Not sure how we portray work… But I’m willing to do annoying things for the right amount of money. If you pay me, I’m gonna use your AI, code in PHP or Visual Basic 6, store the code on a Windows file share instead of a version control system… Whatever you like. Just need to compensate my hours. I won’t necessarily like it, or show a lot of motivation…

Online classified ads, your neighbour/relative/friends attic, the access road towards the recycling center/landfill, a refurbished PC shop… From my experience the world is filled with old hardware that’s plenty good enough, just doesn’t run Windows 1X anymore so it becomes e-waste. You can of course also buy a Mini-PC on Amazon or use your existing computer if it has enough RAM to host a virtual machine.

… don’t forget about the backups.

And if your major issue is putting things in wrong locations… Maybe learn about some abstraction layers, so next time you’re able to just move it, instead of tearing it down?

I think the added benefit of an OpenWRT router is, you get 3 more ports (for your TV, Playstation and PC), plus a Wifi network. And it’s really hard to break it. But a MiniPC with OPNsense, of course will be more powerful. And some more advanced things have been notoriously difficult to set up in OpenWRT, maybe OPNsense does it a bit better.

I have a port forwarding without any tunnel to third parties and Wireguard.

I think there’s pros and cons to everything. That way would have been less of a dickhead move towards the Forgejo developers. But a big letdown to admins as they don’t know what’s up with the software they’re running on their servers. The way the author chose gives some new intelligence to admins, and they can now act on it, since it’s public knowledge. But it’s annoying to the devs.

I guess I as a Forgejo user am kinda greatful they did it this way. Now I got to learn the story and can allocate 2h on the weekend to see if my personal Forgejo container is isolated enough and whether the backups still work.

(But that’s just my opinion after reading one side of the story. Maybe there’s more to the story and they’re being a dick nonetheless…)

Edit: And regarding just dropping the security team an informal mail… I don’t know if that’s clever. You’d normally either follow some security policy, or don’t engage. Sending them other kinds of mails which violate their policy (an internal carrot) might not be the best choice.

Thx very much. That’s valuable info. I edited my comment and crossed it off my list of software to evaluate for future projects. I already got the vibe-coding and a bit of sketchiness by scrolling through the latest commits and issue tracker.

Thanks for pointing it out. Yeah it does. I just copy-pasted what I found and didn’t check.

Yes. I’ve been somewhat lucky as well. Upgraded my homeserver to 48GB to run a few virtual machines and maxed out my old laptop well before prices skyrocketed. Got to check if I still pay the ~8€ a month for my netcup VPS or if they increased price for existing customers as well…

Was pretty much clear since last year. At the latest in December when they switched to “maintenance mode”. And now they archived it.

https://blog.vonng.com/en/db/minio-is-dead/

Alternatives include Garage, SeaweedFS (and RustFS).

Edit: RustFS looks very sketchy. Read object Object’s comment below before using it.

I think I get those emails twice a year. And it’s usually same price and double storage for the VPSes. Can recommend netcup.de as well. They used to be a bit cheaper than today, but I guess every hoster increased price within the last year.

I’d let the home server connect to the VPN on the VPS so there’s a direct tunnel between the VPS and the home server. And the router is pretty much irrelevant. You can of course choose to terminate it on the router as well, bus as you said, that requires either a second forwarding. Or the entire home network to be bridged or routed.

I think a few people already mentioned some good solutions. I just wanted to add: A port forwarding in the firewall of your router is the basically the same thing as a port forwarding on your Linux computer’s firewall. You could just set up any VPN, SSH tunnel or whatever and then use your firewall (nftables, iptables) and forward the VPS’ extetnal port to the internal port on the VPN. It’s the same thing you do on your router, just that you don’t get a graphical interface to configure it.

Depends on where you’re at. If that’s Germany or close to it, we have the Digitalcourage DNS server, OpenNIC. I haven’t tested anything else but there’s also dnsforge.de, Digitale Gesellschaft in Switzerland, and of course Quad9 who operate globally.

I’ll do my very best. I mean not “have you heard of our lord and saviour RMS” style… But you can definitely have some fun with teaching teenagers to use Kdenlive. Or ask them whether they’re interested in setting up a Luanti world with loads of additional mods. 😀

Yes. With other projects, I often found it is problematic. Like Claude come up with lots of advertisement text, but the software doesn’t even do a fraction of it. Or the install instructions are made up and nothing works… So I usually advise for caution once a project has a wide disparity in claims, stars and signs of actual usage… But I can’t tell what’s the case here, without a proper look. It definitely has some red flags.

I appreciate people being upfront, as well. Ain’t easy. Just try to install and test it before advertising for the project.

Yeah, they’re transparent about AI usage. There’s a small paragraph at the bottom of their README.

I mean the website sounds like AI text. The repo is fairly new. Only 1 issue report about how something doesn’t work, zero PRs and seems it’s a single person uploading commits… I’d wait a bit before deploying my production services on it 😅 They’re making a lot of bold claims in the README, though.

I think so as well. The computer isn’t really good to “use” it. That’s more the category for experiments. Or teach people how to install Linux. Or a computer museum corner and you put vintage games on it. Or just recycle it.

And a box with RAM sticks collecting dust isn’t useful either. Put whatever is compatible into other computers, and then try to sell and recycle them. Seems 4GB DDR3L RAM modules still sell for 1 to 4€ on eBay?! So maybe you can make a few bucks to invest in other projects for the kids.

Thanks for the nice conversation.

Now that OP is inactive, I can also spoil the surprise: My link further up was Rick Astley singing: Never Gonna Give You Up.

It’s safe to click. I just figured since OP isn’t listening to answers, I’ll give them some video to learn -hands-on- about videos on the Darknet.

If someone had clicked the link, they’d get the opportunity to learn how fast or slow a video loads. And how it (likely) first requires the user to lift some security measures or videos won’t load at all. (At least my browser does, there’s no JS and then NoScript also complains about the media file.)

We and other people in the comments pointed that out in the proceeding conversation. But nobody clicked the link anyway. I always have the feeling the groups of Threadiverse users and people with the capacity to surf the Darknet are pretty much disjoint groups. But it’s really nice to once and again talk to someone with some more knowledge and/or first hand experience. 👍

I think we’re somewhat on the same page here.

That means going through an exit node […]

I2P doesn’t have exit nodes. Once you load content from outside the network, that won’t be via I2P, only chance is to get it directly via another connection. For example your default internet connection. So either the browser or operating system is configured to block that. Or you’ll leak your IP.

Then you didn’t have ‘Safest’ mode enabled

Yeah, that’s why I said, use a dedicated browser for that. Something preconfigured to not allow any of that.
Yet better: Use Tails like recommended by Snowden.

Those are called bugs and they do happen […]

I’m not so sure about this… Is “safest” mode really all you need? And does it reliably deal with 100% of the attack vectors? Last time I tried it wasn’t too good for example against browser fingerprinting (which doesn’t reveal an IP, but might be bad as well). And there’s a million ways from WebRTC, to trying to get the IPv6 address if all you did is configure an IPv4 proxy, DNS leaks, browser plugins, the webfont system does a lot of weird things, all the things done to do multimedia are very complex and might offer side-channels, I recently learned how to extract some information with CSS alone, no JS needed… Does “safest” really do a 100% job? I mean what I’ve done until now is to discourage people to mess with their browser settings themselves because it’s (a) easy to make mistakes or miss something, and (b) I wasn’t sure if that setting even does all the heavy-lifting without going into detail with all the other changes for example TOR browser bundle has?!

I’d need to look it up but I think there’s a lot of opportunity without resorting to 0-days.

EDIT […]

Yeah, I think that’s why good (and easy to use) pron sites you’d “recommend to people” aren’t really a thing on there.

And there’s the other thing that horny people might just click “allow” on something, because their brain is currently not in logical thinking mode.