In addition to netbox, a wiki or other knowledgebase would be nice. You can document setup procedures as you go, and then other people can use that to figure stuff out.
moonpiedumplings
joined 2 years ago
Forgejo has a feature (that people usually disable) where you can bring your own openid connect url and use it to auth. So if I have my own OIDC provider I am self hosting, I can just use that to log in.
Most people only use it for google and microsoft and whatnot but it's very possible. I don't realkly see what FedCM offers that OIDC doesn't or can't, or why we shouldn't be adding features to the existing and popular OIDC instead.
The problem is that real dumb phones are hard to find. Many modern "dumb phones" are actually full android devices, complete with a boatload of spyware that helps keep the cost of the device itself low.
KaiOS is better but that's a whole linux distro, with similar issues.
Since you mentioned tethering, do you have an example of a non android (or at least one that's not preloaded with a ton of spyware) dumbphone that supports usb tethering? I am skeptical that a real dumbphone would have this feature.
My one fear with this is offline authentication. I enjoy oauth/oidc a lot, but it doesn't have mechanisms for machines to continue to be able to authenticate while offline, like the way ldap/kerberos can do.
Is this just for machines that will always be online? I can understand that usecase but :/
EDIT: Okay, one comment, mentions himmelblau an alternative to authd, which seems to be more mature. Himmelblau has docs about offline usage. It looks like it has an emergency config that can use a cached password from the oidc provider,
Single-factor authentication (SFA-only) users and Hello-PIN users already have offline sign-in capability
Hmmm. Okay. Upon doing further reseach, it looks like offline authentication is exclusive to Microsoft Entra ID. :/
Syncthing has encryption as well. You can have a device be "untrusted" so you put in an encryption password, and data sent to and stored on that device will be encrypted.
Although this does encrypt file (and directory) names, the caveats about folder structure and modification time still apply.
He fed only the API and the test suite to Claude and asked it to reimplement the library from scratch.
What was the test suite licenced under? If it was in the same repo, then it was probably LGPL code as well.
If the MIT rewrite uses the LGPL licensed test cases, including them in the repo, then it probably must be LGPL as well.
I use fluxcd with helmrelease's which auto update the helm release. If the helm chart versions specify container versions, then updating the helm chart updates the containers in the deployments.
But for raw deployments, I found this, but not much else.
In addition to adding more worker instances, you can also increase the amount of threads each worker instance uses to vertically scale. It's about equivalent to adding a worker instance.
Authentik is definitely the best of all I've tried. It has the most features, supporting both ldap and oauth, and also has an official helm chart.
Codeberg has been having outages recently.
https://status.codeberg.org/status/codeberg
According to this page, it's only been up 50% of the time.
Sample with fibonacci:
view more: next ›
Do you use the web ui?
I use the web ui heavily, but it's only packaged by the incus package from the author, and not included in the debian packages.
Also, what are you using for authentication?