I agree with you on proxy.
For hub I am not sure, that sounds a bit more mainstream to me, with the caveat that English is not my mother tongue. That gives a nice image that an instance is basically an access hub to a whole universe of data.
I agree with you on proxy.
For hub I am not sure, that sounds a bit more mainstream to me, with the caveat that English is not my mother tongue. That gives a nice image that an instance is basically an access hub to a whole universe of data.
Instance are far from being simple proxies. While instances can act as proxies for other instances, the aim is to have each instances to have their own communities and be somewhat self sufficient. If you remove the federation, Lemmy (and other fediverse software) still work, it’s just that it is more difficult in that case to reach a critical mass of users.
Sorry, my autocorrect changed its into it’s.
Tailscale surprisingly was the fastest, even faster than plain Wireguard, despite being userspace. But it also consumed more memory (245 MB after the iperf3 test!) and CPU.
Do we know if this is a variation due to the test protocol or Tailscale is using wireguard with specific settings to improve, slightly, its speed?
With Tailscale and other mesh VPN, by default all your machines are client and servers. If you have 3 machines A, B and C, when machine A wants to send something to B it will connect to the server that B has.
These mesh VPN have a central server that is used to help with the discovery of the members, manage ACLs, and in the case one machine is quite hidden and not direct network access can be done act as a relay. Only in that last case do the traffic go through the central server, otherwise the only thing the central server knows is that machine A requested to talk to machine B.
You still have to trust them if you want to use their server, but you can also host your own server (headscale for Tailscale). Though at this point you still need to somewhat trust Tailscale anyway since they re the ones doing the client releases. They could absolutely insert a backdoor and it would work for a while until is is discovered and would then totally ruin their reputation.
One thing to keep in mind is that the websocket sync is not straightforward to set up with vaultwarden and the proxy. If you don’t have it working, then your client does not necessarily sync on every change.
Maybe this is related to this, with sync not being performed by the client you were using for modification?
If you are in an enterprise environment, it is easier to sell Ubuntu - at least there is a company that can provide support for it behind. Companies want to make sure someone is on the hook to fix an issue that would be blocking to them, and this is much harder with something like Debian.
That’s why Red Hat is used that much in companies, and what Canonical main revenues are coming from.
But as a selfhoster, I use Debian by default for my servers. Only if there is a very specific need for Ubuntu would I switch, and I am frankly tired of the Snap shenanigans on my desktop (thinking of migrating to PopOS or KDE Neon).
We lose the communities from that instance, yes. And that’s why people want to make sure you don’t have one dominant instance on the threadiverse. But frankly that issue will be there unless you have a fully decentralised system.
That being said, other instances will have a cache of the activities happening on this other instance. You can then fairly easily recreate it from this cache, and if you have a lot of storage, can also have a limitless cache.
I don’t know if there is any specific utilities for that. You can always export your settings and reimplement them in lldap: this should be doable with a python script.
I never really understand why LDAP was so complicated. There must be needs in big setups that I am aware of but strangely I always found it not intuitive.
Yes, same for me. On android DAVx5 is perfect, and on MacOS, iOS there is native support. For Linux and Windows, your mileage may vary (fairly easy on Linux but very different variations and some require additional software).
It supports a proper sync (my wife’s shared events do show up on my phone and I can modify them there) and the address book is specific to each user by default, but you can create shared address books as well. Again, that is synced two ways.
For LDAP, by default nextcloud only reads it. But you can enable LDAP writing as well.
I do this with nextcloud (and lldap for the user management). Though that could probably be overkill for just contacts and calendars.
If you use the linuxserver.io image, as of last month yes. They migrated to everything updated through the docker container.
I’ll provide an ELI5, though if you actually want to use it you’ll have to go beyond ELI5.
You contact a web service via a combination of IP address and port. For the sake of simplicity, we can assume that domain name is equivalent to IP address. You can then compare domain name/port with street name/street number: you need both to actually find someone. By default, some street numbers are really standard, like 443 is for regular encrypted connection. But you can have any service on any street number, it’s just less nice and less standard. This is usually done on closed networks.
Now what happens if you have a lot of services and you want all of them reachable at address 443? Well basically you are now in the same situation as a business building with a lobby. Whenever you want to contact a service, you go to 443, ask the reception what floor they are in, and they will direct you there. The reception desk is your proxy: just making sure you talk to the right people.
To be fair, I am sure many people also have multiple accounts on the same instance. I am not sure what is the proportion between people opening accounts for backup like you and people just wanting alt accounts.
I have been using Bookstack, I like it though it is missing a few features I would love: