Not always, for example this laptop has external monitors wired to the dGPU. https://wiki.archlinux.org/title/Lenovo_ThinkPad_X1_Extreme
They do gain value with age, it's called interest, and it's the only reason banks give loans in the first place.
They're still not collecting the loans from Elon, they're just passing the loans around. You can take the win if you want it here but I'm pretty sure that's not what either of us meant before.
That's not how loans for billionaires work. The bank is very happy to only collect some interest on this huge loan for ever, and would be more than happy to give Elon more loans to buy other things. Because of the fractional reserve banking system the bank isn't even running any real risk by doing this.
There are plugins for other editors that use neovim as a headless server, which is how I'd do what you want here. You just pass all input events straight through to neovim, read the buffer back and render it as you want. At least that's how I imagine it would work, I've never done it myself.
Can confirm. I have a Windows VM just because I have to test this. It is not a good feedback loop.
Boy do I have bad news for you https://threatpost.com/def-con-2018-critical-bug-opens-millions-of-hp-officejet-printers-to-attack/134972/
Synology supports docker containers. Just run jellyfin.
I for one welcome our new alien overlords. Please God can they come sooner?
Pretty mid tbh, failed my driving test which is pretty shit but apparently very common around here. Made a pretty cool python script to monitor test cancellations so I can swoop in and do a new attempt, otherwise I'd have to wait like three months, so silver lining I guess.
I believe https://github.com/facebook/jscodeshift is trying to be that tool for the typescript/js world. Doesn't have a mod for removing jquery but should be super doable.
I mean, that still allows zendesk to reply with "oh yeah that's also why we're not paying the bounty"
Ok now I know you're just full of shit and can be safely ignored, thanks.
I've been punched before, complete blind violence. The difference is that being punched didn't kill me. The fear of getting shot in America is not irrational. Again refer to the page full of statistics in my previous comment.
Don't know why you were down dooted, that's absolutely true and exactly how I feel, and how everyone I've talked to about copilot feels.
The question was whether or not a sign saying guns not allowed at a mall would make me feel more safe there. I would see them, I might bump into them, it's a mall. The argument that most of them are sane and reasonable doesn't reassure me much when we're talking about people with a magic kill button.
Hello self hosters! I am hoping some of you wizards can help me troubleshoot my setup with authentik and traefik.
First about my setup. I have a synology nas that is running a docker compose stack. Synology is notoriously bad at keeping their docker version fresh, but hopefully that isn't relevant to this issue. I'm running traefik for reverse proxy, and authentik for auth. In authentik land I've split the outpost work into its own container, named authentikproxy. Any request to a service with the authentik-basic@file or authentik@file middleware labels applied should be routed through the authentikproxy service for auth. If it detects that one isn't authed, it will in turn send you to the authentik frontend for SSO.
The issue is that authentik randomly stops working for random routes, or randomly fails to start working for random routes. Every time this happens I need to restart my authentikproxy and traefik containers over and over until it randomly decides to work for all my routes. When this happens I am just sent straight to the app unauthenticated. I'll have to either input http basic credentials or use the app's login page, whichever it has. I have found nothing in the logs after months of this going on, neither authentik nor traefik seem to be aware that anything is amiss.
I suspect the issue is to do with the docker networks but that's honestly just a hunch.
My docker-compose file is hundreds of lines long, so I've stripped environment and volume info while preserving traefik labels to try to keep the info more or less concise. It is certainly still too much info but I did not want to accidentally delete something crucial. Here follows my setup.
docker-compose.yml
```yml
services:
traefik:
profiles:
- prod
container_name: traefik
image: traefik:v2.11
command:
- "--entrypoints.websecure.http.tls.domains[0].main=${BASE_DOMAIN}"
- "--entrypoints.websecure.http.tls.domains[0].sans=*.${BASE_DOMAIN}"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./traefik/middlewares.yml:/app/myconf/middlewares.yml
- ./traefik/traefik.yml:/traefik.yml
restart: unless-stopped
networks:
default:
aliases:
# Allow xcontainernet services to resolve authentik
- "authentik.${BASE_DOMAIN-home}"
ports:
- 80:80
- 443:443
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.redirectssl.redirectscheme.scheme=https"
- "traefik.http.routers.traefik.rule=Host(traefik.${BASE_DOMAIN-home})"
- "traefik.http.routers.traefik.middlewares=redirectssl@docker"
- "traefik.http.routers.traefiksecure.rule=Host(traefik.${BASE_DOMAIN-home})"
- "traefik.http.services.traefik.loadbalancer.server.port=8080"
transmission:
image: lscr.io/linuxserver/transmission
container_name: transmission
labels:
- "traefik.enable=true"
- "traefik.http.routers.torrents.rule=Host(torrents.${BASE_DOMAIN-home})"
- "traefik.http.routers.torrents.middlewares=redirectssl@docker"
- "traefik.http.routers.torrentssecure.rule=Host(torrents.${BASE_DOMAIN-home})"
- "traefik.http.routers.torrentssecure.entrypoints=websecure"
- "traefik.http.routers.torrentssecure.middlewares=authentik@file"
sabnzbd:
image: lscr.io/linuxserver/sabnzbd
container_name: sabnzbd
labels:
- "traefik.enable=true"
- "traefik.http.routers.nzb.rule=Host(nzb.${BASE_DOMAIN-home})"
- "traefik.http.routers.nzb.middlewares=redirectssl@docker"
- "traefik.http.routers.nzbsecure.rule=Host(nzb.${BASE_DOMAIN-home})"
- "traefik.http.routers.nzbsecure.entrypoints=websecure"
- "traefik.http.routers.nzbsecure.middlewares=authentik@file"
- "traefik.http.services.nzb.loadbalancer.server.port=8080"
sonarr:
image: ghcr.io/linuxserver/sonarr:latest
container_name: sonarr
labels:
- "traefik.enable=true"
- "traefik.http.routers.sonarr.rule=Host(sonarr.${BASE_DOMAIN-home})"
- "traefik.http.routers.sonarr.middlewares=redirectssl@docker"
- "traefik.http.routers.sonarrsecure.rule=Host(sonarr.${BASE_DOMAIN-home})"
- "traefik.http.routers.sonarrsecure.entrypoints=websecure"
- "traefik.http.routers.sonarrsecure.middlewares=authentik-basic@file"
- "traefik.http.services.sonarr.loadbalancer.server.port=8989"
radarr:
image: ghcr.io/linuxserver/radarr:latest
container_name: radarr
labels:
- "traefik.enable=true"
- "traefik.http.routers.radarr.rule=Host(radarr.${BASE_DOMAIN-home})"
- "traefik.http.routers.radarr.middlewares=redirectssl@docker"
- "traefik.http.routers.radarrsecure.rule=Host(radarr.${BASE_DOMAIN-home})"
- "traefik.http.routers.radarrsecure.entrypoints=websecure"
- "traefik.http.routers.radarrsecure.middlewares=authentik-basic@file"
- "traefik.http.services.radarr.loadbalancer.server.port=7878"
readarr:
image: lscr.io/linuxserver/readarr:nightly
container_name: readarr
labels:
- "traefik.enable=true"
- "traefik.http.routers.readarr.rule=Host(readarr.${BASE_DOMAIN-home})"
- "traefik.http.routers.readarr.middlewares=redirectssl@docker"
- "traefik.http.routers.readarrsecure.rule=Host(readarr.${BASE_DOMAIN-home})"
- "traefik.http.routers.readarrsecure.entrypoints=websecure"
- "traefik.http.routers.readarrsecure.middlewares=authentik-basic@file"
- "traefik.http.services.readarr.loadbalancer.server.port=8787"
bazarr:
image: ghcr.io/linuxserver/bazarr:latest
container_name: bazarr
labels:
- "traefik.enable=true"
- "traefik.http.routers.bazarr.rule=Host(bazarr.${BASE_DOMAIN-home})"
- "traefik.http.routers.bazarr.middlewares=redirectssl@docker"
- "traefik.http.routers.bazarrsecure.rule=Host(bazarr.${BASE_DOMAIN-home})"
- "traefik.http.routers.bazarrsecure.entrypoints=websecure"
- "traefik.http.routers.bazarrsecure.middlewares=authentik-basic@file"
- "traefik.http.services.bazarr.loadbalancer.server.port=6767"
prowlarr:
image: lscr.io/linuxserver/prowlarr:latest
container_name: prowlarr
labels:
- "traefik.enable=true"
- "traefik.http.routers.prowlarr.rule=Host(prowlarr.${BASE_DOMAIN-home})"
- "traefik.http.routers.prowlarr.middlewares=redirectssl@docker"
- "traefik.http.routers.prowlarrsecure.rule=Host(prowlarr.${BASE_DOMAIN-home})"
- "traefik.http.routers.prowlarrsecure.entrypoints=websecure"
- "traefik.http.routers.prowlarrsecure.middlewares=authentik-basic@file"
- "traefik.http.services.prowlarr.loadbalancer.server.port=9696"
jellyfin:
image: linuxserver/jellyfin:latest
container_name: jellyfin
networks:
default:
xcontainernet:
ipv4_address: 192.168.0.201
labels:
- "traefik.enable=true"
- "traefik.http.routers.jellyfin.rule=Host(tv.${BASE_DOMAIN-home})"
- "traefik.http.routers.jellyfin.middlewares=redirectssl@docker"
- "traefik.http.routers.jellyfinsecure.rule=Host(tv.${BASE_DOMAIN-home})"
- "traefik.http.routers.jellyfinsecure.entrypoints=websecure"
- "traefik.http.services.jellyfin.loadbalancer.server.port=8096"
authentikserver:
image: ghcr.io/goauthentik/server:2024.2.2
command: server
depends_on:
- postgresql
- redis
labels:
- "traefik.enable=true"
## HTTP Routers
- "traefik.http.routers.authentik.rule=Host(authentik.${BASE_DOMAIN-home})"
- "traefik.http.routers.authentik.entrypoints=web"
- "traefik.http.routers.authentik.middlewares=redirectssl@docker"
- "traefik.http.routers.authentiksecure.rule=Host(authentik.${BASE_DOMAIN:-home})"
- "traefik.http.routers.authentiksecure.entrypoints=websecure"
## HTTP Services
- "traefik.http.routers.authentiksecure.service=authentik-svc"
- "traefik.http.services.authentik-svc.loadbalancer.server.port=9000"
authentikproxy:
image: ghcr.io/goauthentik/proxy:2024.2.2
labels:
- "traefik.http.routers.authentik-proxy-outpost.rule=HostRegexp({subdomain:[a-z0-9-]+}.${BASE_DOMAIN:-home}) && PathPrefix(/outpost.goauthentik.io/)"
- "traefik.http.routers.authentik-proxy-outpost.entrypoints=websecure"
- "traefik.http.services.authentik-proxy-outpost.loadbalancer.server.port=9000"
immich-server:
container_name: immich_server
image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
depends_on:
- redis
- immich-database
labels:
- "traefik.enable=true"
- "traefik.http.routers.immich.rule=Host(photos.${BASE_DOMAIN-home})"
- "traefik.http.routers.immich.middlewares=redirectssl@docker"
- "traefik.http.routers.immichsecure.rule=Host(photos.${BASE_DOMAIN-home})"
- "traefik.http.routers.immichsecure.entrypoints=websecure"
- "traefik.http.services.immich.loadbalancer.server.port=3001"
networks: default: ipam: config: - subnet: 172.22.0.0/24 xcontainernet: name: xcontainernet driver: macvlan driver_opts: parent: eth0 ipam: config: - subnet: "192.168.0.0/24" ip_range: "192.168.0.200/29" gateway: "192.168.0.1" ```
traefik/traefik.yml ```yml providers: docker: exposedByDefault: false network: homeservices_default file: directory: /app/myconf watch: true
entryPoints: web: address: ":80" websecure: address: ":443" http: tls: certResolver: dnsresolver ```
traefik/middlewares.yml ```yml http: middlewares: https-redirect: redirectScheme: scheme: https permanent: true
authentik-basic: forwardAuth: address: "http://authentikproxy:9000/outpost.goauthentik.io/auth/traefik" trustForwardHeader: true authResponseHeaders: - Authorization
authentik: forwardAuth: address: "http://authentikproxy:9000/outpost.goauthentik.io/auth/traefik" trustForwardHeader: true authResponseHeaders: - X-authentik-email - X-authentik-groups - X-authentik-jwt - X-authentik-meta-app - X-authentik-meta-jwks - X-authentik-meta-outpost - X-authentik-meta-provider - X-authentik-meta-version - X-authentik-name - X-authentik-uid - X-authentik-username ```
Hello nerds! I'm hosting a lot of things on my home lab using docker compose. I have a private repo in GitHub for the config files. This is working fine for me, but every time I want to make a change I have to push the changes, then ssh to the lab, pull the changes, and run docker compose up. This is of course working fine, but I want to automate it.
Does anyone have a similar setup and know of a good tool? I know I could use watchtower to update existing images, but this is more for if I change a setting or add a new service.
I've considered roughly four approaches.
-
A new container that mounts the whole running directory and the docker socket. It will register a webhook in GitHub to receive notifications when I push to the repo, run git pull and docker up. My worries here are the usual dind gotchas.
-
Same as 1, but don't mount anything, instead ssh from container to host and run the steps there. This solves any dind issues, but I don't love giving the container an ssh key to the host.
-
Have a service running on the host outside of docker. This is probably the correct approach, but very annoying since my host is a Synology nas and it doesn't have systemd or anything like that afaik.
-
Have a GitHub action ssh to the machine and do the steps. Honestly the easiest way but I would prefer to not open ssh to the internet.
Any feedback or tips are much appreciated. I don't feel like any of my options are very good and I feel like I am probably missing something obvious.
I have two ways to supposedly "clear read" posts when viewing a community, however doing so has no effect. I've got the app set up to hide read posts, so clearing read posts should let me see the ones that were previously hidden but that does not happen. My only way to see those posts now is to open the community in a web browser.