Skip Navigation
Chaining routers and GUA IPv6 addresses
  • And openwrt is capable enough?

    Yeah it's insane right? Every address is reachable when I open a port range. And it's like there are ~ 10 predefined services (HTTP/S, SMTP, ...) and the category "All other ports" where also 22 is part of. So I really have the choice to either keep everything shut or leave everything wide open.

    I think I can't use my own modem but I'll have to double check with my ISP. But yes the Wi-Fi is also provided by that router and it's also quite crappy.

  • Chaining routers and GUA IPv6 addresses
  • Thank you! Do you have an example for such a firewall device? Could something like the TP-Link Archer AX55 in IPv6 "pass-through" mode do the job? Or would you go for a standalone firewall? My budget is around a hundret bucks.

  • Chaining routers and GUA IPv6 addresses

    Hey fellow self-hosting lemmoids

    Disclaimer: not at all a network specialist

    I'm currently setting up a new home server in a network where I'm given GUA IPv6 addresses in a 64 bit subnet (which means, if I understand correctly, that I can set up many devices in my network that are accessible via a fixed IP to the oustide world). Everything works so far, my services are reachable.

    Now my problem is, that I need to use the router provided by my ISP, and it's - big surprise here - crap. The biggest concern for me is that I don't have fine-grained control over firewall rules. I can only open ports in groups (e.g. "Web", "All other ports") and I can only do this network-wide and not for specific IPs.

    I'm thinking about getting a second router with a better IPv6 firewall and only use the ISP router as a "modem". Now I'm not sure how things would play out regarding my GUA addresses. Could a potential second router also assign addresses to devices in that globally routable space directly? Or would I need some sort of NAT? I've seen some modern routers with the capability of "pass-through" IPv6 address allocation, but I'm unsure if the firewall of the router would still work in such a configuration.

    In IPv4 I used to have a similar setup, where router 1 would just forward all packets for some ports to router 2, which then would decide which device should receive them.

    Has any of you experience with a similar setup? And if so, could you even recommend a router?

    Many thanks!

    8
    Podman 5.3 released with changes for improved networking experience with pasta
  • Take a look at the podman kube play command which lets you run K8s-style stack definitions on podman. Has partly replaced compose for me (although I still have some docker servers running for stacks that don't play nicely with podman yet).

  • USA to be renamed to XXX

    Most relevant section translated to english:

    If he (Trump) wins the election on November 5, his billionaire supporter Musk will chair the new board. This is to implement a full financial and performance audit of the entire government and make recommendations for drastic reforms.

    Source: Swiss state media article

    21
    sport watch supported by Linux/FOSS software
  • Probably not what OP is looking for.

    But I'm also happy with my Garmin Instinct. I use it disconnected from my phone, it does everything I need offline and stand-alone. To add tracks for navigation I just connect it to my linux laptop and drop the GPX file into the NewFiles (or whatever it's called) folder on the watch. I was surprised how well it works without official apps. The only thing I used the app for was to update the firmware when I bought the watch.

    Also, fittrackee looks promising - thanks for the tip!

  • Using Fedora Atomic (CoreOS, IOT) as server OS - Experiences?
  • I migrated my home- and webservers from Debian to FCOS a while ago and I'm very happy with how everything works.

    Troubleshooting butane/ignition was a bit of a pain in the butt but worth it imo. I suggest just reading through the FCOS docs, they guided me well while setting everything up. I use podman on my webservers and docker on the homeserver (bc nextcloud aio is not fully podman compatible). I use the installer to build a pre-configured ISO that I can deploy where I want to.

    Someone in the comments mentioned Flatcar, which I think looks compelling as well, since it's basically the same but more of a community effort.

  • Microsoft is enabling BitLocker device encryption by default on Windows 11
  • I think this is a step in the right direction. Everyone can lose a portable device or it can get stolen, so protecting the potentially sensitive data is important.

    I think what people are complaining about is not full-disk encryption itself, but the fact that people are not used to being responsible for their cryptographic keys.

    I think we should educate people regarding this responsibility. We did it with regular keys we use to unlock our homes.

  • Modern online banking

    A couple of years ago, QR-bills were introduced in Switzerland as a means to make payments easier. My bank provides an app to scan the QR codes, which I prefer not to install. The only other option they provide to scan the codes is to use the webcam. Am I supposed to print my digital bills to have my webcam scan them again? Just let me upload a goddamn screenshot.

    10
    So... How was your weekend?
  • I went to a small (~30 people) festival dedicated to wood carving, because I was asked if a wanted to cook for everyone. Found it very inspiring to get an impression of that very specific sub culture.

  • New Open Source law in Switzerland
  • Swiss lemming here. Switzerland already open-sourced multiple projects before, most notably the app to store your COVID test / vaccination status in. It was even officially available on F-Droid. I was very suprised at that point, and I'm happy to see that there are now efforts to make such behavior more default and less edge case, even when there are exceptions.

  • Any of you have a self-hosted AI "hub"? (e.g. for LLM, stable-diffusion, ...)

    I've been looking into self-hosting LLMs or stable diffusion models using something like LocalAI and / or Ollama and LibreChat.

    Some questions to get a nice discussion going:

    • Any of you have experience with this?
    • What are your motivations?
    • What are you using in terms of hardware?
    • Considerations regarding energy efficiency and associated costs?
    • What about renting a GPU? Privacy implications?
    21
    Migrated my self-hosted Nextcloud to AIO and I absolutely love it

    Just wanted to share my happiness.

    AIO is the new (at least on my timeline) installation method of Nextcloud, where most of the heavy-lifting is taken care of automatically.

    https://github.com/nextcloud/all-in-one

    27
    InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)RO
    robber @lemmy.ml
    Posts 8
    Comments 62