If this is happening via a VPN you almost definitely already have transit encryption

A lot of people claiming advertising doesn’t work on them don’t grasp this. I realized how hard it is to get around this when I first went to buy car insurance.

For loops with find are evil for a lot of reasons, one of which is spaces:

$ tree
.
├── arent good with find loops
│   ├── a
│   └── innerdira
│       └── docker-compose.yml
└── dirs with spaces
    ├── b
    └── innerdirb
        └── docker-compose.yml

3 directories, 2 files
$ for y in $(find .); do echo $y; done
.
./are
t good with fi
d loops
./are
t good with fi
d loops/i

erdira
./are
t good with fi
d loops/i

erdira/docker-compose.yml
./are
t good with fi
d loops/a
./dirs with spaces
./dirs with spaces/i

erdirb
./dirs with spaces/i

erdirb/docker-compose.yml
./dirs with spaces/b

You can kinda fix that with IFS (this breaks if newlines are in the filename which would probably only happen in a malicious context):

$ OIFS=$IFS
$ IFS=$'\n'
$ for y in $(find .); do echo "$y"; done
.
./arent good with find loops
./arent good with find loops/innerdira
./arent good with find loops/innerdira/docker-compose.yml
./arent good with find loops/a
./dirs with spaces
./dirs with spaces/innerdirb
./dirs with spaces/innerdirb/docker-compose.yml
./dirs with spaces/b
$ IFS=$OIFS

But you can also use something like:

find . -name 'docker-compose.yml' -printf '%h\0' | while read -r -d $'\0' dir; do
      ....
done

or in your case this could all be done from find alone:

find . -name 'docker-compose.yml' -execdir ...

-execdir in this case is basically replacing your cd $(dirname $y), which is also brittle when it comes to spaces and should be quoted: cd "$(dirname "$y")".

Add SepiaSearch URL as default search index

I updated my weird wording but… you and they said something about the default [index] URL

If OP asked when global search was implemented the answer is 5 years ago. If they asked when SepiaSearch became the default index then sure, ChatGPT was wrong, but I’d bet they asked the first question

https://github.com/Chocobozzz/PeerTube/releases/tag/v2.3.0

ChatGPT is correct? The irony of people confidently asserting that ChatGPT is wrong, while being wrong, seems to be lost on the crowd here. Kinda makes you understand why ChatGPT is often so confident even when wrong.

In May 2020, Framasoft published a roadmap of the software for the later half of the year and created a fundraising campaign requiring €60,000 for aiding the development.[18] Five months later (in October 2020), PeerTube announced that they reached their fundraising goal of €60,000 after a €10,000 donation from Debian.[19][20] Throughout the later half of 2020, PeerTube has added features such as global search, improved playlists, and more moderation tools

End 2020, the meta-search engine Sepia Search was launched by Framasoft, allowing a global search on all PeerTube instances at once. As of 2021, Sepia Search covered close to 800 individual instances

https://en.m.wikipedia.org/wiki/PeerTube

https://github.com/Chocobozzz/PeerTube/releases/tag/v2.3.0

I don’t want to tell you one way or the other because it’s kinda dubious anyway, but if all services run as the same user the need for root is kinda moot when it comes to crossing between services or expanding the scope of an attack. Of course it is better than all things running as root, but if I popped a machine as some “low privilege” user that still had access to all running services I’m not sure I’d care so much about escalating to root.

Woah, no. Sure escaping via a kernel bug or some issue in the container runtime is unexpected, but I “escape” containers all the time in my job because of configuration issues, poorly considered bind mounts, or the “contained” service itself ends up being designed to manage some things outside of the container.

Might be valid to not consider it with the services you run, but that reasoning is very wrong.

It did give the right answer…

LXC is containerization. Both it and Docker are using the same kernel APIs.

I have no skin in this game, but IPs are definitely not anonymous data. Also there is a lot of great info out there about de-anonymizing seemingly random data. Interestingly enough, this is similar to the Netflix prize dataset that was one of the more famous ones. Maybe a good introduction to that would be https://www.schneier.com/blog/archives/2007/12/anonymity_and_t_2.html

Nobody is gonna be using a quantum computer to “crack email hashes” of Plex users in a few years… I’m not even sure there is a speedup to hash cracking with quantum computers.

But depending on the hashing algorithm used, it’s likely pretty easy to crack hashes of email addresses today with a normal computer. They’re not particularly high entropy.

I feel seen

Most Internet services don’t run at the scale of Reddit with its real time demands.

That was essentially my point. If Reddit can run on a weakly typed garbage collected language, so can Mbin :)

Weird take. The majority of internet services run on garbage collected language, and, apart from Go and most JVM based languages, those are typically not strictly typed. Reddit runs on Python.

Also I’m pretty sure PHP8 has JIT.

I travel a bunch and have lived abroad and I always consistently only ever miss breakfast restaurants/diners and breakfast foods.

Honestly I wouldn’t even go so far as home assistant. Do you have any IP cameras or just USB webcams? If you have IP cameras all you need is the VPN and then just access them as if you’re at home. If you only have USB webcams, you’re going to have to stream the content and I believe ffmpeg is actually capable of taking /dev/videoX and serving it over RTSP somehow, but I don’t remember exactly how. I see some references to it in some quick searches though. Maybe start here (some blog) or here (Stackoverflow question)?

Another thing to remember is that you’re going to be limited by your upload speed. If you’re not on fiber and in the US that’s likely going to be pretty bad, so set your resolution and the like accordingly.

Sorry about your cat. We typically have a Rover stop in to check on our cats when we’re gone for a bit; it’s nice to get them some human interaction and they always send pictures and give updates.

I personally have a camera setup inside that just streams to HomeAssistant so we can check on them ourselves when we’re out just for the weekend. I disconnect it when Rovers are stopping by though because I don’t want them to feel spied on. No need for anything fancy really, but if you really want NVR I just use Frigate (for other things, the cat camera really is just a stream). It’s free and open source and really easy to set up.

WireGuard is a very easy way to set up the access. My router has just the single WireGuard UDP port forwarded