bjornsno Now • 100%
I've been punched before, complete blind violence. The difference is that being punched didn't kill me. The fear of getting shot in America is not irrational. Again refer to the page full of statistics in my previous comment.
bjornsno Now • 100%
None of what you just said is true. Starting here
Just to be clear, walking into a room that has a gun in it doesn't magically make you more likely to get shot.
That's nonsense, obviously there's an increased probability with strict causation between being around guns and getting shot.
If you're in a place where legal gun owners are, and where illegal gun owners are unlikely to be (or at least unlikely to cause problems in)
You seem to be pretending that "good guys with guns deter bad guys with guns". I invite you to provide any source that backs this up. This is an American myth, and from outside it's obvious that the presence of "good guys" with guns just make the criminal elements more likely to arm themselves. It also is increasingly obvious that a very large portion of the self proclaimed good guys are in fact also bad people just itching for an excuse.
bjornsno Now • 100%
Ok, I don't agree, it should be up to and including the amount of force necessary to incapacitate whoever is threatening your life. Stun gun and handcuffs yes, handgun no.
Btw the way you drew a false comparison between my argument and road safety is called false equivalence and is an informal fallacy, while we're discussing each other's debating techniques rather than addressing the points made.
bjornsno Now • 100%
You've done your division twice there, it seems. The ~45000 is the number after you take away the suicides.. So pretty much 1/2000, so I guess I was pretty close.
Of course the only correct number of gun deaths among civilians is 0, do you disagree with that? As for your comparison to vehicular deaths, let's remember the context here. The question is whether or not I feel safer in a place that doesn't allow guns or one that does. So you should really be asking if I think it's better to walk on the sidewalk or in the road shared with cars. Of course I might still get hit by a car on the sidewalk, but where would you feel safer?
bjornsno Now • 50%
Don't know why you were down dooted, that's absolutely true and exactly how I feel, and how everyone I've talked to about copilot feels.
bjornsno Now • 100%
The question was whether or not a sign saying guns not allowed at a mall would make me feel more safe there. I would see them, I might bump into them, it's a mall. The argument that most of them are sane and reasonable doesn't reassure me much when we're talking about people with a magic kill button.
bjornsno Now • 100%
Look are you really trying to argue that the amount of people with guns in my vicinity is irrelevant to my chances of getting shot?
bjornsno Now • 100%
Fair enough, though a person with a gun is much more likely to shoot me than a person without a gun. Any measure to reduce the amount of people in my vicinity carrying guns has my full support. If 1/1000 (number pulled out of my ass obviously) gun owners end up shooing someone, and you reduce the amount of people around me carrying guns from 1000 to 10, you've just dramatically increased my statistical probability of living a full life.
I actually looked and couldn't find the murder rate in the population of gun owners with basic googling but the actual number doesn't matter when it's being compared to 0.
bjornsno Now • 100%
Currently live in the Republic of Ireland and I have no idea what you're talking about? Were you here on Saint Patrick's Day? There's a significant amount of Palestinian flags in windows here for pretty obvious reasons but other than that I don't think I've seen a flag since, again, Paddy's day.
bjornsno Now • 100%
The sign actually would give me an increased sense of security yeah.
Obviously a lunatic out to do a mass shooting would disregard the sign but your average gun wielder might be offended and take their business elsewhere – and statistically that's the one who's more likely to shoot me. That's my logic as a Norwegian who's lived there for just a year anyway.
bjornsno Now • 100%
I'm between The Black Parade (the album) by My Chemical Romance, an alt rock opera masterpiece imo, and Hamilton, the Broadway cast recording. I feel like the former might not work as well when removed from its time, but I bet it still would blow my mind.
bjornsno Now • 100%
This is exactly what happens. Actually the whole Wayland/xorg thing is not necessary, simply exiting a Wayland session and starting a new one will probably have the same effect, might depend on compositor. But it doesn't help knowing that it's the cause, I've known it for years, no closer to a solution. Obviously closing the tmux session and starting over is a "fix" in the same way that turning the machine off and on again is a fix. Kinda defeats the purpose of persistent tmux sessions.
bjornsno Now • 93%
Have you tried kitty? It's seriously nice if you can live with the occasional "oh no I sshed to a server that doesn't have the correct terminfo files and now none of the normal terminal navigation features work"
bjornsno Now • 100%
Pretty good, getting used to working from home while taking care of a newborn. It's tough but becoming manageable.
bjornsno Now • 100%
Hey congrats! Is No Mans Sky good? I liked it originally but got bored, and it looked to me like all the updates were about combat, which I don't care about and would rather avoid.
bjornsno Now • 100%
This doesn't really install it, though, you can't update or permanently edit and config, set up users, or anything like that. I would guess OP wants something more like booting the ISO in a VM, allocating a thumb drive to that VM, and then installing a full system to it with a boot loader.
bjornsno Now • 83%
My cat is starting to accept that my newborn is not going anywhere, and has returned to the land of the living room to chill with us. He's an extremely timid gentleman so he always runs outside at the first sign of a cry, but progress is still very promising!
bjornsno Now • 100%
If I may ask, why do we want to enable tearing now? There are pages and pages across the wikis on how to fix tearing...
bjornsno Now • 100%
Help I'm destitute, what should I do? Step one: buy Bitcoin.
bjornsno Now • 100%
Imo it's only a tool to understand and explain situations, not so much a tool to solve problems. Definitely understanding the forces that make up the conflict might help you solve a problem, but the solution will depend on what kind of forces are involved.
Hello self hosters! I am hoping some of you wizards can help me troubleshoot my setup with authentik and traefik. First about my setup. I have a synology nas that is running a docker compose stack. Synology is notoriously bad at keeping their docker version fresh, but hopefully that isn't relevant to this issue. I'm running traefik for reverse proxy, and authentik for auth. In authentik land I've split the outpost work into its own container, named authentikproxy. Any request to a service with the `authentik-basic@file` or `authentik@file` middleware labels applied should be routed through the authentikproxy service for auth. If it detects that one isn't authed, it will in turn send you to the authentik frontend for SSO. The issue is that authentik randomly stops working for random routes, or randomly fails to start working for random routes. Every time this happens I need to restart my authentikproxy and traefik containers over and over until it randomly decides to work for all my routes. When this happens I am just sent straight to the app unauthenticated. I'll have to either input http basic credentials or use the app's login page, whichever it has. I have found nothing in the logs after months of this going on, neither authentik nor traefik seem to be aware that anything is amiss. I suspect the issue is to do with the docker networks but that's honestly just a hunch. My docker-compose file is hundreds of lines long, so I've stripped environment and volume info while preserving traefik labels to try to keep the info more or less concise. It is certainly still too much info but I did not want to accidentally delete something crucial. Here follows my setup. docker-compose.yml ```yml services: traefik: profiles: - prod container_name: traefik image: traefik:v2.11 command: - "--entrypoints.websecure.http.tls.domains[0].main=${BASE_DOMAIN}" - "--entrypoints.websecure.http.tls.domains[0].sans=*.${BASE_DOMAIN}" volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - ./traefik/middlewares.yml:/app/myconf/middlewares.yml - ./traefik/traefik.yml:/traefik.yml restart: unless-stopped networks: default: aliases: # Allow xcontainernet services to resolve authentik - "authentik.${BASE_DOMAIN-home}" ports: - 80:80 - 443:443 labels: - "traefik.enable=true" - "traefik.http.middlewares.redirectssl.redirectscheme.scheme=https" - "traefik.http.routers.traefik.rule=Host(`traefik.${BASE_DOMAIN-home}`)" - "traefik.http.routers.traefik.middlewares=redirectssl@docker" - "traefik.http.routers.traefiksecure.rule=Host(`traefik.${BASE_DOMAIN-home}`)" - "traefik.http.services.traefik.loadbalancer.server.port=8080" transmission: image: lscr.io/linuxserver/transmission container_name: transmission labels: - "traefik.enable=true" - "traefik.http.routers.torrents.rule=Host(`torrents.${BASE_DOMAIN-home}`)" - "traefik.http.routers.torrents.middlewares=redirectssl@docker" - "traefik.http.routers.torrentssecure.rule=Host(`torrents.${BASE_DOMAIN-home}`)" - "traefik.http.routers.torrentssecure.entrypoints=websecure" - "traefik.http.routers.torrentssecure.middlewares=authentik@file" sabnzbd: image: lscr.io/linuxserver/sabnzbd container_name: sabnzbd labels: - "traefik.enable=true" - "traefik.http.routers.nzb.rule=Host(`nzb.${BASE_DOMAIN-home}`)" - "traefik.http.routers.nzb.middlewares=redirectssl@docker" - "traefik.http.routers.nzbsecure.rule=Host(`nzb.${BASE_DOMAIN-home}`)" - "traefik.http.routers.nzbsecure.entrypoints=websecure" - "traefik.http.routers.nzbsecure.middlewares=authentik@file" - "traefik.http.services.nzb.loadbalancer.server.port=8080" sonarr: image: ghcr.io/linuxserver/sonarr:latest container_name: sonarr labels: - "traefik.enable=true" - "traefik.http.routers.sonarr.rule=Host(`sonarr.${BASE_DOMAIN-home}`)" - "traefik.http.routers.sonarr.middlewares=redirectssl@docker" - "traefik.http.routers.sonarrsecure.rule=Host(`sonarr.${BASE_DOMAIN-home}`)" - "traefik.http.routers.sonarrsecure.entrypoints=websecure" - "traefik.http.routers.sonarrsecure.middlewares=authentik-basic@file" - "traefik.http.services.sonarr.loadbalancer.server.port=8989" radarr: image: ghcr.io/linuxserver/radarr:latest container_name: radarr labels: - "traefik.enable=true" - "traefik.http.routers.radarr.rule=Host(`radarr.${BASE_DOMAIN-home}`)" - "traefik.http.routers.radarr.middlewares=redirectssl@docker" - "traefik.http.routers.radarrsecure.rule=Host(`radarr.${BASE_DOMAIN-home}`)" - "traefik.http.routers.radarrsecure.entrypoints=websecure" - "traefik.http.routers.radarrsecure.middlewares=authentik-basic@file" - "traefik.http.services.radarr.loadbalancer.server.port=7878" readarr: image: lscr.io/linuxserver/readarr:nightly container_name: readarr labels: - "traefik.enable=true" - "traefik.http.routers.readarr.rule=Host(`readarr.${BASE_DOMAIN-home}`)" - "traefik.http.routers.readarr.middlewares=redirectssl@docker" - "traefik.http.routers.readarrsecure.rule=Host(`readarr.${BASE_DOMAIN-home}`)" - "traefik.http.routers.readarrsecure.entrypoints=websecure" - "traefik.http.routers.readarrsecure.middlewares=authentik-basic@file" - "traefik.http.services.readarr.loadbalancer.server.port=8787" bazarr: image: ghcr.io/linuxserver/bazarr:latest container_name: bazarr labels: - "traefik.enable=true" - "traefik.http.routers.bazarr.rule=Host(`bazarr.${BASE_DOMAIN-home}`)" - "traefik.http.routers.bazarr.middlewares=redirectssl@docker" - "traefik.http.routers.bazarrsecure.rule=Host(`bazarr.${BASE_DOMAIN-home}`)" - "traefik.http.routers.bazarrsecure.entrypoints=websecure" - "traefik.http.routers.bazarrsecure.middlewares=authentik-basic@file" - "traefik.http.services.bazarr.loadbalancer.server.port=6767" prowlarr: image: lscr.io/linuxserver/prowlarr:latest container_name: prowlarr labels: - "traefik.enable=true" - "traefik.http.routers.prowlarr.rule=Host(`prowlarr.${BASE_DOMAIN-home}`)" - "traefik.http.routers.prowlarr.middlewares=redirectssl@docker" - "traefik.http.routers.prowlarrsecure.rule=Host(`prowlarr.${BASE_DOMAIN-home}`)" - "traefik.http.routers.prowlarrsecure.entrypoints=websecure" - "traefik.http.routers.prowlarrsecure.middlewares=authentik-basic@file" - "traefik.http.services.prowlarr.loadbalancer.server.port=9696" jellyfin: image: linuxserver/jellyfin:latest container_name: jellyfin networks: default: xcontainernet: ipv4_address: 192.168.0.201 labels: - "traefik.enable=true" - "traefik.http.routers.jellyfin.rule=Host(`tv.${BASE_DOMAIN-home}`)" - "traefik.http.routers.jellyfin.middlewares=redirectssl@docker" - "traefik.http.routers.jellyfinsecure.rule=Host(`tv.${BASE_DOMAIN-home}`)" - "traefik.http.routers.jellyfinsecure.entrypoints=websecure" - "traefik.http.services.jellyfin.loadbalancer.server.port=8096" authentikserver: image: ghcr.io/goauthentik/server:2024.2.2 command: server depends_on: - postgresql - redis labels: - "traefik.enable=true" ## HTTP Routers - "traefik.http.routers.authentik.rule=Host(`authentik.${BASE_DOMAIN-home}`)" - "traefik.http.routers.authentik.entrypoints=web" - "traefik.http.routers.authentik.middlewares=redirectssl@docker" - "traefik.http.routers.authentiksecure.rule=Host(`authentik.${BASE_DOMAIN:-home}`)" - "traefik.http.routers.authentiksecure.entrypoints=websecure" ## HTTP Services - "traefik.http.routers.authentiksecure.service=authentik-svc" - "traefik.http.services.authentik-svc.loadbalancer.server.port=9000" authentikproxy: image: ghcr.io/goauthentik/proxy:2024.2.2 labels: - "traefik.http.routers.authentik-proxy-outpost.rule=HostRegexp(`{subdomain:[a-z0-9-]+}.${BASE_DOMAIN:-home}`) && PathPrefix(`/outpost.goauthentik.io/`)" - "traefik.http.routers.authentik-proxy-outpost.entrypoints=websecure" - "traefik.http.services.authentik-proxy-outpost.loadbalancer.server.port=9000" immich-server: container_name: immich_server image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release} depends_on: - redis - immich-database labels: - "traefik.enable=true" - "traefik.http.routers.immich.rule=Host(`photos.${BASE_DOMAIN-home}`)" - "traefik.http.routers.immich.middlewares=redirectssl@docker" - "traefik.http.routers.immichsecure.rule=Host(`photos.${BASE_DOMAIN-home}`)" - "traefik.http.routers.immichsecure.entrypoints=websecure" - "traefik.http.services.immich.loadbalancer.server.port=3001" networks: default: ipam: config: - subnet: 172.22.0.0/24 xcontainernet: name: xcontainernet driver: macvlan driver_opts: parent: eth0 ipam: config: - subnet: "192.168.0.0/24" ip_range: "192.168.0.200/29" gateway: "192.168.0.1" ``` traefik/traefik.yml ```yml providers: docker: exposedByDefault: false network: homeservices_default file: directory: /app/myconf watch: true entryPoints: web: address: ":80" websecure: address: ":443" http: tls: certResolver: dnsresolver ``` traefik/middlewares.yml ```yml http: middlewares: https-redirect: redirectScheme: scheme: https permanent: true authentik-basic: forwardAuth: address: "http://authentikproxy:9000/outpost.goauthentik.io/auth/traefik" trustForwardHeader: true authResponseHeaders: - Authorization authentik: forwardAuth: address: "http://authentikproxy:9000/outpost.goauthentik.io/auth/traefik" trustForwardHeader: true authResponseHeaders: - X-authentik-email - X-authentik-groups - X-authentik-jwt - X-authentik-meta-app - X-authentik-meta-jwks - X-authentik-meta-outpost - X-authentik-meta-provider - X-authentik-meta-version - X-authentik-name - X-authentik-uid - X-authentik-username ```
Hello nerds! I'm hosting a lot of things on my home lab using docker compose. I have a private repo in GitHub for the config files. This is working fine for me, but every time I want to make a change I have to push the changes, then ssh to the lab, pull the changes, and run `docker compose up`. This is of course working fine, but I want to automate it. Does anyone have a similar setup and know of a good tool? I know I could use watchtower to update existing images, but this is more for if I change a setting or add a new service. I've considered roughly four approaches. 1. A new container that mounts the whole running directory and the docker socket. It will register a webhook in GitHub to receive notifications when I push to the repo, run git pull and docker up. My worries here are the usual dind gotchas. 2. Same as 1, but don't mount anything, instead ssh from container to host and run the steps there. This solves any dind issues, but I don't love giving the container an ssh key to the host. 3. Have a service running on the host outside of docker. This is probably the correct approach, but very annoying since my host is a Synology nas and it doesn't have systemd or anything like that afaik. 4. Have a GitHub action ssh to the machine and do the steps. Honestly the easiest way but I would prefer to not open ssh to the internet. Any feedback or tips are much appreciated. I don't feel like any of my options are very good and I feel like I am probably missing something obvious.
I have two ways to supposedly "clear read" posts when viewing a community, however doing so has no effect. I've got the app set up to hide read posts, so clearing read posts should let me see the ones that were previously hidden but that does not happen. My only way to see those posts now is to open the community in a web browser.