Might look into the pangolin project if what you’re trying to do is expose services from your home network over wireguard to a reverse proxy on a vps.
The software suite is basically wireguard, traefik, and auth middleware wrapped in a trenchcoat. Much simpler than rolling your own implementation, but there has been recent controversy with the project over locking “basic” existing features behind a paywall after the project got popular, though after public backlash they’ve backpedaled on that iirc.

Edit: Just realized you said tailscale. Above recommendation might be a deal breaker depending on your reason for wanting tailscale specifically

I think wl-screenrec can do that, it has a “shadowcopy” like function with the ‘–history’ flag. Wayland only and not sure if it works on GNOME or KDE though as I was using it with hyprland.

From an EM perspective, patients are often stupid as fuck and wouldn’t know what was good for them if you beat them over the head with it. Sometimes their stupidity brings acute death if they leave my ward, and I don’t want that on my conscience, not to mention legal exposure. If I thought a patient was wanting to leave for some stupid reason and life and limb is on the line I would absolutely do everything short of directly lying to a patient to keep them under care until they are stabilized. Full stop. It is my ethical and legal obligation to treat patients, even if they are too ignorant or obtuse to understand that is the reason any of us are there. Call it mind games, manipulation, whatever; I do not want a sick patient leaving until I am sure that they won’t die from what they came to me with or be back within 24h for the same thing, and I will do whatever I can to keep a patient’s stupid ideas from getting them killed.

Protocol. Come into the hospital with SI or HI for example, your freedom gets temporarily revoked and you get to stay in the padded room with a sitter until a psych assessor deems you without risk of killing yourself or others. There are very few phrases that will land you in that position.

If you’re on android I can highly recommend Eternity. Open source and a fork of Infinity for Reddit; which is still going as a paid service post Reddit API débâcle. I loved Infinity prior to Reddit being a bitch and Eternity is just as great

Me. $350 off and $100 worth of storage upgrades on a Pixel 9 pro was worth it for me. Phones now are expensive as fuck but getting a ~40% discount on a brand new product made it easier to accept.

Here’s one I have saved in my shell aliases.

nscript() {
    local name="${1:-nscript-$(printf '%s' $(echo "$RANDOM" | md5sum) | cut -c 1-10)}"
    echo -e "#!/usr/bin/env bash\n#set -Eeuxo pipefail\nset -e" > ./"$name".sh && chmod +x ./"$name".sh && hx ./"$name".sh
}
alias nsh='nscript'

Admittedly much more complicated than necessary, but it’s pretty full featured. first line constructs a filename for the new script from a generated 10 character random hash and prepends “nscript” and a user provided name.

The second line writes out the shebang and a few oft used bash flags, makes the file executable and opens in in my editor (Helix in my case).

The third line is just a shortened alias for the function.

Thanks for the correction. A full month is much more problematic.

Thanks, SUSE completely slipped my mind

How does the xz incident impacts the average user ?

It doesn’t.

Average person:

• not running Debian sid, Fedora nightly, Arch, OpenSUSE Tumbleweed, or tbh any flavour of Linux. (Arch reportedly unafffected)
• ssh service not exposed publicly

The malicious code was discovered within a day or two a month of upload iirc and presumably very few people were affected by this. There’s more to it but it’s technical and not directly relevant to your question.

For the average person it has no practical impact. For those involved with or interested in software supply chain security, it’s a big deal.

Edit:
Corrections:

• OpenSUSE Tumbleweed was affected; Arch received malicious package but due to how it is implemented did not result in compromised SSH service.
• Affected package was out in the wild for about a month, suggesting many more affected systems before malicious package was discovered and rolled back.

Seems he’s revealing that he is either Bruce Wayne or Bane. As they’re the only two to ever escape from the pit; historically speaking.

Probably not exactly what you’re looking for, but for my personal use I just set up a repo in my git forge (gitea in my case) with a bunch of markdown files in various folders and a Hugo theme.

Every time I want to update a document I can click the link at the bottom of the “Wiki” page and edit it in Gitea’s WYSIWYG editor. Similar process if I want to make a new document. When I save the changes I have a CI job (native to Gitea/Github) that uses Hugo to build the markdown docs into a full website and sync it to a folder on one of my servers where it’s picked up by a web server.

Sounds complicated when I type it all out, but the only thing that I can reasonably expect to be a deal breaker is the Hugo software, of which there are archived versions, and even if there wasn’t Hugo’s input is just markdown, so I can repurpose however I see fit.

You could probably do something similar with other SSG’s or even use Github’s pages feature, though that does add a failure point if/when they decide to sunset or monetize the feature.

I see now, that makes sense why you are building the image since it was set up that way. I don’t know why projects set up the compose file to build the image when they already have a publicly available image to use; it just creates unnecessary friction for people who just want to test out the software. Anyway, using that image should work for you, but feel free to ask if you run into any issues.

Why are you building the image yourself? Not that there’s a problem with that necessarily, but it seems a bit wasteful of your resources unless you have a specific reason to do so. There’s a docker image (quay.io/invidious/invidious:latest) built by the developers that gets updated pretty frequently. I’ve been using it for years now and it’s been working perfectly fine for me the whole time.

Even if you need something just once, just install it and then uninstall it, takes like 10 seconds.

apt install foo && apt remove foo

That’s essentially what nix-shell -p does. Not a special feature of nix, just nix’s way of doing the above.

Actually using it though is pretty convenient; it disappears on its own when I exit the shell. I used it just the other day with nix-shell -p ventoy to install ventoy onto an ssd, I may not need that program again for years. Just used it with audible-cli to download my library and strip the DRM with ffmpeg. Probably won’t be needing that for a while either.

The other thing to keep in mind is that since Nix is meant to be declarative, everything goes in a config file, which screams semi-permenant. Having to do that with ventoy and audible-cli would just be pretty inconvenient. That’s why it exists; due to how Nix is, you need a subcommand for temporary one-off operations.

If you’re ok with just file storage sftpgo has been solid for me for years now. Does sftp ftp and WebDAV (like nextcloud). Webui isn’t as pretty but it’s fast. Mobile apps will be various sync apps with sftp or WebDAV support. On Android folder sync pro is pretty good for keeping documents and pictures backed up

Just this one https://wallhaven.cc/w/2y2wg6

Have it hard-coded in my config so I’m less likely to faff around with my wallpaper instead of doing something productive. Less cognitive load IMO

Assuming they’re generally on the same instance ::cough EH cough:: others can just defederate if they want. Those that are harassing and spreading hate speech on mixed servers can be blocked, banned from communities, or the instance in question if egregious enough.

Edit: Am I resurrecting a 3 year old post rn?

I think ejabberd or another other xmpp server would have been my first choice for a service like this by a long shot. If only we had some good iOS clients to go to. While I’m on android, most of the family and some of the friends use iOS, so it was kind of a non-starter from that alone.

Edit: log -> long

Hmmm. I don’t have a network/infrastructure diagram or anything yet, but I’ve been meaning to create one. I’ll probably put one together and post more about my setup if there’s any interest. I’ll be sure to tag you when I do. Thanks for the interest!