Or simply create your rootCA, IntermediateCA, keys and certifictes with openSSL.
Neither of those are begginer friendly but openSSL is probably a bit easier to get started. There’s a nice book with openSSL (if you are interested I migh look how it’s called) and the last chapter is all about how to create your mini-CA and everthing else to serve your proxy with valid certificates for your homelab.
Them probably uses a special plugin device in the outlet.
I have this bash script you can use and have a general overview but I’m not totally sure if I fully understand it and if it’s the whole system’s wattage or only the CPU 🤷♂️
#! bash
time=5
sum_1=$(cat /sys/class/powercap/*/energy_uj | awk 'BEGIN { sum = 0; } { sum += $1; } END { print sum; }' "$@");
echo "before" $sum_1
sleep $time;
sum_2=$(cat /sys/class/powercap/*/energy_uj | awk 'BEGIN { sum = 0; } { sum += $1; } END { print sum; }' "$@");
echo "after" $sum_2
sum_1f=$(printf "%.0f" $sum_1)
sum_2f=$(printf "%.0f" $sum_2)
final_sum=$(echo "(($sum_2f - $sum_1f) / 1000000) / $time" | bc -l)
#echo $final_sum | bc -l | xargs printf "%.2f\n"
formated=$(echo $final_sum | bc -l | xargs printf "%.2f\n")
echo $formated "w"
Haha ! Good to keep your brain cells functioning 👍
Wow ! I will still try mealie /Tandoor for family purpose and ease of use. If it doesn’t work as expected, I will totally try this out !!
One question if you don’t mind,
servings Indicates how many people the recipe is for. Used for scaling quantities. Leading number is used for scaling, anything else is ignored but shown as units.
Does this function work well? I didn’t saw any examples so maybe you could tell me :)
Thanks !
Fair point ! Yeah sure if you host a blog online it doesn’t make sense… But if you only self-host your services for family and some friends and access them over VPN, a local CA is actually a privacy respecting choice.
Hosting something on the web (specially self-hosted) without the propre software and hardware is a bad idea in the first place anyway !
I also believe it’s possible to set up HTTPS encryption without a domain name, but it might result in that “we can’t verify the authenticity of this website” warning in web browsers due to using a self-signed certificate.
Just create your own rootCA and IntermediateCA and sign your certificate with those, put the CA in your trust store of your system and get rid of this self-signed warning on every device and happily access all your service via: *.home.lab or whater ever local domain pleases you.
In addition to that, without a secure connection you’re stuck with HTTP/1.1
That’s not entirely true. A lot of requests, even with https, are send over HTTP/1.1. And this is kinda mind blowing that in 2025 we still rely on something so old and insecure…
Same goes with SMS and the old SS7 protocol from 1970… 2FA SMS is probably the most insecure way to get access to your bank account or what ever service promotes 2FA sms login.
I read that somewhere from a github repository maybe even in Navidrome’s pull requests or Issues maybe?
I think the argument was that in directory structure you always have to think where you have to put your files and sometimes a file can be at 2 different places at the same time and I do agree to some degree, that’s why I use both :) !
Yeah… Newer genration are into “put everything in 1 big messed up directory and find all you needs by tags” structure.
I get the gist, but calling directory structure evil is kinda extreme. It allows to structure your thoughts and if somehow your metadata is corrupted, you still have a directory structure.
I work on both front for compatibility issues but nothing beats a well thought directory structure!!
What application do you use on your phone to mount samba shares (Android)? I know Amaze can mount those but they are not easily accessible by other applications.
Not sure this is what you are looking for but navidrome has smart playlists, which is a small configuration file you can add to your navidrome and will automagically create a playlist in your navidrome based on your config.
Was going to say the same ! Such a cutsy nice little mini-rack/server setup !
Still fighting my spaghetti setup with cables sprouting everywhere.
You can already do that (somehow) with tags and libraries. There’s a plugin for that.
But yeah this looks less complicated to setup and maintain !
Actually, there are ways for home customers to replace their XGS-PON to use your own hardware (Orange, Free, SFR…) And some other cool stuff and very helpful info at lafibre.info forum !
Britta filters can reduce water hardness to a little margin but I wouldn’t bet on those to reduce water hardness…
Better have specific filters under the sink to reduce those carbonates or if you have some money to spare (~1000$) a specific machine directly connected to your water income in the basement !
Looks cool, bookmarket for later use !
However, the GUI looks very Discordish and is probably inspired by it. I hope it only stays at that and won’t put some shady privacy nightmare code into it !
Everything related to art (photography, movie, music, graffiti or whatnot…) Has to be none AI for me to enjoy. I put it on the same hate level as ads (radio, tv, internet…).
However, I found out how good it can be to help me out to put together some scripts in python or bash. Not because it’s good at doing those things but because I do not have time to learn proper python or bash :/. Though I do agree it only works well for small things.
Maybe, those who love AI generated art feel the same way as I do with AI generated code? 🤷♂️
Wow, what a combo ! I guess this would reduce the tarpit’s overall power consumption?
I haven’t looked at your link yet and maybe it already contains my answer, but I wish to customize for how long they are traped into the tarpit before fail2ban kicks in so I can still poison their AI while saving alot of ressources !!
Edit:
block anything that visits it more, than X times with fail2ban
I guess this is it, but I’m not sure how that translates from nepenthese to fail2ban. Need further reading and testing !
Thanks for the link !
Thanks for sharing your experience ! I was kinda interested for my new N300 if I should install promox+LXC-docker or promox+VM-docker !
Hearing you had a lot of issues and caveats makes my choice easier wihout even giving it a try ! So thanks !
Yeah thats correct !
I Wouldn’t say heavy though (maybe I see it that way because I got a bit better with bash and the like :p) because you can make use of CRL to revoke your certificates and renew them very easily with your intermediate and ready to use config files.
But yeah, there isn’t any automated way to manage certificates like Smallstep does :)