Then let’s call my install 30p87OS, that was made from scratch. Now it’s a distro.
Then let’s call my install 30p87OS, that was made from scratch. Now it’s a distro.
It is. Especially when you need the night to compile FF and it constantly fails. But I learned a lot.
LFS: Not being so complicated actually. Arch: That a fully fletched OS install can be done in less than 10 minutes.
Do you have a matrix instance set in the config?
I had that issue for months. There is no real solution afaik. Apparently, reading the NVM checksum is just not possible on Linux with this chip. It always defaults to 0xFFFFFF I believe. In theory you could write some value, to reset it, but it gave me some permissions error. I resorted to get the source of the kernel, patch out the checking code, compile just the module and then install it. I created a PKGBUILD for it, and I’m currently trying to make it a DKMS package, so you don’t have to reboot first to manually rebuild it.
As you use Debian, you’ll need to create a manual compiling script, but here are my PKGBUILDs for reference: https://git.30p87.de/30p87/e1000e-nocksum-kerne
Note that you need to swap out the kernel source link to the source of your current kernel version.
The current problem is, that you need to reboot to update to a new kernel version, which then means the custom driver will not work anymore, and you need an internet connection to rebuild it, as it will need the most recent kernel version. So never kernel update without wifi in reach.
I will first make it a DKMS package, to ease some of the pain, and then see if I can make it debian compatible.
How do you know? Do you constantly monitor running processes, performance and network connections?
It adds you to the wheel group - in real life
We don’t talk about Ubuntu here.
AIs are trained on what is written in the Internet. Latin is not spoken, it’s written. But even then, it’s rarely used. African american is a dialect, it’s only present in speech.
But why is it even mentioned then? It’s FUCKING OBVIOUS. It’s like saying “AIs are biased towards english and neglect latin” or smth ffs
You need to correctly set it up tho. ie. remove all default keys because some were discovered ages ago anyway.
In dem Fall, der einfachheit und sicherheit halber: Einfach den https://github.com/TeamPiped/Piped-Docker.git clonen, nach Anleitung configurieren und starten.
I love it™ (The nested parentheses are one of the greatest tools known to mankind (And to all other creatures))
Usually you’ll just need the official Docker. It contains the frontend, backend and proxy. Technically, you only need the backend right now. But lifting the load of the official servers by using a selfhosted frontend is probably beneficial too, with no drawbacks. However, the proxy is the thing anonymizing you - accessing youtube always through it, even on the go, will deanonymize you further (kinda, it’s still better than the official app). If you have a list of proxies you can rotate through, you would be anonymous again.
Then there are other components, that you can find through the larger config file of the main Piped-Backend or TeamPiped’s GH profile itself. But again: Stuff like RYD-proxy will only be anonymous and beneficial with a rotating IP/proxy. But https://github.com/TeamPiped/region-restriction-checker is good to selfhost, as (afaik) it will help decentralize to circumvent censorship (zB. uHrHEbErRecHTsvERletZUnG die Ratten). But in order to configure your instance to use the region-restriction-checker, you’ll need the larger and more complete config file.
ZL;NG:
https://github.com/TeamPiped/Piped-Docker reicht eigentlich. Sonst einfach die einzelnen Repos angucken, was sich gut anhört. Proxy Zeug nur selber hosten wenns nicht um Privacy geht oder die IP verschleiert wird.
I have dozens of services, and most of them start their own http server, using a regular websocket binding to localhost and a port. As most of them are web services, I run out of standard ports pretty fast - 80, 8000, 8080, and then 8069, 8070 etc. Keeping tracks is a pain. Docker just makes it worse. Also, all non-web services have standard ports - 25, 456 for smtp/smtps, which nmap identifies. In my current state, an attacker could just open a random port on my server and I couldn’t notice.
Unix sockets are basically just regular files, where http traffic is written to and read from. So eg. gitlab-puma or piped-proxy creates the file /run/gitlab/gitlab.socket respectively /run/piped/proxy.socket, and my reverse proxy (nginx) communicates through that socket with the service, just as it would through a regular websocket using localhost and a port. Except unix sockets are easily identifiable (they are named and put in dirs dependent on their service) and can be access controlled much better - instead of any service in the whole network (assuming no firewall is present on the device, usually behind a consumer grade router) being able to communicate with the service, only members of the group http (nginx) or the services’ user can read/write to the socket, assuming nginx is save and root, http and the services’ user are not compromised, not even an attacker with access to the server can read any traffic, as it’s encrypted (https) to nginx, and not readable to other users through the socket file. It’s also a bit more performant. The catch is: Very few programs support it, and many of the ones that do implement it incorrectly. Usually I would create a specific user for a service (or sysusers.conf file would), under which the service runs in systemd, and which therefore owns the socket file. The http user is then added to the group of the services user, or the file’s group is set to http. With 770 (or 660) permissions (Read and write for the user and all users in the group, including http) everything would be fine, however, they’re usually 755, so only actually writeable for the owner, and not the group, so http, which makes communication impossible. And as just creating the file with correct ownership and permissions beforehand results in the service believing the socket is already in use, I usually have to patch the actual program itself. Maybe I can do something with systemd’s PostExec etc. tho.
And piped-backends library does not support unix sockets at all - so I will need to extend the incredibly complicated library itself to get what I want. Damn.
Yes. My private Instance works perfectly, and I’m so happy that I chose to selfhost it rn lol. And currently I’m on the quest to selfhost even more piped components, eg. RYD_Proxy, sponsorblock-mirror, make them buildable as a PKGBUILD and compatible with Unix sockets: https://git.30p87.de/piped
Arch. With testing repos. And somehow, it also just works.
Or
curl -O https://software.download.prss.microsoft.com/dbazure/Win11_23H2_English_x64v2.iso?t=20e395a3-e609-4696-99fe-f6edcc14f54a&P1=1723809112&P2=601&P3=2&P4=YoihsrepRARlh%2faBo1mABEe7A0aL0yWPYOcR3dNAmlaFPDavFokSpv0oFQybmpuDhG%2f677UBlN%2fRIxY9B3EFVC5TFca%2bXI%2bA%2bQAxqraW1SGCgmpteLlZYntp2E21cpv4RIJ8aifL9z0ecBwNtgwBAY526haPg2RgKhb225RwnAER0EDGWMrDLookFFCm8th8akKETDwKQYQnVKZ%2bJUCTvlt06D42oCJ10fXcVv2D6du6Kuudtc8NgV3DSXPuB4ADK1l951o37bvijDkqAKn70aHyidA5HgdpO5O8K3PPvsre%2bNSVWLbgh7UkEeU1BNMO0INPFiGVqEIaeGorhYxS0w%3d%3d
Foot because it’s sway default. It’s also configurable, has shortcuts and sixel support.