1. Post your actual configs and logs or people will only be able to guess. (Censor any secrets.)

2. My guess: It’s probably your nginx config.

3. Why are you using 0.19.4? That version is over a year old.

Clickable: !52weeksofcooking@lemmy.zip

Fun idea. Subbed.

I know this website seems sketchy/scammy AF, but I found that these actually do a good job dimming the LEDs to reasonable levels, but keeping them visible.

https://www.lightdims.com/store.htm

I imagine (mostly because of all the “patent pending” bs) that this is a film you just just buy from somewhere else way cheaper, I just don’t know what it is.

I don’t think is is a backdoor. At the moment I wouldn’t consider this article any more than FUD.

It’s unclear to me if the security company has actually said what the vuln is or not, but if it’s what was presented in the slides linked in the article this is at worst something that can be “attacked” from a computer connected via USB (and I’m pretty sure it would also require special software already on the ESP32), where the attack is sending out possibly invalid bluetooth messages to try to attack other devices or flashing new firmware to the ESP itself. It’s not a general “backdoor” in the ESP32 itself. At least that’s the best interpretation I’ve been able to make. Happy to be corrected if anyone finds more info.

It doesn’t sync to homeassistant, but I use a Xiaomi scale with openScale off of F-Droid. There’s a few different scales supported: https://github.com/oliexdev/openScale/wiki/Supported-scales-in-openScale

They may block IP addresses associated with consumer ISPs. Assuming that’s the case, I would guess you’re seeing that as an HSTS/TLS error because their network is trying to trick your browser into redirecting to/displaying an error page hosted by some part of their network.

I am still interested to know the details of how they came to this decision. Why Signal instead of Matrix.

AFAIK, signal doesn’t federate, There is no “signal server-to-server” protocol. When people say “The Signal Protocol”, they are talking about a cryptographic protocol, not a network protocol.

As for why they wouldn’t use Matrix, I would assume it’s just too heavy of a protocol for the scale they operate at. IIRC, Matrix isn’t just a chat protocol. It’s a multi-peer cryptographic state synchronization protocol. Chat is (was?) just the first “easy” application they were going to apply it to. (Now I’m curious if they still have plans for that at some point.) They’ve been making great strides in improving the efficiency, at least in the client-server API (I haven’t been paying attention to the server-server API at all), but it’s still going to be a heck of a lot more compute heavy than whatever custom API they’re providing.

IMO, the best free option is https://freedns.afraid.org/. The biggest downside of that one is that you have to login a couple times a year (IIRC?) to keep it active. I actually still use this even though I have a paid domain, I just CNAME my real domains to the afraid dynamic name. That was easier than changing the config every time I become unhappy with my domain registrar and have to reconfigure everything after swapping.

Less commercial interest means only hobby level development

Podman is developed by RedHat: https://github.com/containers/podman/graphs/contributors

The day Firefox shutters its doors is the day the internet truly dies.

*the web

The internet has so far been doing a much better job surviving as a proper decentralized system than the web.

Unfortunately, no. Samba needs a different label. Doing that relabels things so that only containers (and anything unrestriced) can access those files.

IMO, yes. Docker (or at least OCI containers) aren’t going anywhere. Though one big warning to start with, as a sysadmin, you’re going to be absolutely aghast at the security practices that most docker tutorials suggest. Just know that it’s really not that hard to do things right (for the most part^[1]).

I personally suggest using rootless podman with docker-compose via the podman-system-service.

Podman re-implements the docker cli using the system namespacing (etc.) features directly instead of through a daemon that runs as root. (You can run the docker daemon rootless, but it clearly wasn’t designed for it and it just creates way more headaches.) The Podman System Service re-implements the docker daemon’s UDS API which allows real Docker Compose to run without the docker-daemon.

The light is visible, the flashing isn’t.

The top white rectangle is a multi-color LED (presumably RGB). Can’t make out what’s in the bottom, but I wouldn’t be surprised if it was some form of light sensor for (literally) flashing new information onto the tag.

Update the controller firmware.

I’ve got the “Xbox Wireless Controller”, the one that has a little bit of a grippy texture on the handles & the ‘d-pad on a circle’ d-pad. And I was seeing the same thing before updating the FW ~a year (maybe even two?) ago.

Unfortunately, doing that requires a Windows PC or an Xbox.

Defense in depth. If something escapes the container it’s limited to only what’s under that user and not the whole system. Having access to the whole system makes it easier for malware to hide/persist itself.

If your distro offers it, rootless podman + podman system service is the best setup, IMO. That will give you a docker command that is 1-to-1 compatible with docker and lets you use tools like docker-compose that expect a docker service socket. Then you can just follow tutorials that only explain things for docker.

That’s not really possible with docker TBH, and I say that as a diehard Podman advocate. Docker, the tooling that you install with your package manager, is open source. Sure they have windows and mac desktop stuff that isn’t open, but it’s not like you’re self-hosting with that, right?

Plus there’s always Podman to switch to, which can be a (mostly) drop-in replacement, if you want something with a more trustworthy provenience.

I had an AMD Phenom-II era motherboard that claimed it would be able to do that. OP, you might be able to find an old NIC/mobo that could do this for cheap.

This is about “fees” over and above the advertised “price”. So it says your plan is $65/month, but when you get your bill it’s actually $95 because there’s a “Cost Recovery Fee”, a “Network Maintenance Fee”, and a “Municipal Area Surcharge” (IIRC all real fees I’ve paid on an internet bill) on top of the advertised rate. They’re often meant to look like taxes, but they aren’t.