ohshit604

joined 5 months ago
MODERATOR OF
ca_firearms_rights
sorted by: new top controversial old
Anubis is awesome! Stopping (AI)crawlbots in c/selfhosted@lemmy.world
[–] ohshit604@sh.itjust.works 1 points 1 hour ago

How is the art a positive?

Any more? in c/linuxmemes@lemmy.world
[–] ohshit604@sh.itjust.works 3 points 20 hours ago* (last edited 20 hours ago) (2 children)

Why is 255 off limits? What is 127.0.0.0 used for?

Hypothetically you’re working on an application but you don’t want that application exposed to the internet, you would use localhost to either expose it to 1 machine on your network or network wide by opening a port and telling the application to listen on the private IP assigned by your router.

Advanced setup would include a reverse proxy to forward the requests from the applications port to the internet, the reverse proxy would use port 80:80 (http) & 443:433 (https), so the flow would look a little like this -

Internet > Reverse Proxy listening on 80:80 & 443:443 > Application listening on 8080:8080

—-

Why does it span to .254? Well this is another advanced setup but if you wanted to segregate two application on different subnets you can. I’m not sure if there is a security benefit by adding the extra hop but the option is there.

TIL the QWERTY keyboard was *not* designed to intentionally slow down typing in c/til@lemmy.world
[–] ohshit604@sh.itjust.works 10 points 1 day ago* (last edited 1 day ago)

https://freetubeapp.io/ comes packed with DeArrow, Sponsorblock and natively uses Invidious or Piped API’s for playback.

What else should I self-host? in c/selfhosted@lemmy.world
[–] ohshit604@sh.itjust.works 5 points 1 day ago* (last edited 1 day ago)

Yes, back up your stuff regularly, don’t be like me and break your partition table with a 4 month gap between backups. Accomplishing 4 months of work in 5 hours is not fun.

Any more? in c/linuxmemes@lemmy.world
[–] ohshit604@sh.itjust.works 13 points 1 day ago* (last edited 1 day ago) (9 children)

To add to this - localhost spans 127.0.0.1-127.254.254.254

How can Conservatives complain about Mark Carney when he’s the most right-leaning Liberal in decades? in c/canadapolitics@lemmy.ca
[–] ohshit604@sh.itjust.works 1 points 1 day ago* (last edited 1 day ago) (1 children)

If they scrap the gun confiscation I might actually consider voting liberal in the future, don’t get me wrong here, I’m grateful we have a new PM with a different perspective but I’m very skeptical given that our current Public Safety Minister is unwilling to learn our laws and safety regulations In regard to firearm ownership.

What are the privacy risks of exposing IP adresses? in c/nostupidquestions@lemmy.world
[–] ohshit604@sh.itjust.works 1 points 1 day ago* (last edited 1 day ago) (2 children)

so they shouldn't be a risk like GPS that exposes precise locations?

Yes, they only provide country, province/state and city. As others mentioned if you’re worried about this information get yourself a reliable VPN provider and, route all your devices through said VPN provider, ideally through your router.

When picking a VPN provider it is highly recommended to read their Privacy Policy before signing up, ensure they don’t log data.

PSA: If the first Smart Search in Immich takes a while in c/selfhosted@lemmy.world
[–] ohshit604@sh.itjust.works 3 points 3 days ago* (last edited 3 days ago) (1 children)

So why would you not write out the full path?

The other day my raspberry pi decided it didn’t want to boot up, I guess it didn’t like being hosted on an SD card anymore, so I backed up my compose folder and reinstalled Rasp Pi OS under a different username than my last install.

If I specified the full path on every container it would be annoying to have to redo them if I decided I want to move to another directory/drive or change my username.

PSA: If the first Smart Search in Immich takes a while in c/selfhosted@lemmy.world
[–] ohshit604@sh.itjust.works 4 points 4 days ago* (last edited 4 days ago) (3 children)

As other stated it’s not a bad way of managing volumes. In my scenario I store all volumes in a /config folder.

For example on my SearXNG instance I have a volume like such:

services:
  searxng:
    …
    volumes:
      - ./config/searx:/etc/searxng:rw

This makes the files for SearXNG two folders away. I also store these in the /home/YourUser directory so docker avoids using sudoers access whenever possible.

My son got Nikes so he doesn't get teased. in c/mildlyinfuriating@lemmy.world
[–] ohshit604@sh.itjust.works 2 points 4 days ago (1 children)

Nowadays it’s about who has the most “designer” clothing, I wouldn’t call a Yeezy designer.

Peak Midwestern proposal in c/funny@lemmy.world
Battlefront II is currently at 3,99€, offers ends on the 10th of July in c/patientgamers@sh.itjust.works
[–] ohshit604@sh.itjust.works 5 points 5 days ago* (last edited 5 days ago)

Does this still have a wild amount of drm

If I’m not mistaken Star Wars is still owned by Disney, of course it’ll have many many many layers of DRM.

and extra launchers

In my experience it’s only the EA launcher that it needs. it works on Linux despite all the bullshit.

5
Sterling Arms R9 MK1 now prohibited in Canada. (infosec.pub)
 

One of the most popular 9mm PCCs for sport shooters— the R9 MK1—is no longer classified as non-restricted. As of July 6, 2025, the RCMP has listed it as PROHIBITED in the Firearms Reference Table.

What this means for owners:

No range use or transport

Must be stored as a prohibited firearm Cannot be sold or transferred

Subject to future buyback or amnesty programs

Check the official FRT listing:

https://rcmp.ca/en/firearms/firearms-reference-table

0
"For decades, law-abiding Argentine gun owners faced suffocating bureaucracy, endless paperwork and mountains of red tape... you'd think the guns were radioactive." (files.catbox.moe)
13
"Thank God for that gun" says a woman after four men, armed with hammers, smashed their way into her home. (files.catbox.moe)
 

Her husband, a legal gun owner, didn't have time to load his shotgun, but pointed it at the criminals who quickly took off.

The family, who immigrated to Canada six years ago, say they now fear for their safety and say more needs to be done to catch and punish those responsible for recent home invasions.

"It's a criminal situation in this country. It's a terrible situation," the mother told us. "I hope maybe the government will see what is happening. I have hope, maybe government will change the law and do something."

2
Liberal Firearms Confiscation Compensation Scheme Faces Distrust and Non-Compliance (cssa-cila.org)
submitted 1 week ago* (last edited 1 week ago) by ohshit604@sh.itjust.works to c/ca_firearms_rights@sh.itjust.works
1 comments fedilink
 

A Privy Council Office report, Understanding Firearms Owners, casts serious doubt on the ability of the federal government to confiscate firearms from licensed gun owners.

The scheme faces a high risk of non-compliance, as well as exorbitant costs with little public safety benefit.

“The Government of Canada believes it is unlikely to be the most trusted messenger with individuals who own assault-style firearms,” the report states. 

It warns the confiscation scheme’s success hinges on gun owners’ belief in its legitimacy and connection to public safety, a connection that’s clearly lacking.

According to the report, only 15 percent of surveyed gun owners expect to be affected by the confiscation scheme that targets firearms banned by the May 2020 Order in Council and others added by the RCMP since then. 

Of that 15%, a whopping 67 percent say they’re unlikely to comply. The numbers are even higher in Western provinces, 71 percent in Alberta and Saskatchewan, revealing a deep regional mistrust of the federal Liberal government.

Journalist Lorne Gunter didn’t mince words.

“I don’t trust any government that doesn’t trust my law-abiding neighbors to own guns if they want to,” said journalist Lorne Gunter.

Though not a gun owner himself, Gunter emphasized the importance of personal liberty and practical governance. 

“You are not going to stop illegal shootings by confiscating legal weapons from law-abiding Canadians,” he said. “That’s the fallacy of all of this.”

Ekos’ findings support this disconnect. 

A majority of gun owners (84 percent) believe violence committed with guns is almost always committed by those in illegal possession of them. Further, 78 percent believe licensed gun owners are unfairly targeted by the Liberal government’s current policies.

Gunter sums up the controversy bluntly. 

“This is yet again a failure of government that is emotionally driven, not logically driven.” 

Ottawa’s Firearms Confiscation Compensation Scheme may be politically popular in some urban centers, but across the country it’s generating division, suspicion, and resistance.

As the Liberal government moves toward implementation, one uncomfortable truth lingers.

The criminal element will never be affected by this scheme because they don’t have firearms licenses and they don’t register their illegally-owned guns.

The Liberal Firearms Confiscation Compensation Scheme it is designed to target licensed gun owners only, which proves the point CSSA has made for years.

If improving public safety was truly its intent, the scheme would focus on criminals illegally possessing guns. 

This scheme was never intended to improve public safety.

2
Sun political columnist Lorne Gunter explains why, as a non-gun owner, he still supports a Canadians right to lawfully own and use firearms. (files.catbox.moe)
 

"I don't trust any government that doesn't trust my law-abiding neighbours, to own guns if they want to."

2
Helena Konanz gives stellar speech criticizing the Liberals 10-year inaction to stop the flow of illegal guns and drugs into Canada, (files.catbox.moe)
submitted 2 weeks ago* (last edited 2 weeks ago) by ohshit604@sh.itjust.works to c/ca_firearms_rights@sh.itjust.works
0 comments fedilink
1
Survivors of Toronto's Danforth shooting get green light on lawsuit against gunmaker (www.cbc.ca)
24
Docker Swarm networking vs Docker Compose (sh.itjust.works)
submitted 2 weeks ago* (last edited 1 week ago) by ohshit604@sh.itjust.works to c/selfhosted@lemmy.world
5 comments fedilink
 

Evening y’all

I’ll try to keep it brief, I need to move my reverse proxy (traefik) to another machine and I’m opting to utilize Docker Swarm for the first time this way I’m not exposing a bunch of ports on my main server over my network, so ideally I’d like to have almost everything listening on local host while traefik does it’s thing in the background

Now I gotta ask, is Docker Swarm the best way to go about this? I know very little about Kubernetes and from what I’ve read/watched it seems like Swarm was designed for this very purpose however, I could be entirely wrong here.

What are some key changes that differ typical Compose files from Swarm?

Snippet of my current compose file:

services:
  homepage:
    image: ghcr.io/gethomepage/homepage
    hostname: homepage
    container_name: homepage
    networks:
      main:
        ipv4_address: 172.18.0.2
    environment:
      PUID: 0 # optional, your user id
      PGID: 0 # optional, your group id
      HOMEPAGE_ALLOWED_HOSTS: MY.DOMAIN,*
    ports:
      - '127.0.0.1:80:3000'
    volumes:
      - ./config/homepage:/app/config # Make sure your local config directory exists
      - /var/run/docker.sock:/var/run/docker.sock #:ro # optional, for docker integrations
      - /home/user/Pictures:/app/public/icons
    restart: unless-stopped
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.homepage.rule=Host(`MY.DOMAIN`)"
      - "traefik.http.routers.homepage.entrypoints=https"
      - "traefik.http.routers.homepage.tls=true"
      - "traefik.http.services.homepage.loadbalancer.server.port=3000"
      - "traefik.http.routers.homepage.middlewares=fail2ban@file"
  traefik:
    image: traefik:v3.2
    container_name: traefik
    hostname: traefik
    restart: unless-stopped
    security_opt:
      - no-new-privileges:true
    networks:
      main:
        ipv4_address: 172.18.0.26
    ports:
      # Listen on port 80, default for HTTP, necessary to redirect to HTTPS
      - target: 80
        published: 55262
        mode: host
      # Listen on port 443, default for HTTPS
      - target: 443
        published: 57442
        mode: host
    environment:
      CF_DNS_API_TOKEN_FILE: /run/secrets/cf_api_token # note using _FILE for docker secrets
      # CF_DNS_API_TOKEN: ${CF_DNS_API_TOKEN} # if using .env
      TRAEFIK_DASHBOARD_CREDENTIALS: ${TRAEFIK_DASHBOARD_CREDENTIALS}
    secrets:
      - cf_api_token
    env_file: .env # use .env
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./config/traefik/traefik.yml:/traefik.yml:ro
      - ./config/traefik/acme.json:/acme.json
      # - ./opt:/opt
      #- ./config/traefik/config.yml:/config.yml:ro
      - ./config/traefik/custom-yml:/custom
      # - ./config/traefik/homebridge.yml:/homebridge.yml:ro
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.traefik.entrypoints=http"
      - "traefik.http.routers.traefik.rule=Host(`traefik.MY.DOMAIN`)"
      #- "traefik.http.middlewares.traefik-ipallowlist.ipallowlist.sourcerange=127.0.0.1/32, 192.168.1.0/24, 208.118.140.130, 172.18.0.0/16"
      #- "traefik.http.middlewares.traefik-auth.basicauth.users=${TRAEFIK_DASHBOARD_CREDENTIALS}"
      - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
      - "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https"
      - "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
      - "traefik.http.routers.traefik-secure.entrypoints=https"
      - "traefik.http.routers.traefik-secure.rule=Host(`traefik.MY.DOMAIN`)"
      #- "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
      - "traefik.http.routers.traefik-secure.tls=true"
      - "traefik.http.routers.traefik-secure.tls.certresolver=cloudflare"
      - "traefik.http.routers.traefik-secure.tls.domains[0].main=MY.DOMAIN"
      - "traefik.http.routers.traefik-secure.tls.domains[0].sans=*.MY.DOMAIN"
      - "traefik.http.routers.traefik-secure.service=api@internal"
      - "traefik.http.routers.traefik.middlewares=fail2ban@file"

networks:
  main:
    external: true
    ipam:
     config:
       - subnet: 172.18.0.0/16
         gateway: 172.18.0.1

I censored out my actual domain with MY.DOMAIN so if that confuses people i apologize.

Update:

So, I’ve came across an application called Traefik-Kop which essentially allows for swarm like communication between traefik and two docker engines.

This isn’t full-proof as I do have to expose ports over the main server however, this was the simplest way of achieving what I was going for.

I want to say thank you to everyone who has commented I haven’t had much time to respond to comments here but I have read them all, y’all’s insight is much appreciated!

Update 2:

People here suggest Pangolin however, I just spent the last 3 hours trying to integrate pangolin with the Traefik instance that I already have setup, it was not fun, i couldn’t figure out how Pangolin is able to communicate with Traefik if it doesn’t expose any ports or define docker labels, once I figured out Pangolins web-ui runs on 3002:3002 I was able to reverse proxy it however, when attempting to login I kept running into 404 errors.

I’ll give it another go when I’m no longer frustrated with it as it does seem like the best route for me to take.

-1
The CCFR's Rod Giltaca sits down with Ontario Party leader Derek Sloan to discuss the growing conversation: Self-defence with a firearm in Canada. (files.catbox.moe)
3
Sheila Gunn and lawyer lan Runkle discuss the dangers faced by (unarmed) Canadians who attempt to confront violent criminals, or, who try to stop a criminal act in progress. (files.catbox.moe)
2
British Columbia RCMP show support of the Penticton Shooting Sports Association now facing closure because the govt is reclaiming the land. (infosec.pub)
submitted 3 weeks ago* (last edited 3 weeks ago) by ohshit604@sh.itjust.works to c/ca_firearms_rights@sh.itjust.works
0 comments fedilink
11
Canada Gun Licences Rise to New Record in 2024, Led By Ontario and Alberta – TheGunBlog.ca (thegunblog.ca)
view more: next ›