There’s two reasons why r/linux is popular on Reddit:

1. Reddit is popular
2. r/linux is popular

It’s great to see another open source OIDC provider (with more features). I’ve set up Pocket ID which is awesome because of it’s simplicity and it’s great.

I do the this and it’s great. An entire distro takes up only a few GB. Many graphical installers don’t support installing on an existing btrfs partition (or subvolume) and want to create a new one. This can often be solved by manual intervention (via terminal).

I found the guide/examples on their website a bit irritating at first (that’s on me) but it works well once understood and configured.

Yes. 127.0.0.0 is the localhost. This is the IP the container is listening on. Even if there was no firewall it wouldn’t allow any connection except from the host. If it’s set to 0.0.0.0 it means it’ll allow connections from any IP (which might not be an issue depending on your setup).

The reverse proxy runs on localhost anyway, so any other IPs have no reason to ever have access.

It’s mostly to allow the reverse proxy on localhost to connect to the container/service, while blocking all other hosts/IPs.

This is especially important when using docker as it messes with iptables and can circumvent firewall like e.g. ufw.

You’re right that it doesn’t increase security on case of a compromised container. It’s just about outside connections.

Some I haven’t yet found in this thread:

• rootless podman
• container port mapping to localhost (e.g. 127.0.0.1:8080:8080)
• systemd services with many of its sandboxing features (PrivateTmp, …)

I do the same, but with Wireguard instead of OpenVPN. The performance is much better in my experience and it sucks less battery life.

Trying to actually restore is the best way to ensure the backup works. But it’s annoying so I never do it.

I usually trust restic to do it’s job. Validating that files are there and are readable can be done with restic mount, and you’ve mentioned restic check.

The best way to ensure your data is safe is to do a second backup with another tool. And keep your keys safe and accessible. A remote backup has no use of the keys burned down.

Yes. I like to leave the original link in the post body for that reason.

Sadly it’s not possible to provide links using Firefox Translate. People would have to translate it themselves (i.e. opening in a browser and clicking translate). Depending on the device they likely wouldn’t bother.

Agreed. In general people seem to like centralised platforms. They don’t want to sign up on another site for a specific purpose. They stick to what they know unless there’s good reason to change (mostly peer/ad/social media pressure I feel like).

In a way Lemmy is similar in that it’s a single platform to access all types of content. Given most people don’t care about the technical “how”, I can see why they like Discord and Reddit.

Streamlining cross posting is a good idea, as long as someone actually read the post and posts it with a purpose. On second thought, I think cross posting is simple enough, given that titles are usually auto completed.

I’m generally against automatic cross posting bots, as they usually post duplicates, bad articles (instead of a proper source). Additionally, they often flood communities with an amount of content they are too small to handle. I.e. a lack of users to vote on posts let’s good articles drown in a flood of mediocre posts. This can kill communities as they feel even more empty than with fewer posts but more comments.

If the person would answer almost instantly, 24/7, without being annoyed: Yes. Checking important information is easier once you know, what exactly to type.

These tools are also useful for finding large files in your home directory. E.g. I’ve found a large amount of Linux ISOs I didn’t need anymore.

Do you delete all your files on a reinstall? Documents, photos, videos, games?

Fclones is a great tool, but it’s for finding duplicate files and replacing them with sym-/hard-/reflinks.

I recommend using the --cache option to make subsequent runs extremely quick.

If you need a more interactive method, gdu is awesome. And if you’re using btrfs, btdu gives preliminary results instantly (which get more precise over time).

I do think the second part of your statement was unnecessary.

Matrix won’t necessarily download all state/messages automatically, but if your client requests a non-available message your matrix server will query other matrix servers for it (backfilling).

E.g. if you scroll up to older messages, it might take a a few seconds but your client should eventually show them.

Matrix server use a back-off for servers sending messages, so if your server is offline for many hours, it might take a day for your servers to get messages pushed to by other servers again.