The first one. The service is owned by root, but the application is running as an unprivileged system user.

Quadlets work like any other systemd service.

You create the user/group you want to run as on the underlying system, then just specify that user/group in the quadlet file.

If you look at my *arr examples, you can see the user and groups they’re running as.

Podman quadlets can also auto-update and auto rollback, if needed.

Same here.

Pulling doesn’t work if you don’t know when a system will be online, so it only makes sense for my laptop to push.

Seems to be specific to rewrites using an un-named capture.

grep -rnE "\$[0-9.*].*\?" /etc/ngnix

should show if you have any potentially vulnerable directives in your config.

It’s a function of a “pod” within podman.

I wrote the podman examples for AudioMuseAI using a pod: https://github.com/NeptuneHub/AudioMuse-AI/tree/main/deployment/podman-quadlets

And I have an example *arr suite on my GitHub page: https://github.com/K3CAN/podman-arr-quadlets

I’ll second podman quadlets. Good security, full integration with systemd, pods allow applications to easily share a namespace, and you can manage graphically through Cockpit if you really want to.

The only systems with ip6v in my network are Wi-Fi devices and my public-facing reverse proxy. I use a prefix delegated by my ISP.

All of my non-public servers have ipv4 only.

I use Wireguard.

For my phone, I use the “WG Tunnel” app: https://github.com/wgtunnel/android

It’s nice because it’ll automatically enable/disable it as I move between networks.

Before that, though I used the official client and I just kept it on 24/7. It’s not like it uses extra data or battery or anything.

Correct. Full-upgrade is the new term. It’s an alias, though, so using either will accomplish the same thing.

I’ll second that

Jellyfin can function as a music server, but it’s definitely a video server first. All the other media (music, books, podcasts, etc) are basically still treated like TV shows when it comes to how they need to be rigidly organized.

Navidrome on the other hand, can just take a pile of mp3s and sort everything out based on tags. Navidrome can also handle additional artists, so it can understand that “Eminem feat Elton John” isn’t a single artist. That was ultimately what made me switch from Jellyfin.

Personally, I ripped my CDs to MP3S, and convert anything I downloaded to MP3, as well. I’m no audiophile, so I really can’t tell the difference when listening; the difference is only noticeable when I look at my storage and bandwidth.

I’m not sure what Steady is, but it sounds like FreshRSS can do what you want. If you can read the articles on the website, then you should be able to use FreshRSS to scrape the site and create a feed from it. For content behind a login, I’m pretty sure FreshRSS can handle basic-auth or you can provide it cookies.

There’s also KillTheNewsLetter which does what you want the other way, by just converting the emails into an RSS feed. It can be self-hosted, but I haven’t tried it myself, though.

I agree with this.

Social media shouldn’t be a requirement to express yourself online. If you start with a website, then you can choose to share on social media if you want, or not, plus anyone who wants to follow the site can subscribe to the feed without needing an account themselves.

It never left!

Floodgap and SDF is still rocking and there are tons of personal phlogs.

Mine, for example: gopher://gopher.k3can.us

I’d look into Lubelogger for vehicles, paperless-ngx for general paperwork, and grocy for everything else.

And auto rollback to the previous image if a container fails after an update.

I don’t know the source, but this user uses it for a lot of their websites.

hashtagsafety.getinfotoyou.com imageslim.getinfotoyou.com holidaysync.getinfotoyou.com and so on.

Quadlets. Auto update and auto rollback if the new image fails to start. Plus easier management overall, too.

Yeah. I just needed to provide a US-based mailing address.