More technically there’s two ways to move data between two separate services. You can either pull or push the data.

Assume for both scenarios that the client is your phone and the server is some machine in the cloud.

With pulls the client calls an API and the server returns a response. Generally the www works this way. You ask a server for a wab page and you effectively pull the source down to your browser.

Pushes work the opposite, in that a server has data for the client and needs to push or otherwise give it to you. Pulls are relatively strait forward because every server has a well known name (the domain name and url). But your phone’s IP address changes constantly. So how does a server know how to contact your device? There’s generally two ways:

1. Your device can poll (make repeated pulls to a server checking for new data)
2. Or you can register some identifier and your IP address with some central server every time it changes. And then the server can essentially call a URL on your device directly. This is essentially what Google and Apple are doing as it doesn’t waste CPU resources and your battery.

You could in theory implement either of these yourself but because of the way the OSes work on both Android and iOS there’s no guarantee that you can keep a process running in the background forever. As the OS can kill your process if the OS needs more free ram, etc … The built in notification APIs are exempt from this because they are part of the OS.

To also add to the other comments: because the government doesn’t want or even need to have a balanced “checkbook”.

Assume for example you want to buy something from me. But you only have “don bucks”. So you buy a widget from me and I charge you 10 “don bucks”.

Problem though, through taxes you’ve only got 5 bucks left. So you just create 5 bucks and add it to your pile. (Deficit spending) Now if you don’t balance that with a loan, your “don bucks” are now worth less because why would I want one of your “don bucks” when tomorrow you could just create a million of them for no reason. (Hyperinflation) So you instead borrow 5 bucks from a friend of yours with a promise to give him back 6 tomorrow. (Bonds)

I still sell you my widget for 10 “don bucks” but now what can I spend my newly acquired “don bucks” on? Well, since everyone has their own currency I ultimately have to spend it on you. This means I end up giving you those 10 bucks back in hopes that you’ll either give me more in return (another loan/bond) or give me back my own currency from money I’ve traded to you.

So in the end spending more than you make (at the nation state level) can be a net boon on the economy as you effectively create a vendor lock in, similar to how companies push their gift cards, etc … because that money is only good in one place. You just have to make sure not to spend too much beyond your means because every dollar you create this way adds to inflation a little bit. So if you create too much then inflation gets out of hand and you end up with hyperinflation and now every one of your citizens wants to get rid of your money because they’ll lose too much before they can give it back.

If it was a certificate issue I’d expect youd just get an error from your browser saying the cert is invalid or expired.

If I had to guess though you’re running into a nat reflection issue: https://nordvpn.com/cybersecurity/glossary/nat-loopback/

Read up on that. But you may need to provide different DNS entries if you’re inside or outside your LAN or add a NAT hairpin rule to your router. But this is only applicable if you’re exposing the same service to the WWW.

Some other things to try though:

• Have you tried just pinging the address? Is the DNS resolution returning the address you expect?
• Whats in your nginx logs? Do you see anything when you try and connect?
• Within your nginx container can you ping your service directly? Is something blocking nginx from accessing the site?

I’ve tried commenting out the ports in the compose file, which should make them only available on the internal network, I thought. But when I do that, the containers can no longer connect to each other.

Did you create an explicit network for them to talk on? Otherwise the default docker network doesn’t support internal DNS queries.

https://docs.docker.com/engine/network/#container-networks

Specifically you need a network using the bridge driver: https://docs.docker.com/engine/network/drivers/bridge/

Can you share the Home Assistant automation / setup that you have for Uptime Kuma notifications? As I’m in the same boat as you. I just got a webhook setup but I’m getting flooded with notifications, especially after services update.

My hope is I just want to be notified when a particular service is down for say 5 minutes but all I care about is knowing the node name. I don’t necessarily care to get notified if the service comes back up.

It’s worse than that. As the other comment said, it’s the consumer who pays the tarrif but let’s assume today:

• China can produce a battery for $4
• Twian does the same for $3.90
• USA can only make one for $5

Let’s then assume that for all 3 countries 25% of the cost is the raw Nickel that goes into the battery. Let’s also assume that it’s a flat 20% tariffs across the board.

Now your prices become:

• China – $4.80
• Twian – $4.68
• USA – $5.25

Increase it to a 60% tariff:

• China – $6.40
• Twian – $6.24
• USA – $5.75

So no matter what, prices go up even for the US manufacturer as they still have to import raw materials. The tariffs end up making local manufacturing more competitive with overseas at the cost of the consumer. As consumers just saw the price of batteries go from $4.00 to $5.75, a whopping 43% increase. Yay inflation!

The original idea behind tarrifs are just that… To give local businesses a competitive advantage while they catch up to overseas products. Once the US company is established you can then drop the tariff as they no longer need help while they ramp up manufacturing.

So maybe the US manufacturer costs might go down, if they’re able to make more at scale, but they still have to beat the automatic 75c increase because of their own imports. And all of that is still assuming that the tariff is large enough to make the US company the cheapest option. Otherwise it may end up backfiring and cause less sales as consumers end up not paying the increased costs. As you can see above with only a 20% tariff.

Yes it would. In my case though I know all of the users that should have remote access snd I’m more concerned about unauthorized access than ease of use.

If I wanted to host a website for the general public to use though, I’d buy a VPS and host it there. Then use SSH with private key authentication for remote management. This way, again, if someone hacks that server they can’t get access to my home lan.

Their setup sounds similar to mine. But no, only a single service is exposed to the internet: wireguard.

The idea is that you can have any number of servers running on your lan, etc… but in order to access them remotely you first need to VPN into your home network. This way the only thing you need to worry about security wise is wireguard. If there’s a security hole / vulnerability in one of the services you’re running on your network or in nginx, etc… attackers would still need to get past wireguard first before they could access your network.

But here is exactly what I’ve done:

1. Bought a domain so that I don’t have to remember my IP address.
2. Setup DDNS so that the A record for my domain always points to my home ip.
3. Run a wireguard server on my lan.
4. Port forwarded the wireguard port to the wireguard server.
5. Created client configs for all remote devices that should have access to my lan.

Now I can just turn on my phone’s VPN whenever I need to access any one of the services that would normally only be accessible from home.

P.s. there’s additional steps I did to ensure that the masquerade of the VPN was disabled, that all VPN clients use my pihole, and that I can still get decent internet speeds while on the VPN. But that’s slightly beyond the original ask here.

A couple of options in my opinion, as I just did this myself:

You can use the CLI tool to “upload” them. You can even do this from the server itself. So upload times would be as fast as your network card can process or however fast your server is, whichever is slower. It does require that you create an API key for the user in question though.

Otherwise you can create an external library and link that to your account. Now Immich will still index this library but it won’t move or manage the actual files. I’m not sure though if it looks at those files for duplicates (i.e. if you try and upload the same photo from your phone to the server). This external library will also prevent deleting photos as well, FYI.

There might be other options that I’m not aware of, as I’ve only been using Immich for about a month now.

Edit: link to the CLI documentation: https://immich.app/docs/features/command-line-interface/

Heads up your copied post just went to the same community, so it looks like you have duplicate postings.

https://github.com/LemmyNet/lemmy/blob/d909f3455ddb89d45f35c78c4ce96bd0896469b1/crates/api_common/src/utils.rs#L302

If the honeypot is set the request is simply discarded.

FYI: https://en.m.wikipedia.org/wiki/Honeypot_(computing)

But there should also be a separate endpoint to get an auth token. (I don’t remember it off the top of my head). Then your bot should store that somewhere and send it as the auth parameter in every request.

Fair enough. Sometimes you can’t help but go down these rabbit holes though.

How do you account for the duplicate Riker in TNG? Who’s the real one and where did the extra matter come from then to assemble William vs Tom?

(It’s been a long time since I’ve seen that episode so I don’t remember if they covered that but on-screen)

A similar question could be raised for the Rascals episode…

You can always try constructing the URL manually. I know this sucks, but it might be a workaround.

https://lemmy.ml/c/songaweek@lemmy.world

Long story short you just have to go to lemmy.ml and then add /c/ followed by the community name @ the instance it belongs to.

That looks like 8.8.8.8 actually responded. The ::1 is ipv6’s localhost which seems odd. As for the wong ipv4 I’m not sure.

I normally see something like requested 8.8.8.8 but 1.2.3.4 responded if the router was forcing traffic to their DNS servers.

You can also specify the DNS server to use when using nslookup like: nslookup www.google.com 1.1.1.1. And you can see if you get and different answers from there. But what you posted doesn’t seem out of the ordinary other than the ::1.

Edit just for shits and giggles also try nslookup xx.xx.xx.xx where xx.xx… is the wrong up from the other side of the world and see what domain it returns.

Another thing that can be happening is that the router or firewall is redirecting all port 53 traffic to their internal DNS servers. (I do the same thing at home to prevent certain devices from ignoring my router’s DNS settings cough Android cough)

One way you can check for this is to run “nslookup some.domain” from a terminal and see where the response comes from.

Cloudflare? Namecheap?

Not sure exactly what features you’re after but the vast majority of them support what you mentioned above.

Not that I’m aware of. I already opened a request on the backend to have an API to provide a since= property. But ultimately found a workaround for my needs (not applicable here).

Ya, I’ve got a few public services out there and I would love for a better way to manage them. But the fewer ports I open the better. I think there’s also portainer edge agent that’s more secure for prod environments, but I’ve yet to look into it much.