Posts by Szwendacz@social.linux.pizza
(DIR) Post #AYfH9ViA9HjQEHvdSK by Szwendacz@social.linux.pizza
2023-08-12T19:49:27Z
0 likes, 0 repeats
@selea Haha wtf, years ago I had server, and even put some video on YT to advertise it, maybe it will be put down finally haha (If i did not put it down already long time ago).But tbh I expected such drama also years ago when certain corporation stepped in.
(DIR) Post #AYrfOi2W1rV0kIreD2 by Szwendacz@social.linux.pizza
2023-08-18T19:17:40Z
0 likes, 0 repeats
@selea why should I go working in the office, when I can just read how others travel back and forth
(DIR) Post #AZzexCevSLaXGGuBxA by Szwendacz@social.linux.pizza
2023-09-21T13:42:31Z
0 likes, 0 repeats
@rato jest to nagrane, link?
(DIR) Post #AbEm2iYOA9GNPrLF68 by Szwendacz@social.linux.pizza
2023-10-28T18:34:44Z
0 likes, 0 repeats
@selea hellooooo I am stilll hereeeee even tho you can't hear meeeee
(DIR) Post #AcXUn6nlyHU7QH50Eq by Szwendacz@social.linux.pizza
2023-12-06T16:57:14Z
0 likes, 0 repeats
@nextcloud Um, I see no custom #Podman #containers setup option here
(DIR) Post #AcXj9GCT6kZqIg5VNw by Szwendacz@social.linux.pizza
2023-12-06T19:53:57Z
0 likes, 0 repeats
@selea how about reddit
(DIR) Post #AcdvCt9Xzrm4yeDcFk by Szwendacz@social.linux.pizza
2023-12-09T19:37:21Z
0 likes, 0 repeats
@alejandrobdn looks cool, but I still prefer my containers configured by bash setup, because of its flexibility, learning possiblilites, more controll over security and probably easier way to fix when something breaks.
(DIR) Post #AhuvZmY3m9eh5C8Xaa by Szwendacz@social.linux.pizza
2024-05-15T13:52:04Z
0 likes, 0 repeats
@selea All gui apps I use are from flatpaks, all other from containers. Being dependent from single distro packages is a long gone problem for me (maybe except for kernel and DE for now)
(DIR) Post #AiU6qZhMNLafkRBnI8 by Szwendacz@social.linux.pizza
2024-06-01T13:13:13Z
0 likes, 0 repeats
@selea Well, technically KDE connect require quite big permissions to have every feature work. But I think apps in general also have options to prevent other apps from interfering (like screenshot blocking), so banking apps sould just implement it, rather than blaming user for having other legit apps.
(DIR) Post #AitGfVmO21b0WaPnsm by Szwendacz@social.linux.pizza
2024-06-13T14:41:36Z
0 likes, 0 repeats
I have now fully set up ipv4/ipv6 dualstack for my devices, my vps servers, and for my k8s cluster (using "public" ipv6 ranges).Only postfix (in k8s) is currently configured to use just ipv4, since mail servers rather reject mails from ip without PTR DNS record.#networking #homelab #selfhosted
(DIR) Post #AitGmsvkM5cmLxJEQ4 by Szwendacz@social.linux.pizza
2024-06-13T16:32:24Z
0 likes, 0 repeats
@selea what mistake?
(DIR) Post #AitH8DvpT4nHZKWTj6 by Szwendacz@social.linux.pizza
2024-06-13T16:36:17Z
0 likes, 0 repeats
@selea Yeah, I did not forgot, and my setup is very custom, i basically tunnel ipv6 through vpn, and on the way to the k8s there is more than one firewall in whitelist mode, not counting the NetworkPolicy objects in k8s itself.
(DIR) Post #AitHkeW14x5D1Lm0ps by Szwendacz@social.linux.pizza
2024-06-13T16:43:14Z
0 likes, 0 repeats
@selea My "network infrastructure" stack is wireguard + nftables.
(DIR) Post #AitJ4iHOtQamRQ4BRg by Szwendacz@social.linux.pizza
2024-06-13T16:58:02Z
0 likes, 0 repeats
@selea No, both wireguard and nftables configs are handmade. That is probably partially due to the fact, that this setup was slowly evolving from very simple setup, to this current thing. Also am not sure what tools would let me do every trick and config I did there, while being easy to understand and verify. Only the k8s is simplified for me by using k3s.
(DIR) Post #AiuqrXsnpNfO20PiBk by Szwendacz@social.linux.pizza
2024-06-13T19:50:39Z
0 likes, 1 repeats
I wanted to check for something there. Should I be scared?#traefik
(DIR) Post #B10Nh6CHNKw9uMrkQ4 by Szwendacz@social.linux.pizza
2025-12-07T12:04:54Z
0 likes, 1 repeats
Currently most biggest email providers put mails from my domain in TLD .cloud and my server to spam. Even tho I have all the shiny things set up like SPF, DKIM, DMARC, reverse dns, the domain is not new, and there was never spam sent from my server. I am not on any blacklist of course.And I don't get why ppl actually don't check what is in spam folder, like they really receive so much spam, so that they can't notice there is something? I have plenty of mail accounts in various places for a long time, some of them used a lot befor I started selfhosting, and everywhere I receive no, or almost no spam. What is your #email #selfhosting experience?#homelab
(DIR) Post #B10NhFBtw6yxnnl4a0 by Szwendacz@social.linux.pizza
2025-12-07T12:06:26Z
0 likes, 0 repeats
no to mention that some forms assume mail in my domain is not "valid"
(DIR) Post #B10ON0sHYSDnYyUya8 by Szwendacz@social.linux.pizza
2025-12-07T12:38:11Z
0 likes, 0 repeats
@selea This could be an issue actually, I currently suspect that when my server manages to send via ipv6, it does not land in spam. Also once my ip was included in whole network ban on some local mail provider, due to spam being sent from that network. Luckily I was able to talk to them to unban my ip.
(DIR) Post #B10jGg4u3oakMdDqUa by Szwendacz@social.linux.pizza
2025-12-07T12:27:48Z
1 likes, 0 repeats
@stfn Well first thing: use nftables or iptables directly, set default to drop, and then just write rules that allow your traffic?Any other approach than fully controlled whitelist is just wanting problems, when using server directly reachable from the Internet.
(DIR) Post #B10jJ3nepmjgW0IA9w by Szwendacz@social.linux.pizza
2025-12-07T14:52:33Z
1 likes, 0 repeats
@stfn no, outgoing not needed, but if forwarding is enabled in sysctl, then also forwarding should be controlled. And it is used and enabled when using VPNs like wireguard. But using stuff like ufw or firewalld for simple selfhosting unnecessarily complicates rules, and apparently you had something open to the Internet.