a very specific feature, so you should open a feature request at the repos of the jellyfin audio players that you mostly like, probably the devs didn’t even consider it yet

not really. share it over a ducking vpn, done.

but it is sensitive data. the webserver can send executable code to the web browser. if it does not that doesn’t matter, what matters is that it can be inserted by a middleman. It’s not like there’s a dedicated person needed to do that, it can just happen automatically.

you and perhaps @curbstickle@lemmy.dbzer0.com, may I ask if you use samba with portable devices, like laptops?

I do and my experience is that programs that try to access it when I don’t have network access tend to freeze, including my desktop environment, but any file managers too if I click the wrong place by accident. but it occurs enough without user action too.
oh and it breaks all machines at once if the server or network is down. which is rare but very annoying.

did you experience this too? do you have some advice? is SMB just unsuitable for this?

honestly I would prefer if the cifs driver would keep track of last successful communication, and if it was long ago instantly fail all accesses. without unmounting so that open directories and file handles keep being valid.
and if all software on this world wouldn’t behave as if they were doing IO on the main thread. honestly this went smoother with windows clients but I’m not going back.

where do you run PBS? in a vm on the main proxmox host?

docker in a vm in proxmox!

no but really. I don’t like that the vm host’s kernel is shared with all the containers.
then maybe have 2 or 3 VMs, one of which hosts essential services (not like your nextcloud, but services that are necessary to make the (internal or whole home) network work like DNS and DHCP, maybe monitoring, and another that hosts your convenience services (jellyfin, nextcloud). the first is easier to fix if it breaks, the second is not the end if the world if it does. maybe also have a third for services that would be painful to have offline (nextcloud), but try to limit it to few tasks because the goal is simplicity. this setup can help with distro upgrade difficulties, and vm custom configuration issues when you have set up something that seems to work but will prevent VM startup sometime in the future.

podman could be a good idea too.

in good software autosave happens with a slight delay of 10 seconds or so. It’s really not uncommon.

made it harder to deploy? Isn’t it still just a single binary, a config file and a directory for data?

bugs are inevitable for evolving software.

which community oriented features do you mean? are they in the way, or is it just that you don’t need them?

what’s the problem with gitea? I never used gogs so I can’t compare it

that’s not that same security. an observer will still know that you are connecting over HTTPS to a particular doman/IP, maybe they can also deduce that you are using mTLS, and all your other traffic is not protected by it at all. all the while with wireguard, they can see that it’s wireguard traffic, and where it goes, but anything inside is secret, plus if an app uses unencrypted traffic for some reason (smb, dns, custom and special protocols), wireguard will hide and protect that too.

Or get lucky with docker.

why do you need to get lucky with docker? what is it that doesn’t work?

now, that sounds more interesting than just “unsupported”!

why not codeberg? kind of lightweight on JS, but especially compared to gitlab.

@Nundrum@yall.theatl.social

that would probably work. I think the IP does not need to be static, but there can be problems if your IP changes often, and it’s not updated quickly in DNS.

the only hard requirement for a local headscale (for usage over the internet) is that you are not behind a CG-NAT, and you can forward a port to your server in your router

but for the love of god and your own benefit, put a name constraint directly on the root cert

you don’t strictly need a VPS, what you need is a (mostly?) static IP address, that is especially not behind CG-NAT. if your ISP won’t give that to you, you get a VPS, because one of the most important jobs of headscale is NAT hole punching and patching your devices in

the first paragraph is not like in the post. did they rephrase it because of the “as it does” part?

this is the current version:

Tailscale recently announced our Series C fundraise. We were grateful for all the community support, but the Internet also raised a few of its collective eyebrows, wondering whether this meant the dreaded “enshittification” was coming next.

the internet archive does not show your version either: https://web.archive.org/web/20250702140430/https://tailscale.com/blog/evitability-of-enshittification

where did you get that quote from?

as I heard that’s pretty common at oracle, but it’s good to spread the word

the config and databases or the media, you mean?

if so, the former, but I mount the meadia with a read only docker volume just to be sure, because chances are I would never notice it

you must have lots of LoTs