Fenix LD01 - mine has that wonderful beat up look you only get from using a light every day for years.
There's also been a number of no-name 10440 lights that I seem to lose more easily than the brand name ones :-/
In the same pocket is an Olight i1R 2 on my keys - so it also has the 'well worn' look.
I've been downloading SSL certificates from my domain provider, using cat to join them together to make the fullchain.pem, uploading them to the server, and myself adding a 90 day calendar reminder. Every time I did this I'd think I should find out about this Certbot thing.
Well, I finally got around to it, and it was one of those jobs which turns out to be so easy you wish you'd done it ages ago.
The install was simple (I'm using nginx/ubuntu).
It scans up your server conf files to see which sites are being served, asks you a couple of questions, obtains the Let's Encrypt certificate for them, installs it, updates your conf files to use it, and sets up a cron job to check if it's time to renew the certificate, which it will also do auto-magically.
I was so pleased with it I made a donation to the EFF for it, then I started to think about how amazingly useful Let's Encrypt is, and gave them one too. It's just a really good time to be in this hobby.
I highly recommend Certbot. If you've been putting this off, or only just hearing about it, make some time for it.
We look at what lies behind hundreds of thousands of people having their flights cancelled or delayed
>Nats says that the failure was triggered by a single piece of data in a flight plan that was wrongly input to its system by an unnamed airline.
It will be fascinating as the details of this emerge.
I have an ancient domain that for years has been hosted with a company that allowed wildcard email forwarding - so *@example.com was forwarded to my gmail. So over the years, I've just used a new email address for every signup of anything.
Sadly, the company is getting out of hosting, so I need to move the domain somewhere. The commercial email hosting I've seen seen around is all paid for per mailbox.
Is there a commercial email host that would allow a wildcard like that?
I have low desire to run my own email hosting, but perhaps if it's just a bunch of forwards that might be simpler?
Such a good feeling cancelling my paid tier on Dropbox this week. I've been 'playing' at self hosting for a few months, and now I'm confident in my infrastructure and processes so I can start turning off some of the cloud things I've been paying for.
Dropbox has gone in favor of Syncthing over Tailscale in a hub and spoke arrangement to a VM at home. The main compromise I've had to make is on the iOS experience.
The next subscriptions I'll be cancelling will be Evernote (I have so loved this over the years, but as they've added 'features' the app experience has degraded to the point where it's no longer reliable to add notes from my phone). I'm currently trying Obsidian for this , but thinking about a simpler web markdown editor for mobile.
After that, all my Wordpress blogs will be coming home to my VPS, I imagine with some sort of static site generator.