A few hundred a month is just a few per day. That is pretty low volume by most standards.
I would say in general if the SMTP server could be replaced by a single human writing and mailing snail-mail letters by hand it qualifies as low volume.
Ah ok. You aren’t doing auth. I don’t understand how this is relevant.
Are you doing auth in the reverse proxy for Jellyfin? Do you use Chromecast or any non-web interface? If so I’m very interested how you got it to work.
The concern is that it would be nice if the UNIX users and LDAP is automatically in sync and managed from a version controlled source. I guess the answer is just build up a static LDAP database from my existing configs. It would be nice to have one authoritative system on the server but I guess as long as they are both built from one source of truth it shouldn’t be an issue.
Yes, LDAP is a general tool. But many applications that I am interested in using it for user information. That is what I want to use it for. I’m not really interested in storing other data.
I think you are sort of missing the goal of the question. I have a bunch of self-hosted services like Jellyfin, qBittorrent, PhotoPrism, Metabase … I want to avoid having to configure users in each one individually. I am considering LDAP because it is supported by many of these services. I’m not concerned about synchronizing UNIX users, I already have that solved. (If I need to move those to LDAP as well that can be considered, but isn’t a goal).
I do use a reverse proxy but for various reasons you can’t just block off some apps. For example if you want to play Jellyfin on a Chromecast or similar, or PhotoPrism if you want to use sharing links. Unfortunately these systems are designed around the built-in auth and you can’t just slap a proxy in front.
I do use nginx with basic with in front of services where I can. I trust nginx much more than 10 different services with varying quality levels. But unfortunately not all services play well.
Even then how you you know? I don’t think anyone can reliably look at a vegetable and tell you how nutritious it is. I don’t think it is reasonable to have the general population being experts in evaluating vegetables.
I think what could work here is mandated labeling. This is required for most foods but generally not produce. I think there are some reasonable reasons for this, but for farms producing huge volumes it seems that occasional testing that gets reported at the store would make sense.
How are you configuring this? I checked for Jellyfin and their are third-party plugins which don’t look too mature, but none of them seem to work with apps. qBittorrent doesn’t support much (actually I may be able to put reverse-proxy auth in front… I’ll look into that) and Metabase locks SSO behind a premium subscription.
IDK why but it does seem that LDAP is much more widely supported. Or am I missing some method to make it work
But it does boil down to business pressures. The business prefers more and bigger produce to more nutritional produce.
Is that a bad thing? Maybe not. Maybe you can just eat more to get your nutrition since higher yield should reduce cost.
But the point still stands that there is very little business pressure to make a nutritious product.
But the problem is that most self-hosted apps don’t integrate well with these. For example qBittorrent, Jellyfin, Metabase and many other common self-hosted apps.
NixOS makes it very easy to declaratively configure servers. For example the users config to manage UNIX users: https://nixos.org/manual/nixos/stable/options#opt-users.users
Yet another service to maintain. If the server is crashing you can’t log in, so you need backup UNIX users anyways.
I mean it is always better to have more open source. But the point of the multi-hop system is that you don’t need to trust the server. Even if the server was open source:
The open source client is enough to verify this and the security of the whole scheme.
I use NixOS.
Here is the problem with crop quality:
So there is basically no business pressure to have crops be nutritious.
Yeah, I can’t believe how hard targeting other consoles is for basically no reason. I love this Godot page that accurately showcases the difference:
https://docs.godotengine.org/en/stable/tutorials/platform/consoles.html
Currently, the only console Godot officially supports is Steam Deck (through the official Linux export templates).
The reason other consoles are not officially supported are:
- To develop for consoles, one must be licensed as a company. As an open source project, Godot has no legal structure to provide console ports.
- Console SDKs are secret and covered by non-disclosure agreements. Even if we could get access to them, we could not publish the platform-specific code under an open source license.
Who at these console companies think that making it hard to develop software for them is beneficial? It’s not like the SDK APIs are actually technologically interesting in any way (maybe some early consoles were, the last “interesting” hardware is probably the PS2). Even if the APIs were open source (the signatures, not the implementation) every console has DRM to prevent running unsigned games, so it wouldn’t allow people to distribute games outside of the console marker’s control (other than modded systems).
So to develop for the Steam Deck:
To develop for Switch (or any other locked-down console):
What it could be (after you register with Nintendo to get access to the SDK download):
All they need to do is grant an open source license on the API headers. All the rest is done for them and magically they have more games on their platform.
Mullvad is one of the best options if you care about privacy. They take privacy seriously, both on their side and pushing users towards private options. They also support fully anonymous payments. Their price is also incredibly reasonable.
I’m actually working on a VPN product as well. It is a multi-hop system so that we can’t track you. But it isn’t publicly available yet, so in the meantime I happily recommend Mullvad.
HTTP/1.1 403 UNAUTHORIZED
{
"error": {
"status": "UNAUTHORIZED",
"message": "Unauthorized access",
},
}
I would separate the status from the HTTP status.
Even if you don’t need the status now, it is nice to have it if you want to add it in the future.
You can use a string or an integer as the status code, string is probably a bit more convenient for easy readability.
The message should be something that could be sent directly to the user, but mostly helpful to developers.
What are you running MS-DOS? laughs in multi-tasking.
I just drag my vi terminals to another workspace and launch a new editor.