Guess I don’t have to, the dev released a new update without analytics, scripts and fonts are internal and created an issue for running as root which someone’s assigned to. This project got some crazy momentum!

Yeah stirling has options to remove though, at least I remember seeing the option since the beginning and disabled it haha. Option to disable that should probably be a 3rd PR then got some work to do lol

More worryingly now looking at loaded JS again it loads an analytics JavaScript file too.

https://github.com/alam00000/bentopdf/blob/main/index.html#L9

Plan to if no one beats me to it… Just gotta find time when I am free and have the energy to program more.

Yeah very exciting project and to be honest a lot of popular services run as root by default. That said this ones harder to change from port 80 without changing the image. Could mount a nginx.conf to override probably though.

I believe you can just do the sha but it would be a similar affect pinning it to that sxact docker image, but doing so without version tag makes it harder for you to know what you are running.

The sha256 is generated by an algorithm based off of the bytes of the image wherr the tag is overwritable and pushed by the developer.

I want to swap to this but also want to do a few PRs but haven’t had the time.

• Dockerfile exposes port 80 and runs as root
• Less concerning, but dislike it, the scripts and CSS use remote cdns rather than being bundled locally

Otherwise I am excited for this. Stirling doesn’t really support replicating even with license and its fat image takes up a bit of my disk space for images.

Its also good practice to include the sha256 digest after the version like

DockerImage:v… @sha256:…

If you pull without digest and say the maintainers get compromised and release an update with the same version tag with malicious stuff in it, then you won’t pull it automatically since the digest does not match.

My core one did fail once in the first week. I was on support chats for multiple all nighters like 12-15 breaks each. Finally someone said its probably bad parts and sent me a bunch of likely parts, I got preassembled so they guided me how to disassemble and replace the parts. Its been working ever sense, but it was killing me them going “well have you tried recalibrating?” And other basic tasks that they should have had notes on that were already done.

If public key is denied forgejo is setup, but you have an old connection in your authorized_keys file probably form using gitea. Remove the line, it should prompt you to accept public key on next ssh session. This is a basic ssh functionality probably why you were downvoted I guess.

Gitea and forgejo configs were 100% same at some point, check forgejo news for when the last version that supported gitea migrations. That said it should still be pretty close.

Velero is the backup solution for PVCs and k8s way.

I have tried quite a few and found blocky to be very easy and reliable.

I use multiple DoH servers upstream, it sorts out which ones better response times and uses it more often, but splits them still. I have over 20 devices using it and its been running well.

It also can prefetch common domains and caches them per config. I got A 40% cache rate with running 3 of them for redundancy.

I’d recommend finding a cheap VPS using https://lowendbox.com/. I got a 3GB RAM 3 core plan for $32/year this is slightly overkill, prpbably, but it also had higher bandwidth limits. Add wireguard and setup routing for the vps public IP.

A javascriptless check was released recently I just read about it. Uses some refresh HTML tag and a delay. Its not default though since its new.

As long as its not configured improperly. When forgejo devs added it it broke downloading images with Kubernetes for a moment. Basically would need to make sure user agent header for federation is allowed.

Yeah operators are extremely nice. I used bitnami images before operator in HA setup and it would fail all the time. Using operators I have like 12 postgres DBs and 0 issues for well over a year.

Btw, self hosting communities tend to shy away from k8s due to complexity and generally enterprises use it so less selfhosters use it. I wanted redundancy and to keep me learning tech, less crazy people tend to go with proxmox for clustering in these communities.

Some operators for postgres is free for non commercial use, so its not truly open source even though its source available, one is crunchydata.

pgvecto.rs v0.4.0 I assumed was just not renamed. They have one for vectorchord too

Operators are good ways to support applications in CLI that aren’t easy to setup in a cluster by default. You can make these databases redundant by setting replica higher than 1 and applying it, operator copies the db data and makes a new replica. It also helps with backups and restoring too.

If you are using Kubernetes, I highly recommend investing time into installing an operator. The best open source one with less restrictive licensing is cloudnative pg. VectorChord builds official images for CNPG that includes the extension.

Yeah I see nothing that using a local version that would cause that… Hmm next I would try mixing CDN ref and local ref for js/CSS try to pinpoint what one is making it buggy.

Looks like

../images/loading.gif

…/ means previous directory so if CSS is public/css you want public/images.