robin

joined 1 year ago
 

Hi. I'm thinking about switching to Linux on my smartphone. The only reason I can't is because in my country WhatsApp is everywhere and I'm expected to have it for various school/sport things. I'd like to setup whatsapp on my laptop, but I don't know how.

I know WhatsApp Web and Desktop exist, but in the past you needed to log in to your phone at least once a month for the web session to keep working. Is it that still the case?

Or can I just log in from Android (and be fine as long as I don't accidentally log out)?

[–] robin@beehaw.org 2 points 1 year ago

Thanks, that goes a long way already :)

4
submitted 1 year ago* (last edited 1 year ago) by robin@beehaw.org to c/askbeehaw@beehaw.org
 

I'm thinking about running my own pubnix/tilde. It would be invite-only and have a bunch of cool things:

  • git hosting with cgit or sourcehut
  • gemini hosting
  • web hosting
  • gopher hosting
  • FTP access
  • about 2GB of storage
  • matrix accounts + chat portal (Hydrogen seems cool)
  • internal message board/email?
  • maybe a CardDAV server?

I think it would be a very cool opportunity to learn a bit about Linux and the internet. However, I literally have no clue how to set this up. I found this comment on Reddit:

It happens that you're trying to build a tilde/pubnix? From my experience, tilde admins often give direct access to the system, but with proper permission elevation. Create a user group with limited permission (i.e. no sudo, disable specific softwares) and add their usernames to, give them a space in /home. Secondly, disable SSH password, ask them to send you their public keys and only authenticate via public key. Finally, write a good/strict policy but also send welcoming message. Also, you can look for further security practices, like changing default port, etc. but the key thing is proper user permission.

That's what I want. I was thinking about allowing password logins tho. I already have a VPS, which I want to reinstall to turn into this thing.

I basically want to configure the services in a way, that they all depend on Unix accounts. That way I can create a Unix account with suitable permissions for every member, and shit should Just Work™.

So, I was thinking:

  • Exposing all git repos in ~/git/ at the URL http(s)://git.example.com/~user/ (using cgit) and gemini://git.example.com/~user/ (using git.gmi)
  • Exposing ~/pub/gem/ at gemini://example.com/~user/
  • Exposing ~/pub/web/ at http(s)://example.com/~user/
  • Exposing ~/pub/goph/ at gopher://example.com/~user/
  • Creating @user:example.com matrix account with the same password as Unix. Changing the Unix password will also change the matrix password and changing the password from a matrix client should not be allowed.
  • Hosting Hydrogen (matrix client) at https://chat.example.com
  • Maybe host a CardDAV server with an account for every member, similar to what I want for matrix?
  • Maybe a Lemmy instance (with mlmym as frontend), same thing with accounts.

Any pointers on how to setup something like this? How would I handle backups? (I know I can just backup all files in every member's home directory, but how would I handle something more complicated, like the matrix accounts?) How would I make something like this secure?

15
submitted 1 year ago* (last edited 1 year ago) by robin@beehaw.org to c/linux@lemmy.ml
 

I'm thinking about running my own pubnix/tilde. It would be invite-only and have a bunch of cool things:

  • git hosting with cgit or sourcehut
  • gemini hosting
  • web hosting
  • gopher hosting
  • FTP access
  • about 2GB of storage
  • matrix accounts + chat portal (Hydrogen seems cool)
  • internal message board/email?
  • maybe a CardDAV server?

I think it would be a very cool opportunity to learn a bit about Linux and the internet. However, I literally have no clue how to set this up. I found this comment on Reddit:

It happens that you're trying to build a tilde/pubnix? From my experience, tilde admins often give direct access to the system, but with proper permission elevation. Create a user group with limited permission (i.e. no sudo, disable specific software) and add their usernames to, give them a space in /home. Secondly, disable SSH passwords, ask them to send you their public keys, and only authenticate via public key. Finally, write a good/strict policy but also send a welcoming message. Also, you can look for further security practices, like changing default port, etc. but the key thing is proper user permission.

That's what I want. I was thinking about allowing password logins tho. I already have a VPS, which I want to reinstall to turn into this thing.

I basically want to configure the services in a way, that they all depend on Unix accounts. That way I can create a Unix account with suitable permissions for every member, and stuff should Just Work™.

So, I was thinking:

  • Exposing all git repos in ~/git/ at the URL http(s)://git.example.com/~user/ (using cgit) and gemini://git.example.com/~user/ (using git.gmi)
  • Exposing ~/pub/gem/ at gemini://example.com/~user/
  • Exposing ~/pub/web/ at http(s)://example.com/~user/
  • Exposing ~/pub/goph at gopher://example.com/~user/
  • Creating @user:example.com matrix account with the same password as Unix. Changing the Unix password will also change the matrix password and changing the password from a matrix client should not be allowed.
  • Hosting Hydrogen (matrix client) at https://chat.example.com
  • Maybe host a CardDAV server with an account for every user, similar to what I want for matrix.

Any pointers on how to set up something like this? How would I handle backups? (I know I can just backup all files in every member's home directory, but how would I handle something more complicated, like the matrix accounts?). How would I make something like this secure?

[–] robin@beehaw.org 1 points 1 year ago

This looks sooooo cool!!

[–] robin@beehaw.org 1 points 1 year ago (1 children)

What are you using for those stats/overview on the left?

[–] robin@beehaw.org 4 points 1 year ago

I installed it last week. It's been pretty chill so far. I love the fact that my system is fully reproducible and version managed by git. Everything I need has been available. It feels a bit like the AUR to me: I need something, I look in nixpkgs and it's already there.

One thing I do find annoying is dependencies for work projects. It took me about an hour to figure out that some library our rust project depended on, expected some specific version of gdk or something, and that's why the project wouldn't compile. But apart from that, very nice and would definitely recommend!