This is the way.

Depending on the nature of the sim, it could probably even be done with ~80 GB or less of existing SSD space using zram w/ zstd.

deleted by creator

Please tell me more, which firewall would you recommend that plays nice with Docker?

Firewalld

No NAT?

Another user in this thread suggested DMZing, so combine your advice with theirs and boom. It’s not uncommon, and it’s fine if you firewall the box yourself. Most people don’t knowingly choose to use a firewall that they don’t intend to work, like you would.

why would you copy paste a docker compose without reading it?

There’s more than one way to use docker. Spinning up an official mysql image using the official docker run OR docker compose calls suggested by the docs would start up a server wide open to the entire internet if DMZ’d.

Just to throw out an easy option: if the music is well-labeled on Youtube, you can get pretty close to that full suite with just yt-dlp by using --embed-thumbnail as a stand-in for album art, dumping your files with an “Artist - track - album” naming structure using the --output-template flag — then using an awk or python script as a second pass to add the artist/track/album names to each file as tags.

E: and in case it isn’t self-evident, you don’t have to give yt-dlp a URL for each track; it’ll work fine with a playlist URL.

Yt-dlp is the gold standard for that.

https://github.com/yt-dlp/yt-dlp

Tag cleanup and album art are their own beast that you’ll wanna tackle post-download, but beets is another gold standard tool that can help with that layer.

https://beets.io/

You shouldn’t suggest UFW at all then. There are other firewall options that can be used just fine with docker.

It does have real potential to cause issues, e.g. if OP were to put their server in DMZ mode on their router and later copy some docker setup instructions that don’t explicitly bind to localhost.

This is dangerous advice because docker is well-known for undoing UFW’s iptable rules. It’s mitigated by binding to localhost, but still way too easy for people to shoot themselves in the foot by using the two together.

No need to cargo-cult security practices here, chief. You’re not gonna get pwned by publishing your hardware specs. If you’re planning to build some kinda webapp for yourself, that’s a different story - but you have to fuck up hard to get hacked while hosting raw HTML.

Use an SSH key, disable password auth, make sure you’re firewalled (i.e. test with nmap), and call it a day.

Asserting that the state has no legitimate interest in using limited violence (i.e. tear gas) to execute lawful search and arrest warrants against heavily-armed, recalcitrant pedophiles is truly one of the takes of all time.

The Bundy standoff, the SLA, and the Waco Siege are categorically different from the firebombing of Philly or the Tulsa Massacre to anyone with a brain.

Is there a buried lede here? What’s noteworthy about an RC of a minor version release?

While I’m sure there’s a pre-canned tool out there for you, if you have basic software experience (which you seem to), this is one of those times where it’s usually most efficient to hack together a dumb CGI script and call it a day.

This prompt should get you most of the way there, using your llm of choice:

Write a minimalist cgi script to help upload files to a server. Upon a GET request, serve a light page with a centered form that takes in a file and a submission code. Submission codes will be stored on individual lines of a plaintext file. Adding new codes to this file is out of scope - but the codes will be 8-char hex strings (do validate that submission strings are not empty!). The script should accept the submission as a POST, and save the file to an upload dir if the submission code is valid.

Vet the output, harden as needed, setup a systemd service to serve with busybox httpd, and optionally reverse-proxy. If you’ve done this sorta thing before, you can probably knock it out in a half hour.

This is @Shimitar@downonthestreet.eu‘s work, not mine - but it’s pretty similar to how I’d set things up:

https://wiki.gardiol.org/doku.php?id=networking%3Assh_tunnel

This is a great suggestion!

Lest anyone miss the buried lede, this approach means that traffic is pre-encrypted as it passes through the gateway VPS - so even if your VPS gets hacked, it’s way harder to steal credentials and break into the services running on your home network.

If you’re looking for sympathy, you got it. Fuck the state.

If you’re looking for solutions, use a cheap $5/mo VPS that exists purely as your gateway host. Run everything you want on your home machines, then tunnel the traffic to your gateway and reverse-proxy it there. Your data stays in your hands, you can spin up and expose new services publicly in a matter of minutes, AND your home IP isn’t vulnerable to doxxing or DoS.

Object storage is indeed a specialized filesystem in a trenchcoat.

Object storage is typically (but not always) associated with non-hierarchical key-value lookups, as opposed to the directory tree pattern most file systems use. Object storage systems are also typically (but not always) designed with sharding and distribution in mind.

This is a Jellyfin problem; not a beets problem. You can easily solve it with beets config if you’d like to, though.

The distinction between what you want vs. what you’re getting is that Jellyfin is grouping by the “Artist” tag instead of the “Album Artist” tag. I haven’t touched Jellyfin in years, but look for a builtin setting or alternative view to group by album artist - you’ll almost certainly find it.

If you want to solve it in beets, you can do that through a custom script, the FtInTitle plugin, or a combo of the inline + advancedrewrite plugins. Remember to run a re-import on the Jellyfin side after making your tweaks to the beets pipeline to make your changes show up without duplication.

I was hoping to play around with the dataset over the weekend to toy with some text-embedding techniques, but they’ve pulled the cord on the download links.

Anyone have a copy of the full archive they’re willing to share, or a magnet link?

You are not hosting csam on purpose. And most likely try to moderate as good as possible.

Look up what “strict liability” means in a criminal law context.

That makes total sense. Tyvm for the transparency <3.

@admiralpatrick@lemmy.world The spam ban on the OP of this post seems heavyhanded (at least from the outside). Can you review or offer additional context?

E: this seems to (maybe) be the reason for anyone else wondering https://lemmy.world/post/29949200/17158534