I host tt-rss in docker and use Tiny Tiny RSS in GrapheneOS.

#VowelPlay #144 4/4

🟢⚪⚪⚪ 🟢⚪⚪⚪ 🟢⚪⚪⚪ 🔴🟢⚪⚪

When I install qbittorrent via docker, I see this in the docker logs:

qbittorrent-1         | 2024-11-04T15:25:25.201955254Z The WebUI administrator username is: admin
qbittorrent-1         | 2024-11-04T15:25:25.201974066Z The WebUI administrator password was not set. A temporary password is provided for this session: H7ct3xPes

That’s the default admin credentials for the instance. I can then change the login or pw in the UI.

Thanks for sharing about Backrest. I use Restic and Backrest looks like a great addition to it.

~/git/vendor/<gitUser>/<repo>

and

~/git/<myName>/<forge>/<user>/<repo>

Examples:

~/git/vendor/EnigmaCurry/d.rymcg.tech
~/git/mike/forgejo/mikew/myproject
~/git/mike/github/johndoe/otherProject

I should add the d.rymcg.tech includes step-ca if you want to host your own CA server, but I agree with @joe@discuss.tchnic.de : it’s not necessary for securely hosting services, and ir can be dangerous I’d not done carefully.

I have a similar setup. I use d.rymcg.tech (a configuration manager for Docker, as well as a collection of open source web services and config templates) and have Traefik (reverse proxy) on a Digital Ocean dropet connected to a VM in my home lab through wireguard. This framework allows me to put authentication and authoriation in front of any apps/services I’m hosting (HTTP basic auth, oauth2, mTLS). This setup allows me to control what is allowed access from outside of my home, without opening any ports.

Glances?

I self-host xBrowserSync. It’s a bookmark sync tool, not a link manager, but it does that very well (set-and-forget - it’s almost invisible). There are browser extensions and mobile apps

I’ve also used Shaarli, which is more of a link sharing tool. Don’t remember much about it, though - sorry.

I just learned about Waypoint to plan trips. Haven’t looked at it yet but it sounds cool.

I think most of the other suggestions seem like a better solution than WordPress, but there is a plugin for WordPress that exports static websites.

Applause for the term “pluriverse” (did you coin it?).

And a standing ovation for the alliterative phrase “pluriverse of protocols”.

I run MiniO in Docker. Love it. I’ve never used Garage or Seaweed.

I’d be interested in that. Kind of like an open-source Consumer Reports.

[SOLVED!] That Stack Exchange post was the solution! I had to ask ChatGPT for assistance (e.g., “how do I view the contents of a .crt and a .p12?”, “how do I add a CA to a client cert?”), but it worked. Thanks for your help, @Evkob@lemmy.ca.

I don’t think I would have ever thought that my client cert didn’t contain the CA, especially because when I clicked on the client cert that was installed in GrapheneOS, it showed me a summary that said it did contain a CA! grrrr

(tagging @one_knight_scripting@lemmy.world as he wanted to know the solution)

Wow! That sounds exactly like my issue. I’ll try the workaround tomorrow. Thanks, @evkob@lemmy.ca.

Thanks for your research and the suggestion, @Evkob@lemmy.ca.

I wasn’t able to make that work, but I don’t think it was trying to solve the problem I’m having, anyway. That procedure was to add self signed SSL certificate to Android, but my certificate is neither self-signed nor an SSL cert. At least I think not - I find certs very confusing. The cert I’m trying to work with is an mTLS cert, a client cert. It’s not used to establish a secure SSL connections, it’s used to verify that I (the person with the cert) and authorized to use the app.

Additionally, I’m able to successfully install the cert into Android, but the problem is that it seems to be ignored. The mTLS cert is installed in GrapheneOS’s “VPN & App User Certificate” section, and my CA cert is installed in the “CA Certificate” section. Vanadium, Fennec, and Mull browsers just aren’t using them. :(

Thanks for the reply, @Evkob@lemmy.ca.

I tried to install my client cert in “CA Certificate” but the certificate manager app in GrapheneOS said that it was the wrong kind of cert to be used in “CA Certificate”. It is, after all, a client cert, not a CA cert.

:(

Can you try killall ssh on the client, and then try to ssh into the rpi again?

FYI, there’s also https://github.com/walkxcode/dashboard-icons ?

Its not an “icon font”, but it’s a good source of icons.