brokenlcd

@[email protected]

This profile is from a federated server and may be incomplete. View on remote instance

brokenlcd ,

Just coming from a 2wk exam crunch. Hits way too close than I'm comfortable to admit

brokenlcd ,

I once wired my whole ass house for ethernet. (Before realizing I was colorblind nonetheless.) Instead of studying.

Never underestimate how you can use study procrastination as a push force for other shit.
(Unless you're a dipshit like me and do it with an imminent exam)

brokenlcd ,

Liking computers in general and switching to Linux at 15 out of desperation.

After that all it took was getting an shitbox pc as a hand me down to make me go "Linux is also used on servers right? Shouldn't be too difficult to setup something." And that's how I got the bug.

brokenlcd ,

A summer night yes... But a night nonetheless.

brokenlcd ,

Crunching like mad for an exam currently. So justice and femtanyl to hype myself up while studying. (For me they work well since they don't have lyrics/they aren't easily comprehensible)

And before going to sleep. Either caravan palace or Jamie Berry to calm back down. + a couple of songs from Mina Celentano.

@Reshirams_Rad_Slam@mastodo.neoliber.al avatar Reshirams_Rad_Slam , to No Stupid Questions

nostupidquestions@lemmy.world icon No Stupid Questions Do you always have either dead pixels, loose charging port, or broken hinge with Acer laptops?

brokenlcd ,

Acer travelmate 4070. Used as a control unit for a cut and bend machine. (Don't ask me why)... Holy shit that bastard has outlived around three of the machines that began work with it.

What I'm saying is. Acer was good. But like all things enshittification ruined it.

HP though... I don't think I've ever seen a good hp. Even the ancient ones.
I feel like the only HP stuff that saves itself are calculators and some of the old testing equipment

brokenlcd ,

I still remember when my cousin's cat chewed through the pellet stove's power cord... I don't think I've ever heard a sound that so perfectly matched the expression "screams from hell".
Luckily the RCD tripped so the poor bastard survived. But he sure as hell isn't touching wires again.

brokenlcd , (edited )

The last two books i've read are my Aerodynamics book for an exam. And Harry Potter and the philosopher stone to help my sibling make a review for English class.

Sooo... Potter will see how his magic fares against a rocket.

brokenlcd ,

Well. It couldn't be hornets. They're already hellspawn in of themselves

brokenlcd OP , (edited )

I genuinely haven't touched a game in three months due to exams. I've just now got more free time and managed to will myself to set it up one day. And then the will died again.

Could also be me going into standby in the evening from work/classes.

brokenlcd OP ,

TBF it's not that bad of an idea... The first game I've ever finished was Wario ware after all.

I'll look into this.

Meanwhile I picked up Cyberpunk the first time it went on sale and have played through the tutorial like 5 times.

This hits a little closer to home than I'm willing to admit.

brokenlcd OP , (edited )

I started a game review blog here on Lemmy, but I'm having trouble finding games I want to discuss lately

Ooh I remember you! It was fun seeing people having takes on some older games I had actually played while on the train. Mainly kona and Pacific drive.

My 2¢ when you also manage to get out of this purgatory is valley, parkour/puzzle based for the sake of exploring what happened to the place. Story driven and pretty good from what I remember. I played it back when it came out.

The other one is ultrakill. Frenetic as fuck boomer shooter. Most of the fun comes with learning tricks and acing levels and challenges. Not everyone's cup of tea.
Still. Hakita's a musician and it shows a lot. The soundtrack is great. And the game was originally made to promote an album iirc. Played before the last round of exams sucked all will from me.

anything in particular that's also stuck in your list?

brokenlcd ,

Remembering long passwords. We're talking in the 30-40 character ballpark. And I still can't remember people's names.

brokenlcd ,

Fuck drones and UAV. grandma's slippers could snipe you like intercontinental missiles ffs.

brokenlcd ,

The anxiety of not catching the train to university did it for me. Go to sleep at midnight. Wake up at 5:30 to get ready.I manage to hold up for the five days of courses.

Saturdays though? A nuke could go off and I wouldn't wake up.

brokenlcd ,

And then. The immediate follow up message.

hey could you come pick me up I need to go to the hospital

brokenlcd ,

You can't imagine how happy am I to have never jumped the wagon. To either VSCode or to anything from JetBrains. Began using eclipse on my uncle's computer back in ~2010. And just never left.

It followed me through c++, java for uni classes and Python. It followed me when I switched to Linux. I'll bring it to my grave if it keeps going.

Is it the best? Nope. But it's fucked up consistently enough for me to get used to it well enough.

brokenlcd ,

True. But there's also the fact that eclipse is maintained by the eclipse foundation. a not for profit, I'm not sure how it works for jetbrains' CE versions. But I assume they're still handled by jetbrains itself.

shouldn't matter too much for the open source versions. But there's my 2¢

brokenlcd ,

Willingly is a strong word. More of a "this shitbox is the only thing I know how to use well".
It's been my first window into programming. And at the time my uncle used it for work. So he taught me how to get around the mess.

Also I'm quite sure Eclipse played a big role in why I despise Java with every atom of my being.

I've tired switching to VSCode. But my peewee brain doesn't process how to use it. It tries to default to the way I use Eclipse.
I've started managing to rattle off some programs with micro+clang. That seems to be the easiest way out for me. Considering I don't program for a living.

I feel like an accountant refusing to let go of it's MS-DOS based software ffs.

brokenlcd , (edited )

And if you lack the screwdriver.
So long as the head is not the flat style and you have room. Angle grinder/dremel and everything turns into a slot head screw.

brokenlcd ,

Translation error

brokenlcd , (edited )

Tbf it's more of a european thing. I'm Italian and I've installed hundreds of these.

Also... Assuming Liftup windows actually exist in America and aren't just a myth. You.should be able to do something similar by jamming something in the window rail.

Standard swing windows though... Pray.

brokenlcd ,

Coming from someone that builds them. At least where I live the mechanism is proprietary so it may not exist for every extrusion profile. Plus for big enough doors/windows the hinges to bear the load either don't exist or get expensive quick.

brokenlcd , (edited )

PVC tends to be lighter than the thermal isolated aluminum we usually use. At least the stuff we have over here. (I work with steel and aluminum though. Never dealt extensively with PVC since it requires specific equipment).

Usually the problematic ones are the long "strip windows" (80cmx3 to 4 m) that some places use especially with argon filled glass panes (thick, layered double panes. With argon filling for emissivity. It may be what you have as well). But for them the style in the picture is usually set aside for a vasistas style closure. Which has an extra support for the panel. Paired with a pull string opening mechanism. I don't know what's the generic name.

https://feddit.it/pictrs/image/3b695875-7d4b-43e0-b071-33a409ad4d86.jpeg

brokenlcd , (edited )

Those only open via vasistas, you can't swing around a 4m window lol.

Yeah. Didn't think too hard about it, the idea for that project was to segment it and use tilt and turn. But in the end it was kept a singular window And wasistas was used with the string mechanism for commodity's sake.
the change of plans we did made me brain fart... sorry It late over here 😅. still. I've made some doors that were too heavy For the tilt and turn hinges we normally use. Mostly due to weird glass pane requirements and sizes. The hinges could most likely handle it. But the specifications said otherwise.

Mine are aluminum frame, steel reinforcements, PVC is only the external layer:

That's similar to what's used over here. But iirc the aluminium is not in the ones I've seen only PVC and steel Reinforcements. Could be wrong though.
I'm quite sure is the same company though. That profile looks very similar.

brokenlcd ,

Wait for it. She's still compiling Firefox.

brokenlcd ,

Idk. Frankly I'm just echoing the meme. And also. In the 5 years I've used linux i haven't touched chrome/chromium with a 10ft pole. Let alone compile it.

I do remember compiling an oddball version of wine once though. Don't remember much about how it went. But the fact I have it duplicated 5 times tells me I never wanted to do it again.

brokenlcd ,

Does it work the other way as well though?
Just flat out shit piston straight into your nuts.

brokenlcd ,

It also has an integrated fullness gauge: when th piss level reaches your dick. It's time to empty the bucket.

brokenlcd ,

Home? Refurbishing my father's old vespa and setting up my first proper server. So if I lose my tablet I don't lose all of my uni notes.

brokenlcd , (edited )

Wasn't that + radio schedules the reason why songs are still for the most parts ≈3min long?

And if we want to talk about longer songs... Alan Fitzpatrick - We Do What We Want ? As a more popular example.

brokenlcd ,

9? It would be perfect. Here lessons start at 7. And to take the train I need to wake up at ~5:30.
I'm literally the first to fall asleep in my family. I need to. My body demands 8 hours of sleep. Less and I'm in power save mode the whole day. And as soon as I hit 8 hours ±10 minutes, I wake up, no chance of going back to sleep.

issues setting up nginx as an https proxy

i'm trying to setup nginx to run as a proxy to aggregate multiple services. running on different ports on the server, using nginx to let me connect to all the services by going to a specific subdirectory. so i can keep only one port open in the router between my lab and the main house network. ...

brokenlcd OP , (edited )

I'm sorry. I forgot to mention it in the post. But the server is not facing the outside. It's just behind an extra nat to keep my computers separate from the rest of the home. There's no domain name linking to it. I'm not sure if that impacts using subomains.

The SSL certificates shouldn't be a problem since it's just a self signed certificate, I'm just using SSL as a peace of mind thing.

I'm sorry if I'm not making sense. It's the first time I'm working with webservers. And I genuinely have no idea of what I'm doing. Hell. The whole project has basically been a baptism by fire, since it's my first proper server.

brokenlcd OP ,

If I remember correctly there was an option for that. I need to dig up the manual...

Still, I think I'm going to need to change approach. Eventually one of the other services will bite me if I keep using subdirectories.

brokenlcd OP ,

I'll need to check. I doubt I'll be able to setup a DNS resolver. Since I can't risk the whole network going down if the DNS resolver fails. Plus the server will have limited exposure to the home net via the other router.

Still. Thanks for the tips. I'll update the post with the solution once I figure it out.

brokenlcd OP , (edited )

I think that pihole would be the best option. But coming to think of it... I think that to make it work I'd need two instances of pihole. Since the server is basically straddling two nats. With the inner router port forwarding port 1403 from the server.
Basically:

https://feddit.it/pictrs/image/df8dc307-4828-4a8a-9ec6-9b95cbb9881d.png

To let me access the services both from the desktop and the laptop. I'd need to have two DNS resolvers, since for the laptop it needs to resolve to the 192.168.0.* address of the homelab router. While for the desktop it needs to resolve directly to the 10.0.0.* address of the server.

Also, little question. If I do manage to set it up with subdomains. Will all the traffic still go through port 1403? Since the main reason I wanted to setup a proxy was to not turn the homelab's router into Swiss cheese.

... The rootCA idea though is pretty good... At least I won't have Firefox nagging me every time I try to access it.

(specially with docker containers !)

Already on it! I've made a custom skeleton container image using podman, that when started. It runs a shell script that I customize for each service, while another script gets called via podman exec for all of them by a cronjob to update them. Plus they are all connected to a podman network with manually assigned IPs to let them talk to eachother.
Not how you're supposed to use containers. But hey, it works.
Add to that a btrfs cluster, data set to single, metadata set to raid1. So I can lose a disk without losing all of the data. ( they are scrap drives. Storage is prohibitively expensive here) + transparent compression; + cronjob for scrub and decuplication.

I manage with most of the server. But web stuff just locks me up. :'-)

brokenlcd OP ,

I think I'll do this with one modification. I'll make nginx serve the landing page with the subdomains when computers from router A try to access. ( by telling nginx to serve the page with the subdomains when contacted by 10.0.0.1) while I'll serve another landing page that bypasses the proxy, by giving the direct 10.0.0.* IP of the server with the port, for computers inside router B .

Mostly since the Ethernet between router a and b is old. And limits transfers to 10Mbps. So I'd be handicapping computers inside router B by looping back. Especially since everything inside router B is supposed to be safe. And they'll be the ones transferring most of the data to it.

Thanks for the breakdown. It genuinely helped in understanding the Daedalus-worthy path the connections need to take. I'll update the post with my final solution and config once I make it work.

brokenlcd OP , (edited )

I think I didn't explain myself the right way.

Computers from inside of Router B will access the server via it's IP. Nginx will only serve an HTML file with the links for them. Basically acting as a bookmark page for the IP:port combos. While anything from Router A will receive a landing page that has the subdomains, that will be resolved by pihole (exposed to the machines on Router A as an open port on router b) and will make them pass through the proxy.

So basically the DNS will only be used on machines from Router A, and the rules on nginx are just to give links to the reverse proxy if the machine is from router A (I.e. the connection is coming from 10.0.0.1 from the server's POV, or maybe the server name in the request. I'll have to mess with nginx), or the page with the raw IP of the server+ port of the service if coming from Router B.

router A is Unfortunately junk from my ISP, and it doesn't allow me to change the DNS. So I'll just add Router B ( and thus, the pihole instance that's on the server) as a primary dns, and an external one as a secondary DNS as fallback.

If you decide on doing the secondary local DNS on the server on Router B network, there is no need to loop back, as that DNS will maintain domain lookup and the requests on 10.0.0.x all internal to Router B network

Wouldn't this link to the 192.168.0.y address of router B pass through router A, and loop back to router B, routing through the slower cable? Or is the router smart enough to realize he's just talking to itself and just cut out `router A from the traffic?

brokenlcd OP , (edited )

No, the request would stop on Router B, and maintain all traffic, on the 10.0.0.* network it would not change subnets, or anything

OK perfect. That was my hiccup. I thought it was going to go the roundabout way and slow the traffic down. I was willing to Put in numbers (masking them with the landing page buttons) if it meant I wouldn't have to go needlessly through the slower cable. If the router keeps everything inside of it's own subnet if he realizes he's talking to itself then it's perfect.

Thanks for the help

brokenlcd OP ,

Don't worry. Lemmy is asynchronous after all. Instant responses aren't expected. Plus. I know life gets in the way :-).

It was basically a misconception I had about how the homelab router would route the connection

Basically with pihole set up. It routes servo.internal to 192.168.1.y, the IP of the homelab router. So when a machine from the inside of the homelab. On 10.0.0.*, connects to the server. It will refer to it via the 192.168.1.y IP of the router.

The misconception was that I thought all the traffic was going to bounce between the homelab router and the home router. Going through the horrendously slow LAN cable that connects them and crippling the bandwidth between 10.0.0.* machines and the server.

I wanted to setup another pihole server for inside of the homelab. So it would directly connect to the server on it's 10.0.0.* address instead of the 192.168.1.y. And not go and bounce needlessly between the two routers.

But apparently the homelab router realizes he's speaking to itself. And routes the data directly to the server. Without passing though the home router and the slower Ethernet. So the issue is nonexistent, and I can use one pihole instance with 192.168.1.y for the server without issue. (Thanks to darkan15 for explaining that).

While I do have my self-learned self-hosted knowledge, I'm not an IT guy, so I may be mistaken here and there.

I think most of us are in a similar situation. Hell. I weld for a living atm :-P.

However, I can give you a diagram on How it works on my setup right now and also gift you a nice ebook to help you setup your mini-CA for your lan :

The diagram would be useful. Considering that rn I'm losing my mind between man pages.

As for the book... I can't accept. Just give me the name/ISBN and I'll provide myself. Still. Thanks for the offer.

brokenlcd OP ,

i'm not sure if it's equivalent. but in the meantime i have cobbled up a series of commands from various forums to do the whole process, and i came up with the following openssl commands.

openssl genrsa -out servorootCA.key 4096

openssl req -x509 -new -nodes -key servorootCA.key -sha256 -days 3650 -out servorootCA.pem

openssl genrsa -out star.servo.internal.key 4096

openssl req -new -key star.servo.internal.key -out star.servo.internal.csr

openssl x509 -req -in star.servo.internal.csr -CA servorootCA.pem -CAkey servorootCA.key -CAcreateserial -out star.servo.internal.crt -days 3650 -sha256 -extfile openssl.cnf -extensions v3_req

with only the crt and key files on the server, while the rest is on a usb stick for keeping them out of the way.

hopefully it's the same. though i'll still go through the book out of curiosity... and come to think of it. i do also need to setup calibre :-).

thanks for everything. i'll have to update the post with the full solution after i'm done, since it turned out to be a lot more messy than anticipated...

brokenlcd ,

on the topic of music... the title of the post makes me think about one song in particular

brokenlcd ,

The only thing that comes to mind is sucking on candy to help with motion sickness. I've heard it once and i frankly doubt it works though.

brokenlcd ,

Huh. Good to know.
Never really had the problem since i figured out how to do it manually. ( i swallow and while i'm swallowing i open my jaw. Not sure if it will work for others. But it doesn't require anything special. Not even having to use your hands to plug your nose or similar)

brokenlcd ,

And then there' also my "how tf can i be creative if i have 0 imagination?"

brokenlcd ,

Well... Considering that salt renders soil infertile... Not that far off frankly