Not that I recall.

I like it. Nice to be able to see all your workouts across whatever time period.

Nat is not a firewall…

Seriously. Unless you open up your Lan to the internet it functions the same way as ipv4 in respect to receiving unsolicited queries from the internet. All those are dropped.

Yep. Hell, be very paranoid and run it in a container on a runner VM on your box if you like.

And you can use podman or sysbox there.

Thanks for this. Didn’t even know it was an option.

For real. JF roku team is killing it. Latest release is so nice.

I somehow only recently saw this (few weeks ago) but man it looks awesome. I’m curious how well the android layer works as I haven’t used waydroid in a long time.

It’s not cheap enough to take a lark on is my only qualm.

Keycloak is very much lighter actually. Can run under half a gig ram whereas authentik uses about 1GB.

Authelia is king though in running with just about 30MB of ram.

The only way to interact with it is using talosctl (no ssh, very minimal console, etc.) It is pretty slim and designed only to use k8s. Ubuntu on the other hand is general purpose that can be made to use k8s.

Basically the idea being that your nodes are also cattle.

It’s very interesting. I’m debating moving from fedora coreos to it. About to spin up a test cluster whenever I have free time.

You always have to manage kubernetes. And talos is nothing but a ready to do k8s os.

If you don’t want kubernetes I’d suggest something like fedora coreos.

Id be very curious to see numbers on how many are actually moving away.

I think it depends who you ask.

As a linux admin, I don’t mind it and actually really appreciate it. It’s a robust system like you said and though a bit persnickety on resolving things, does its job well.

As a home user, I find that mostly you shouldn’t know it ever exists anyhow. The one time you might would be podman volume issues (when you forget or don’t know to append a z/Z) or when you’re doing something odd. I can see how some would dislike it in that case.

But in any case I fully recommend running it and just learning how to use it. Kind of like IPv6. It’s misunderstood, too often disabled, and should be more widespread. They both are really improvements to what came before. Just technology that takes a little more time to learn is all.

Here is a helpful video explaining it- https://youtu.be/_WOKRaM-HI4

Oh the people who dislike MAC probably do dislike file permissions too, ha. chmod -R 777 somedir and such.

Ie. The equivalent of sending the output of your wiki to /dev/null

Or the fact it consumes like 30mb of ram compared to authentiks near 1GB.

That and those servers are going to be running anyway. Powering a simple restaurant website is a grain of sand on the beach of internet usage.

Seems they’ll just keep making money on sync.

Not really. Personally I’d allow the service account running jellyfin only access to read media files to avoid accidental deletion but otherwise no.

Also, jellyfin docs have a sample proxy config. You should use that. It’s a bit more in depth than a normal proxy config.

Except freedom of speech only applies to the government. You can’t yell from your neighbor’s front lawn either if they don’t want you to.

That said, the fact police were sent is BS.

Honestly, if you know nginx just stick with it. There’s nothing to be gained by learning a new proxy.

Use Mozilla’s SSL generator if you want to harden nginx (or any proxy you choose)- https://ssl-config.mozilla.org/

Man it’s late here but I just don’t get it. Isn’t tmux enough to separate sessions then you just look before you run something like this?