You can install it via flatpak and use selinux as well if you need. You can also encrypt and password protect the database, which can also be held in your keyring.

As with any app its up to you to decide and mitigate any perceived risks.

Yep

OTPClient

Awesome TOTP app that can import your Aegis Authenticator database, which then you can keep in sync with your phone and desktop.

Super handy.

I tried to get something on iPhone once, added credit to my account using one of those vouchers you can get from the store. I was able to add the credit, but it refused to allow me to purchase anything without adding payment details.

Get a Steam Deck, and you can press the power button whenever you want to stop playing and it puts the system on standby. Press it again and it powers on in a couple seconds right where you left it.

Damn, not sure I’m a fan of any of this. I left Arch because I didn’t want to be on Rolling release any more, and really liked what Nobara was offering for the out of the box experience.

Brave is super sketchy, and not sure about putting in yet another thing to handle updates (replacing plasma-discover and gnome-software).

I’m wondering if its worth forking it to remove some of these changes.

What about Deskflow? Worked pretty well for me.

All good, yea its because I need crowdsec installed on the proxy as well - not just the bouncer - in order to actually send the logs to Opnsense.

I ended up having some weird performance issues so I pulled it all out for now and will revisit another time.

With the bouncer setup, I assume I need to pass in where to look for logs or something for those to be passed into the lapi? I followed this CrowdSec and Nginx Proxy Manager , as far as I can tell everything is connected an running, I have crowdsec running on OpnSense via the plugin - it appears to be healthy as per the CrowdSec Console.

npm  | [nginx       ] nginx: [error] [lua] crowdsec.lua:62: init(): error loading captcha plugin: no recaptcha site key provided, can't use recaptcha       
npm  | [nginx       ] nginx: [error] [lua] ban.lua:37: new(): BAN_TEMPLATE_PATH and REDIRECT_LOCATION variable are empty, will return HTTP 403 for ban decisions
npm  | [nginx       ] nginx: [alert] [lua] crowdsec_openresty.conf:5):11: [Crowdsec] Initialisation done                                                    
npm  | [supervisor  ] starting service 'app'...                                                                                                             
npm  | [app         ] [5/5/2025] [11:26:30 PM] [Global   ] › ℹ  info      Using Sqlite: /data/database.sqlite                                               
npm  | [supervisor  ] all services started.

I thought crowdsec does everything fail2ban does in addition to global block lists?

Where did you have it setup? Is your proxy configured to forward the real IP?

Nah, that one conflicts with my IPoAC networks unfortunately :(

ITX is fun to build, but really limits your options and expandability.

For an ITX build make sure you’ve got a CPU with integrated graphics, so you’re not wasting a slot for a GPU. You can also get an internal SATA/RAID card to expand the amount of drives you can have.

I have some alerts like that using Pushover. You can set it to treat high priority alerts like an alarm which bypasses things like do not disturb and silence etc

It can be pretty frustrating when dealing with old code bases. However its introducing a lot of really great features, so if you’ve got the time to either start a new project or rewrite with the more modern features you’ll be fine.

What’s an Airsoft “cheater”?

Oh, that works? That’s some inception level containering right there

That could work. Wouldn’t help for any Lemmy apps though unfortunately.

That might be a better option really. I might check that out. I kind if wish Proxmox had Docker integration instead of lxc but that’s a different topic.

OK, sweet thanks. I just thought having the media files directly in the ZFS pool (zfs pool > files) instead of ZFS Pool > Qemu img > Files would be smarter