You know Google drive? You know how it doesn’t work when the internet is out? You know how we live in rural USA so the internet is out every other day?

Yeah that computer in the corner is my own Google drive that still works when the internet is out.

From the OpenWRT HWData pages (1, 2), your router supports VLANs.

A majority (70%, according to the ToH) of routers support VLANs, so it’s generally a safe bet.

Once you’re inside a car that’s on, there really isn’t any security*. The OBD2 port that every remotely modern car has is perfectly capable of accessing all the diagnostics and data streams the car has, and can also control/reconfigure the various computers.

IMO that doesn’t really matter, since the system isn’t powered until the key is in the ignition and the car turned on. You can’t do anything with the key off, and if your passenger wanted to sabotage the car, they’d just yank the wheel as you drive down the highway.

That said, yes OTA updates are a travesty. Specifically because cars have so little security, having any access to their computers from the outside is a massive risk… And if there’s a potential that the country the manufacturer is in turns hostile, that risk certainly isn’t reduced.

* A handful of manufacturers have “added” security to their systems by… (drumroll pls) restricting access to the systems and requiring a subscription for full access. That’s fucking evil and doesn’t even do anything (at least for a mechanic or tinkerer like me) since you can just google “FCA bypass cable” and skip right past the firewall.

I can sometimes tell what county (not country) I am in from differences in the design of street signs (mostly the street name signs at stop lights), changes to the look of highway overpasses, and whether or not Flock cameras outnumber people.

I ran a Tor relay on one of my spare servers for a while, and my god did that thing get port scanned. Even two years after I stopped hosting the relay, it was still getting pinged every 5-10 seconds (while my other servers tend to get pinged “only” once ever 20-30 seconds).

I use Nextcloud, but as you said it’s a bit big, and with each update it’s slowly turning into more of the entire G-Suite.

I’ve used filebrowser, but be aware that until just a few days ago, it gave out access to a shell. Even with that turned off, I’d be very weary of allowing access from out of the VPN. I had a server pwned with filebrowser appearing to be the vector, and to my memory console access was disabled for the account most likely breached.

Lemmy only. No other social media, be it Twitter, Instagram, or any federated/FOSS alternative.

I still read some Reddit, but only signed out and I certainly don’t post.

I’m in the US but had a similar thing happen to me when I was first getting credit and had no history. I figured it would be a safe bet to apply for a card with my bank at the time, and they denied me citing my credit score: 0. At the time I just laughed and applied for another card elsewhere, who did actually accept me. After a few months I checked and saw I was assigned a real score somewhere in the low 700s.

I’d understand dropping a score after 10 years without credit, but the 2 in this case is very low.

I wouldn’t mind if online textbooks had a button on the side that is just a looser search (like what Google was a few years ago).

It’d be handy if I could type in “gravity problem with the bunny” instead of having to either search for “bunny” and flip through all the results, or try to remember/guess the exact wording of the problem.

You probably could still call it AI too, since there’s likely some small machine learning model involved in that search.

To add on this, my server is running a 4790k, and that’s plenty for all common tasks. While faster is always nicer, the threshold for good enough is very low for server tasks.

Aaand GSMArena says no on headphone jack… Damn it.

https://gsmarena.com/nothing_cmf_phone_2_pro_5g-13821.php

I agree. Forgejo itself is stable and I love it. Gitea never gave me trouble and that carried over.

Actions is just a bit hard to setup, at least for me, when I tried. We’ll get there one day. (I believe the big thing is really just documentation.)

First of all, I actually do prefer Forgejo Actions over Woodpecker. Once set up, my only problem with it (so far) is almost certainly caused by my infrastructure and isn’t inherent to FA itself. Pecker, on the other hand, is quite a bit easier to set up and better documented, but I had that issue where it would disconnect from Forgejo and need a few buttons pressed to fix.

This one is just FA being weird:

If you want to deploy the Runner using Docker, the documentation is poor at best. From both a security and documentation standpoint, having it in its own VM is better, but you can do Docker. You just have to read and figure out more on your own. Reading through the example deployments from the documentation will eventually lead you to something along the lines of this (which I copy-pasted from my deployment rather than search for again):

forgejo-runner:
  image: code.forgejo.org/forgejo/runner:6.3.1
  restart: always
  user: 1000:1000
  environment:
    - DOCKER_HOST=tcp://dind:2376
  volumes:
    - runner_cache:/data
  depends_on:
    - dind
  command: >-
    bash -ec '
    forgejo-runner create-runner-file --name runner --instance https://${DOMAIN} --secret ${RUNNER_SECRET};
    sed -i -e "s|\"labels\": null|\"labels\": [\"docker:docker://docker.io/node:22-bookworm\", \"ubuntu-latest:docker://ghcr.io/catthehacker/ubuntu:act-latest\"]|" .runner ;
    forgejo-runner generate-config > config.yml;
    sed -i -e "s|^  network: \"\"$|  network: host|" config.yml ;
    sed -i -e "s|^  envs:$$|  envs:\n    DOCKER_HOST: tcp://dind:2376\n    CONTAINER_HOST: tcp://dind:2376|" config.yml ;
    forgejo-runner --config config.yml daemon
    '

You don’t actually need to do this since you could edit the two config files yourself and bind them to the container. This is just how you automatically generate those files… And it’s dumb, but it works and it means you don’t have to keep track of those files.

This one is probably just my infrastructure: https://lemmy.world/comment/16093731

If you do go for FA in Docker (or Podman) and need some help, just ask. I’ll post more of my compose and explain my decisions.

I run Forgejo and had issues with woodpecker’s hooks breaking causing workflows to not start. Moved to Forgejo Actions which had it’s own different set of quirks (really just depends on your exact deployment method), but I’m happy with it.

While I do not make heavy use of these two, I like having my contacts and calendar synced and accessible on both my PCs and phone.

I actually use the notes app, and have a yubikey. For notes, I could just use the regular markdown editor, but I like way the app lays everything out. For the yubikey, NC by default uses yubikeys for passwordless login. I use an app which uses them for 2FA instead. I also use apps which allow me to view hashes and metadata from the files tab.

All that makes me not want to switch yet. We’ll get there eventually since none of the features I want are ultra complex or super uncommon.

OCIS, last I tested it (a while ago), also lacked the ability to right click files, requiring you to select it with the checkbox and then select the operation at the top of the screen. I sure hope that they’ve added that feature by now.

I actually did not know this. Thank you! That was one of my more major gripes.

Nextcloud is more featureful (more apps like notes and hardware 2fa support). That is currently holding me to NC.

OpenCloud (fork of OCIS not original OC) is very similar when it comes to core functionality, but is missing those few apps I do not want to let go of.

Also note that nextcloud stores files in a very natural manner, where your file names and directories are stored the exact same on disk as on the interface. Opencloud does not do that. This is particularly handy if one day the app just explodes and refuses to run. With NC, you can just copy the files off the disk. Not so easy with OC.

As a heads up, almost all OpenWRT routers function as managed switches with vlan capabilities. Not truly all, but a very good number.

I agree that it is quite possibly related to the version of Podman moreso than an inherent issue. I am currently satisfied, however, and have no desire to fiddle with it any more… Or at least until Debian 13 gets released.

My use of PinP is almost entirely for cleanliness. It allows me to more easily wipe the build environment (clear out space, troubleshooting). It also mildly improves security as the ‘untrusted’ actions containers run on a separate environment from the important Forgejo container.

The workaround I use for the premade Docker actions not functioning is to simply install Podman as one of the build steps and use that instead, lol. (Some configuration required, but that’s the gist.)

Forgejo Actions is definitely not a turnkey idential-to-GitHub solution, but it’s quite similar and for most not-super-complicated setups it’s basically the same (for better or worse, depending on if you like GH’s Actions).

As far as I remember, everything that I need works out of the box, except for Docker. In fact, just about everything Docker is somewhat quirky in Forgejo Actions.

1. One mildly annoying quirk of Forgejo is that as of current, the token generated for each Actions run is not quite the same as GitHub’s token. For my specific use case, if you want to upload a Docker Image to the package repository, you can not use the standard auto-generated token, which GitHub does allow you to use. Forgejo instead currently requires you generate your own app token and use that instead, as the auto-generated one lacks permissions over packages. (https://codeberg.org/forgejo/forgejo/issues/3571)

2. Depending on your infrastructure, it might just be impossible to make the various Docker-related actions (such as https://code.forgejo.org/docker/build-push-action) work. As an example, my infrastructure outlined below is one such case where those actions simply do not work.

Bare Metal (Debian 12) /
├─ Rootless Podman/
   ├─ Forgejo
   ├─ Forgejo Runner
   ├─ Podman-in-Podman (Inner Podman also Rootless)/
      ├─ <Actions Containers Run Here>

* If you use rootful Docker with Docker-in-Docker, those actions will then work as expected. It is just that attempting to make them work with Rootless Podman (at least the version that ships with Debain 12) currently seems to be impossible.