I’d seen gluetun mentioned but didn’t know what it was for until a moment ago.
I’ve heard of tailscale and at least know what that does but never used it.
I personally have a mullvad subscription. I have a container connected to that with wireguard, and then for services I want to use that VPN I just configure them to use the network stack from that container.
I’m not suggesting that my way is the best but it’s worked well for several years now.
Sorry I’m still not really sure what you’re asking for.
I use Open Web UI, which is the worst name ever, but it’s a web ui for interacting with chat format gen AI models.
You can install that locally and point it at any of the models hosted remotely by an inference provider.
So you host the UI but someone else is doing the GPU intensive “inference”.
There seems to be some models for t his task available on huggingface like this one:
https://huggingface.co/fakespot-ai/roberta-base-ai-text-detection-v1
The difficulty may be finding a model which is hosted by an inference provider. Most of the models available on huggingface are just the binary model which you can download and run locally. The popular ones are hosted by inference providers so you can just point a query at their API and get a response.
As an aside, it’s possible or likely that you know more about how Gen AI works than I do, but I think this type of “probability table for the next token” is from the earlier generations. Or, this type of probability inference might be a foundational concept, but there’s a lot more sophistication layered on top now. I genuinely don’t know. I’m super interested in these technologies but there’s a lot to learn.
There are no decent GPT-detection tools.
If there were they would be locally hosted language models, and you’d need a reasonable GPU.
Sorry I don’t really understand what your argument actually is.
Since the dawn of writing, legislators (kings / politicians) have laid down the rules. Regulators (police, tax office) have enforced the rules. And courts decide whether the rules have actually been broken and what the penalties ought to be.
In the vast majority of self assessment situations, it’s very obvious how the law applies to ones situation, there is very little doubt. You just follow the rules and face penalties for breaches.
In those few situations which are unclear, you generally have a range of options:
Finally, most legislation relating to corporate behavior has safe harbor clauses. That is, where someone has acted reasonably, taken reasonable steps, and made a good-faith attempt to interpret and apply the rules correctly, the regulator won’t penalise them even if they’re found to have breached the rules.
That is to say penalties are usually only applied where there’s a breach, and there’s no scope to argue that it was a reasonable error.
This is a fair and transparent structure with which to ensure the rules are applied fairly to everyone. It’s very robust, tolerant of edge cases, and the most efficient compliance structure we have.
I don’t really know what an alternative would be? If you want a regulator to publish a list of which apps / companies are effected in what way, that’s just nuts. The antithesis of modern democratic economic regulation.
Labor have a vested interest in keeping property prices high as they themselves are all landlords.
This is the dumbest theory that only a child would believe.
Australians have a vested interest in keeping property prices high. Everyone owns property, not just Labor candidates.
No it doesn’t. Our tax system works the same way. It doesn’t lead to overzealous deduction denial because people are worried about getting it wrong.
Its an efficient and transparent approach.
Labor are a party of and for Landlords.
Bullshit.
It was only 8 years ago Labor campaigned on removing capital gains tax discounts which would’ve been a huge kick up the ass for landlords.
They lost that election in spectacular fashion.
This is the right way to make laws and rules.
It’s the same way we do tax - self compliance. You self report but if you’re caught breaking the rules then you face punishments.
If the administration just made a list of who’s effected, it would be perpetually incomplete. This way, everyone is effected.
They can’t just unilaterally decide that your self assessment is “wrong” without explanation. Also their decisions about who is effected are public, and can be relied on by others to self assess.
Are there any restrictions on a FOSS instance? Is there a pay wall?
I’m been trying to stand up a zulip instance. It’s working but I haven’t used it much. I want a feature complete jitsi instance to go with it and that’s only partially implemented right now.
That said, zulip does seem like the best option for me presently.
Haven’t tried revolt.
Mattermost seems to be perpetually entangled but being disentangled from some other suite. Confusing and frustrating.
I haven’t tried rocket chat for 5 years or so. I think last time I read about it people were complaining that the FOSS plan is very limited.
Theres heaps of hosted nextcloud services. Those users wouldn’t know.
Do you really think someone is going to set up a MITM attack for the dozen people who visit this blog?
LOL. On the scale of risky things I’ve done today, visiting this guy’s http website barely rates a mention.
Someone posts about something they’ve learned and the best you can do is dump on them about whatever thing in order to demonstrate to everyone your superior knowledge.
Everyone starts somewhere.
Adding to what everyone else has already said, you want sync and backup.
Sync to a central location and backup from there.
For sync, you want syncthing or nextcloud. I would lean towards syncthing for media. If you had a million files in a complex folder structure and a dozen users with different access requirements and instant sync and collision protection is important then nextcloud might be the go. Otherwise syncthing is much more manageable.
My recommendation with syncthing, which is not obvious, is to set up a single hub which each client syncs with. By default you end up with a mesh where everything is connected to everything. It’s very difficult to manage with a lot of folders and devices. Turn off discovery and input the server / hub details manually.
For backup, if you have a lot of media you want deduplication. If yesterday’s backup included ABC and today’s is ABCD you only want to transfer D. This is similar to an incremental backup, but the subtle difference is that with deduplication the most recent backup is the “full backup” with the “diffs” going backwards in time, allowing you to purge old backups. I like borgmatic but there are others.
I would also consider carefully exactly what is worth backing up on what service. I don’t backup movies and tv series at all.
My final recommendation is, it’s critically important to test deploying your backups regularly.
There’s a use case for this but who knows how big this niche is, and ultimately that’s what will determine success or failure.
I do use nextcloud for my small consultancy team but I dislike it immensely, mostly due to personal preferences.
I think I pretty much just don’t like having one platform that does everything. I want to self host my own cloud, I don’t want to self host a thing that provides a cloud.
Additionally, and this really is just a personal preference, I dislike php projects almost as much as Java.
Primarily I use nextcloud’s file sync. This aspect is IMO extremely well implemented. It seems to work very reliably.
We do use contacts and calendars. If there were good alternatives I would switch to them but sabreDav et al lacks a good UI. I’m aware you can disable this functionality in nextcloud.
Anything else that can potentially be integrated is better hosted separately IMO.
IIRC one of the reasons they discontinued support for android was because the other fork exists.
It’s not really clear exactly what you want.
When you’re at home, and for services running on your home server, it you want everything to go through the remote wireguard server then that’s achievable.
However, if you want to be able to access services running on your home server, while you’re not at home, via that remote wireguard server, that generally requires port forwarding which commercial providers generally don’t offer.
Can you clarify ?
I don’t use tailscale or gluetun. They’re probably good options I just wasn’t aware of them when I was setting up and what I’m doing now has worked great for years.
My home server has 4 containers you’re interested in:
wireguard_out
this is a wireguard instance which is connected to a mullvad server on a paid subscription.
For any containers I want to “use this vpn” I just attach them to this container’s stack. it’s one of the network options in docker. Notably these containers include qbittorrent and squid (below).
Wireguard configurations look unapproachable at first but it’s one of those things where messing around with it for an hour or so will serve you well for a lifetime. There’s not heaps more to learn. LLMs are great at writing wireguard configurations.
squid
This is a http proxy attached to the wireguard_out stack. You didn’t ask about this and may not need it but I’ve found it super useful.
One of the private torrent trackers I use will only let your torrent client connect to the tracker from the same IP address you used to download the torrent file - so when browsing their website you need to use the vpn connection. Using squid makes this really easy.
In firefox (librewolf) I have foxyproxy addon which allows you to specify a proxy to use for specific urls. So when I navigate to mytracker.com firefox automatically routes the connection through squid > wireguard > mullvad on my server.
wireguard_in
This handles my “road warrior” set up so I can access services on my home server while I’m away.
This container has a separate docker network to most of my other containers, in the ip subnet 10.0.2.0/24.
traefik
this is a reverse proxy
it’s on the same network as wireguard_in with the ip address 10.0.2.2
I’ve configured a public dns “A” record *.home.mydomain.com to point to 10.0.2.2, the private ip address.
The configurations I use for the wireguard connections on my phone or other devices only route requests for this subnet through the wireguard connection. so if I’m away from home and my phone requests lemmy.world that goes through the public network, but if I request photon.home.mydomain.com that goes through my vpn. This way you don’t need to turn off / on the wireguard connection.
I use file based configurations for traefik. It can do docker label configurations but they’re just awful IMO. The yaml configurations are much more readable and manageable.
As an aside, you can replicate this structure many times on one host. I have several incoming wireguard networks for different purposes. You configure the traefik container to sit across all the networks, like a spider at the centre of a web.
services: qbittorrent: image: lscr.io/linuxserver/qbittorrent container_name: qbittorrent environment: - PUID=888 - PGID=888 - TZ=Australia/Perth - WEBUI_PORT=8080 volumes: - ./config:/config - /srv/downloads:/downloads restart: unless-stopped network_mode: "container:wg_out"this is my compose.yml for a qbittorrent instance.
the part you’re interested in is the final line. There’s another container with the wireguard instance called “wg_out”. This network mode attaches this qbittorrent container to that wireguard container’s network stack.