Frankly, I welcome multiple unixporn communities, as the largely singular community on reddit was too strict, in my opinion, and many screenshots went unshared as a result.
Frankly, I welcome multiple unixporn communities, as the largely singular community on reddit was too strict, in my opinion, and many screenshots went unshared as a result.
I’ve been happy with whc.ca for hosting…been using their pro account for years. I generally use canspace.ca for domain registration, and have done so for more than 10 years without issue.
I can’t provide specific advice for tailscale, but I can share my notes for my own use case, which is for PCs that are safely behind the home firewall. You’d want to adjust your ssh/smb settings accordingly. You shouldn’t need any rules for ProtonVPN, as you’re likely just trying to block incoming connections, not outbound.
It’s my understanding that Fedora opens ports 1025-65535/tcp
and 1025-65535/udp
by default.
To lock down to sane defaults (--permanent
saves the settings directly, avoiding the need to run firewall-cmd --runtime-to-permanent
separately):
sudo firewall-cmd --permanent --remove-port=1025-65535/tcp
sudo firewall-cmd --permanent --remove-port=1025-65535/udp
sudo firewall-cmd --permanent --add-port=27031/udp # steam remote play
sudo firewall-cmd --permanent --add-port=27036/udp # steam remote play
sudo firewall-cmd --permanent --add-port=27036/tcp # steam remote play
sudo firewall-cmd --permanent --add-port=27037/tcp # steam remote play
Ensure that ssh
and samba-client
are listed as allowed services too (sudo firewall-cmd --list-all
).
firewall-cmd --reload
--permanent
or by committing all changes with --runtime-to-permanent
Common commands:
sudo systemctl enable --now firewalld # enable and start firewalld service
sudo systemctl disable firewalld
sudo systemctl stop firewalld
sudo firewall-cmd --state # show running state of firewalld
sudo firewall-cmd --get-active-zones # list active zones
sudo firewall-cmd --get-zones # list all zones
sudo firewall-cmd --get-default-zone # list default zone
sudo firewall-cmd --list-ports # list allowed ports in current zone
sudo firewall-cmd --list-all # list all settings
sudo firewall-cmd --reload # reload firewall rules to activate any rule modifications
Add/remove ports, services, IPs:
sudo firewall-cmd --add-port=port-number/port-type # allow incoming port (tcp,udp,sctp,dccp)
sudo firewall-cmd --remove-port=port-number/port-type # block incoming port
sudo firewall-cmd --add-service=<service-name> # allow incoming service (see /etc/services)
sudo firewall-cmd --remove-service=<service-name> # block incoming service (see /etc/services)
sudo firewall-cmd --add-source=192.168.1.100 (or 192.168.1.0/24) # whitelist incoming IP or IP range
sudo firewall-cmd --remove-source=192.168.1.100 (or 192.168.1.0/24) # remove whitelisted IP or IP range
Block an IP or IP range (rich rules):
sudo firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='192.168.1.100' reject"
sudo firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='192.168.1.0/24' reject"
Whitelist IP for specific port (rich rule):
sudo firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="192.168.1.100" port protocol="tcp" port="3306" accept'
Removing a Rich Rule
sudo firewall-cmd --permanent --remove-rich-rule='rule family="ipv4" source address="192.168.1.100" port protocol="tcp" port="3306" accept'
As a fellow Atomic user, my completely biased opinion is that you’ve made a good choice of distro for switching from Windows.
Don’t sweat the need or desire to layer a few packages. I see a lot of folks stress over this as if it’s a hard rule they are breaking. It’s a general recommendation and little more. I would be surprised if most users don’t layer at least one package (or even a few).
On my main workstation, running Kinoite at the moment, some of the layered packages include:
Same, I’ve switched all of my workstations to Kinoite and Silverblue over the past 18 months, and couldn’t be much happier about it.
That’s a great post too, thanks for sharing it here. My hope is that folks might still manage to find this info through search engines, even if Lemmy isn’t yet as highly indexed as other platforms.
If it were me and there was no way to have an additional drop installed from the exterior, I would still consider running a single cable through the living space to your desired location, as discreetly as possible.
It’s difficult to suggest exactly how to do so without pics or a floorplan, but I would try to match the wall or trim color and keep the cable tucked close to the floor and/or ceiling throughout the run.
Once in place, the cable will quickly disappear into your surroundings and you’ll be left with rock solid reliable networking.
And I don’t even care if they keep it as a “tray”. I’d be content with integration into the dash if they can make it work smoothly. For example, just having the app start minimized as a regular icon (or segregated icon) in the dash…just something at this point.
I’m happy to see it’s finally happening, and I hope they left its implementation flexible.
What I’d really love to see (aside from triple buffer) is a real solution to the system tray situation. AppIndicator is problematic for some apps and under certain X11/Wayland desktops, and even when it works well it is cumbersome to use compared to traditional tray implementations. Hoping we see a new approach soon.
In the meantime, I’ve been enjoying a revisit to KDE Plasma under Kinoite and I have to say I’m really impressed with both DEs!
Our Smart TV is offline 99% of the time, so I rarely see the smart features. We’ll sometimes have company stay over and they’ll connect the Ethernet to use the built-in streaming apps with their own credentials, so it’s a nice option to have and it doesn’t impact us otherwise.
JF’s UI hasn’t really done it for me for whatever reason…I have it running in an LXC already and mostly use it at my workstations.
I have a JF instance running on Proxmox as well, but it hasn’t won me over yet. Still, I know a lot of folks do prefer it to Kodi and others so there must be something to it.
As others have said, just buy a TV that meets your A/V needs and don’t connect it to the internet.
I know everyone talks about Jellyfin these days, but Kodi is an excellent option too if you don’t need streaming to multiple devices. I use Kodi via LibreElec on an rpi4 and it’s been great. All media is stored on my home server and shared over Samba, but you can easily store it locally on the box if you don’t have a server.
For music streaming, I run a separate instance of miniDLNA on my server, since I like to browse-by-directory for my music instead of relying solely on metadata. This also allows you to stream to any DLNA-friendly device on the LAN.
I’ve digitized my disc collection and just keep the physical media as a backup. The local library has a huge selection of media too…and if we don’t use it, we’ll lose it.
deleted by creator
No worries, the screen should always lock after sleep or idle regardless of SDDM. KDE uses a separate kscreenlocker app for that functionality once your desktop session has started. It’s worth noting the kscreenlocker doesn’t rely on the SDDM theme in any way, as the two are completely separate processes. So, your lock screen will always match your active KDE theme.
Just a suggestion…if you’ve enabled disk encryption during installation, consider enabling autologin for SDDM so you’re not having to enter two credentials at boot. You’ll rarely ever see your greeter again, so it won’t really matter which theme is used.
And if you did not enable disk encryption, consider doing so as the security and privacy benefits are significant for most users.
That sounds like a time saver for sure. I imagine that some of those elements (grammar rules) are widely available everywhere, while others (practice dialogues, activity suggestions focused on the use of language) would require a fairly specific training model.
Thanks for sharing! I’m probably too set in my ways to ever utilize AI for things like this. I never use virtual assistants like Alexa or Google either, as I like to vet and interpret the source of information myself. Having the citations would be handy, but ultimately I’d want to read them myself so the IA/VA just becomes an added step.
If a layman may ask, what are folks even using AI/LLMs for mostly? Aside from playing around with some for 10-15 mins out of simple curiosity, I don’t have a practical use for platforms like ChatGPT. I’m just wondering what the average tech enthusiast uses these for, outside of academia.
I write everything in markdown, and I mean just about everything. Tech notes, recipes, work procedures, shopping lists…everything. If you check my comment history from today, you can see a quick example of the kind of tech notes I keep (firewalld in this case).
I keep all of my plain text files synced across multiple devices using Syncthing. For desktop editors, I use mostly vim and VSCodium (though Kate is nice too), and I use Markor on Android. This workflow has been highly efficient for many years now, and I no longer waste time constantly reviewing the latest note-taking app.