brvslvrnst

Storytime!

I was taking a mental health day not too long ago and went to a local diner. My thought was I should try interacting outside my bubble to make me feel better. And it kinda worked…ish. I should’ve read the flags, one of which was him saying my paper was fake news, but alas.

Started talking to this old dude, apparently had a long historical knowledge of his family, which he stated family history placed their start in the 1700s. Talked about how his family took place in all the wars.

After an insane detour on how the North actually was at fault for the first shots fired, he pivoted to how Sherman burned down the family plantation. How absolutely terrible that was for his family.

Then he pivoted to talking about the KKK, and whewwww did that illuminate the absolute dichotomy of history for me. He stated that “they originally formed to protect women that were beat by their husbands.” After I asked about the whole racism bit, he said it wasn’t as bad as people made out.

At that point I grabbed my check and peaced out. Totally helped me get over my funk by showing just how fucking insane people’s idea of history is.

G^ereed for sure!

I just realized that the shitty software on the other side of the divide is casting null to ”null", which absolutely explains that issue. What a cluster

Might just be the media I was using, but every caption language loaded on screen and couldn’t be turned off after the update lol it was quite the book on screen

Specific to windows then?

Edit: sorry, apparently not specific lol the CVE is specific to windows

rsync gang when?

“…is are…”?

Yupp! Set up folders, enable on multiple computers; baby, you got a stew going

BT Sync no longer in vogue here? That’s what I’ve used to both sync and distribute certain things. Used to use it for my image backup until immich came along and stole my heart. Still use it for phone backups

Expanding on this, I also have wireguard setup if I’m not on my home WiFi so can access “as needed” that way

Revert this later

deleted by creator

vault101 was retired a few years ago and migrated to vault111

Here’s how I generated the CA:

# openssl genrsa -des3 -out my-ca.key 2048
# openssl req -x509 -new -nodes -key my-ca.key -sha256 -days 1825 -out my-ca.pem

I’m sure I’ll receive flak for how I went about it, but importing that pem into the “install certificates” bit of the settings works like a charm.

I’m the bad guy that installed my CA where needed lol but nice!

My current backup strategy is BTSync, which while super easy to get going is a pain in the ass to look up old images. Using direct IP on the app works perfectly, and the DNS lookup only works internally anyways.

All that to say that I’m probably going to use it and remove the btsync approach in a couple months.

All the traffic is internal, so I can get away with it 🙃

Really was just interested in what cert generation entailed and did a fun little dive a few years back.

I’ve been using it for about a month, and love it.

My one complaint: self-signed certs on reverse proxies seem to break the android app backup. I’m not sure why, but internal CA seems to make things angry. Its more likely to be a local setup issue than anything in immich, but frustrating to pin down.

My approach was to set it all up internally, create a wireguard VPN accesspoint and only open that up. That way I don’t have as much to worry as much within the network (still use generated passwords for things) and able to access it anywhere.

Granted, you asked about opening up to the www. I’d suggest buying a domain through cloudfront, setting up an nginx instance that proxies traffic (think nextcloud.mydomain.com), and have it only accept connections from cloudfront servers.

That allows you SSL termination, pretty good bot coverage, and a nice domain name to share as needed.