My old LG SmartTV seems most reliable at playing mkv files but I think mp4 is pretty standard.

It’s very unlikely you are infected by anything unless you were using some crazy settings or addons, or unless you were hit by some extreme 0-day exploit that hasn’t become widespread yet. Firefox does not and normally cannot execute files it downloads automatically nor are videos a likely risk for remote code execution now that we have technologies like data execution prevention built into processors, if you’re attacked by malware it will rely on some other vector or trickery to get you to execute the file. I would expect that your performance issues are unrelated, but you should also check Firefox’s addons and extensions as well as your task manager startup tab to make sure nothing has obviously been installed without your knowledge.

One thing that sticks out at me is the fact that you only mention the file’s “title” and if you haven’t already you should make sure Windows Explorer is set up to ALWAYS show full file extensions, that’s like a basic safety measure that really should be on by default but isn’t, and it’s really mandatory if you’re messing around on the darker parts of the web. You have to know what kind of file extension it is because that affects what Windows is going to do with it, and when it’s supposed to be one thing and Windows is going to do something different with it that’s a huge red flag that it’s malware trying to trick you into running it.

You can upload the file to virustotal if you want to scan it but it doesn’t sound likely that it even ran unless you did something bad by accident.

This looks less intimidating than Authentik. Any guides on getting it set up with any common self-hosted stuff?

I find it hard to accept Clippy as being too friendly and nonthreatening to adequately demonstrate my unfathomable rage towards technology companies.

Looks really nice and seems like it should be a great foundation for future development. Personally I can’t lose Nextcloud until there are sufficiently featureful and reliable clients for Linux, Windows, Android that synchronize a local copy and help manage the inevitable file deconfliction (Nextcloud Desktop only barely qualifies at this, but it does technically qualify and that represents the minimum viable product for me). I’m not sure a WebDav client alone is enough to satisfy this criteria, but I am not going to pretend I am actually familiar with any WebDav clients so maybe they already exist.

You’re on the right track. Like everything else in self-hosting you will learn and develop new strategies and scale things up to an appropriate level as you go and as your homelab grows. I think the key is to start with something immediately achievable, and iterate fast, aiming for continuous improvement.

My first idea was much like yours, very traditional documentation, with words, in a document. I quickly found the same thing you did, it’s half-baked and insufficient. There’s simply no way to make make it match the actual state of the system perfectly and it is simply inadequate to use English alone to explain what I did because that ends up being too vague to be useful in a technical sense.

My next realization was that in most cases what I really wanted was to be able to know every single command I had ever run, basically without exception. So I started documenting that instead of focusing on the wording and the explanations. Then I started to feel like I wasn’t capturing every command reliably because I would get distracted trying to figure out a problem and forget to, and it was duplication of effort to copy and paste commands from the console to the document or vice versa. That turned into the idea of collecting bunches of commands together into a script, that I could potentially just run, which would at least reduce the risk of gaps and missing steps. Then I could put the commands I wanted to run right into the script, run the script, and then save it for posterity, knowing I’d accurately captured both the commands I ran and the changes I made to get it working by keeping it in version control.

But upon attempting to do so, I found that just a bunch of long lists of commands on their own isn’t terribly useful so I started to group all the lists up, attempting to find commonalities by things like server or service, and then starting organize them better into scripts for different roles and intents that I could apply to any server or service, and over time this started to develop into quite a library of scripts. As I was doing this organizing I realized that as long as I made sure the script was functionally idempotent (doesn’t change behaviors or duplicate work when run repeatedly, it’s an important concept) I can guarantee that all my commands are properly documented and also that they have all been run – and if they haven’t, or I’m not sure, I can just run the script again as it’s supposed to always be safe to re-run no matter what state the system is in. So I started moving more and more to this strategy, until I realized that if I just organized this well enough, and made the scripts run automatically when they are changed or updated, I could not only improve my guarantees of having all these commands reliably run, but also quickly run them on many different servers and services all at once without even having to think about it.

There are some downsides of course, this leaves the potential of bugs in the scripts that make it not idempotent or not safe to re-run, and the only thing I can do is try to make sure they don’t happen, and if they do, identify and fix these bugs when they happen. The next step is probably to have some kind of testing process and environment (preferably automated) but now I’m really getting into the weeds. But at least I don’t really have any concerns that my system is undocumented anymore. I can quickly reference almost anything it’s doing or how it’s set up. That said, one other risk is that the system of scripts and automation becomes so complex that they start being too complex to quickly untangle, and at that point I’ll need better documentation for them. And ultimately you get into a circle of how do you validate the things your scripts are doing are actually working and doing what you expect them to do and that nothing is being missed, and usually you run back into the same ideas that doomed your documentation from the start, consistency and accuracy.

It also opens an attack vector, where somebody gaining access to these scripts not only gains all the most detailed knowledge of how your system is configured but also the potential to inject commands into those scripts and run them anywhere, so you have to make sure to treat these scripts and systems like the crown jewels they are. If they are compromised, you are in serious trouble.

By now I have of course realized (and you all probably have too) that I have independently re-invented infrastructure-as-code. There are tools and systems (ansible and terraform come to mind) to help you do this, and at some point I may decide to take advantage of them but personally I’m not there yet. Maybe soon. If you want to skip the intermediate steps I did, you might even be able to skip directly to that approach. But personally I think there is value in the process, it helps defining your needs and building your understanding that there really isn’t anything magical going on behind the scenes and that may help prevent these tools from turning into a black box which isn’t actually going to help you understand your system.

Do I have a perfect system? Of course not. In a lot of ways it’s probably horrific and I’m sure there are more experienced professionals out there cringing or perhaps already furiously warming up their keyboards. But I learned a lot, understand a lot more than I did when I started, and you can too. Maybe you’ll follow the same path I did, maybe you won’t. But you’ll get there.

Nextcloud is just really slow. It is what it is, I don’t use it for any things that are huge, numerous, or need speed. For that I use SyncThing or something even more specialized depending on what exactly I’m trying to do.

Nextcloud is just my easy and convenient little dropbox, and I treat it like it’s an oldschool free dropbox with limited space that’s going to nag me to upgrade if I put too much stuff in it. It won’t nag me to upgrade, but it will get slow. So I just don’t stress it out. So I only use it to store little convenience things that I want easy access to on all my machines without any fuss. For documents and “home directory” and syncing my calendars and stuff like that it’s great and serves the purpose.

I haven’t used Seafile. Features sound good, minus the AI buzzword soup, but it looks a little too corporate-enterprisey for me, with minimal commitment to open source and no actual link to anything open source on their website, I don’t doubt that it exists, somewhere, but that raises red flags for potential future (if not in-progress) enshittification to me. After eventually finding their github repo (with no help from them) I finally found a link to build instructions and… it’s a broken link. They don’t seem to actually be looking for contributions or they’re just going through the motions. Open source “community” is clearly not the target audience for their “community edition”, not really.

I’ll stick to SyncThing.

According to the protocol they share (ActivityPub) communities and hashtags are essentially the same thing, they’re a grouping containing many posts. Typing out a hashtag is how you tell Mastodon to add your post to that “hashtag group” (and you can add your post to multiple hashtags). In Lemmy, the community you post in IS the group (and you can cross-post it to multiple communities). The result is the same. They’re the same thing, just different ways of connecting your posts into them, and displayed in very different ways depending on which part of the Fediverse you’re using.

Sounds like you’re doing fine to me. The stakes are indeed higher, but that is because what you’re doing is important.

As the Bene Gesserit teaches: I must not fear. Fear is the mind-killer. Fear is the little-death that brings total obliteration. I will face my fear.

Make your best effort at security and backups, use your fears to inform a sober assessment of the risks and pitfalls, and ask for help when you need to, but don’t let it stop you from accomplishing what you want to. The self-hosting must flow.

Hey don’t make fun of him too much, he might have to buy another yacht to make himself feel better.

Me too. At least with Temu and Wish I know the majority of my money is going directly to some crook in China and not to Bezos. Cut out the extra middleman. Same low quality of goods, direct from the drop-shipper lying about them or perhaps even the factory counterfeiting them. It’s a substantial improvement in supply chain honesty and legitimacy, you’re left with no illusions about the products and all the reviews are fake, so it’s deeply refreshing to not have to try to figure any of it out. It’s always 100% consistent. You know exactly what to expect, with no worry you’re accidentally going to overpay for something you think is genuine and receive a box full of rocks that’s obviously been opened, stolen and returned, nah not on these sites. You’ll get exactly what’s pictured (not to scale necessarily, though). Way more reliable than Amazon.

Not sure if you’re being sarcastic, but I want to emphasize that whether you mean it that way or not, it’s true. Each person helping and participating makes the work a little easier and success a little closer. A movement requires leaders and builders, certainly, and those people are often doing a lot of heavy lifting. But it also simply requires members, and numbers, and people just showing up. Your support, simply just being here, means more than you might know.

The AI designed this test plan and gave a bullet pointed list of reasons it’s completely safe. What could possibly go wrong?

Your idea certainly has some interesting potential, but I think the biggest problem you might find is that it might clog up quickly or dull and lose its abrasiveness and thus be even more quickly disposable (and thus cost-inefficient) than sandpaper already is. That might not be a deal-breaker, if it enables some particular method that you can come up with, like what you mentioned with the chess piece, but I doubt it’s going to be useful as, or cheaper than, a direct replacement for sandpaper or sanding blocks on a larger scale. Yes, a continuous stream of fiber-infused filament is certainly great at sanding away at a nozzle, but that is mostly all fresh filament right off the roll, inch after inch and layer after layer of it, the nozzle is the piece that’s there continuously enduring the relentless abuse, but it rarely sees the same bit of plastic touch it more than a handful of times.

If you try to use the same bit of plastic that’s already sanded its way through a nozzle it may have lost some of its abrasiveness already, but even if it hasn’t I would still be concerned that it might lose its abrasiveness quickly under actual use as an abrasive, it might be difficult to clear out removed material, it might have a lot of friction and heat up, potentially even to the point of localized softening of the surface, allowing any fibers to be flattened or pushed back into the plastic and smoothing the surface. Lots of things are great abrasives in theory, but don’t have any practical use. Sandpapers and polishes are specifically selected to be as cheap and durable as they can be for the job they’re trying to do.

However it is certainly an interesting idea, and worth trying. I’m curious to find out how it performs. Let us know how it goes! Worst-case scenario, using a printed design to make obscure, form-fitting shapes for other abrasives to be applied to seems like an under-utilized application for 3d printing.

It is a perfectly valid approach, and there are also many other perfectly valid approaches. “Better” requires a definition of what you want to be better. If there’s something that’s making you uncomfortable about the process, let us know what concern or issue you’re seeing with it and maybe we can guide you to a better way for you. But there’s nothing wrong with the way they’re doing it. Others may have different preferences (including you, YOU might have different preferences!) but they’re just preferences. It’s not right or wrong, even if some people argue that it is, they’re always going to have some preferences embedded in that judgement. There’s always more than one way to do it. That’s the joy of it, really, and sometimes you’ll have to experiment yourself to find out what ways YOU like the best, that make sense to you, that are comfortable for you, or that do things the way you want to do them.

It’s your own self-hosting setup, you get to make the choices. Sometimes the number of choices can be intimidating and lead to analysis paralysis but the only way out of that is to realize that there really is no way of finding the “best” until you’ve tried many different ways and figured out the “best” yourself. That’s why the only real advice I can give you is to just go through the tutorial you’ve found and do it the way they do it for now. You can change later, as you learn more, when not if you decide you want to do something differently. Because you will. We all do. It’s part of the process.

I agree that the open source package dependency situation in many popular languages and ecosystems has gotten way out of hand. Well, at least my addiction to reinventing almost every wheel myself and self-hosting my own cobbled together infrastructure which has permanently afflicted me with chronic not-invented-here syndrome aren’t feeling like such a crippling disability anymore. Maybe it’s not always such a bad thing in every situation.

As a veteran of gaming on Linux for several years, I have to admit I keep a small collection of various usb bluetooth dongles, because honestly, built-in bluetooth support still remains questionable and unreliable in many cases, at least for me and the systems I use it on. I don’t necessarily blame Linux as much as I blame the manufacturers of the chips and devices, but unfortunately we have to live with the chaos that their reverse-engineered-firmware-reliant devices create. Any cheapass bluetooth dongle is probably fine, the cheaper and more ubiquitous it is, the more likely it uses the same shitty chinese chip that all the others use and that a bunch of someones already hammered out drivers for, but honestly even with multiple different models and brands it still seems like a crapshoot which one feels like working properly at any given time, but usually one or the other will work and get things to connect, and it’s usually perfectly reliable once all the drivers have loaded and it’s all paired up and things start working. The struggle is real, though.

Its wireless is much more compatible, supporting several different connection methods for use with different proprietary systems, and is just generally a better and more capable device. They’re worth every penny, IMHO. 8bitdo’s quality changed my opinion on gaming controllers that had developed after years of being frustrated by cheap, wonky, second-rate, third-party garbage controllers like MadCatz and Logitech that used “features” to cover for the fact that they were cheaply made, overpriced, and deeply inferior. 8bitdo controllers are the only ones I trust anymore. Even Nintendo apparently can’t be trusted to make quality controllers for their own systems anymore. But 8bitdo can.

Why would you conclude that a subscription based model makes them immune from corrupt financial incentives? Quite the opposite. That’s my whole point.

Up-selling and cross-selling. It’s just business. Who’s ever going to pay $25/month if the $5/month plan does everything anyone ever possibly needs? Their lowest level pricing model relies on making you anxious about running out of searches eventually, not finding everything you need within that window each month, and not having effective enough tools to find what you need at the basic level. You may personally reject that you need anything more than the basic plan, but the company’s financial incentive is to convince you of the opposite, and don’t think for a second that they’re not eventually going to try to convince you that you need to upgrade. It may seem like $5/month and $25/month are not that far apart, but multiply that across some arbitrary number of users, say, 100,000, and you’re talking about $2 million dollars PER MONTH of potential revenue on the table. And there’s no guarantee they’re not going to eventually start pushing even more expensive products and plans.

They have partnerships with other businesses too, and while those seem like nice enough businesses on the surface, they’re still businesses and they are going to have motivation to find ways to drive traffic and prime you to get subscriptions to them too. The problem is not that these partnerships exist or that there’s anything wrong with them, it’s that they’re another corrupting influence when money is involved and changing hands.

To be clear, I’m not saying anyone involved is evil, that they’re actively doing this now, that they are even necessarily moving in this direction, or that they’re even slightly corrupt at all… yet, but they’re swimming in the corrupting waters of subscription-based dark patterns and they can’t help but be influenced by them. The lust for profits will inevitably drive them mad. It always does. Enshittification does not make exceptions for good intentions.