After a few “Delete junk” commits, “Broken”, “PATCH: Hope this fixes it”, and “Basic Reverse-Proxy”, it’s now at version 1.0.1-alpha.1.
Don’t know what they did to Git. But their “minor commit” touches almost the entire code in their repo. Rest of it (and the general confusion and the edgy commit messages) look to me like something done by OpenClaw.

100% wouldn’t use it.

I think the Tiers work the other way around. But I keep forgetting how DNS and recursive lookup works and I might be wrong.
I don’t think you’re supposed to query Tier 1 servers as a client. The Tier 2 servers would be what people connect to and who do the heavy lifting. The Tier 1 just do the root, authoritative stuff and their custom TLDs for the following network. So we’re not worried about where those are located.

Isn’t it a global effort? According to what I see, they list a bunch of servers in all Europe, USA, Canada, Australia, …Japan?!

I did one DNS query and it took 22 msec with the nearest OpenNIC server and 24 msec with Cloudflare’s 1.1.1.1
So dunno… roughly same responsiveness? Maybe OpenNIC is a tad faster? For a proper answer we’d need to do more measurements, though. And with OpenNIC you definitely need to pick a good server, not just any random one. They’ll have different locations, different policies and they’re in widely different datacenters.

Even if you control your router/modem, they still control the other end, it connects to. And some more infrastructure along the path. So i think it depends a bit where you’re going with this. If you’re worried about them doing packet inspection, or logging IP numbers you connect to, I don’t think there’s a big difference. They could do it anywhere. And they’ll likely do it in some datacenter.

A router interfaces with your local network, though. So in theory a router can be used to connect to your internal devices and computers and maybe you have an open network share without password protection or something like that. But we’re talking violating your constitutional rights here. It’s highly illegal in most jurisdictions to enter your home and go through your stuff.

I’ll buy my own router because I can then configure it to my liking. And my ISP charges way too much for renting one. And what I also do is not use my ISP’s DNS service. That’d just send every domain name I open to their logfiles. Instead I use one from OpenNIC

What I do is use externed_openai_conversation from the HACS to hook into my LLM’s OpenAI-compatible API endpoint. That one makes it available via the regular Voice Assistant stuff within Home Assistant.

Not sure what’s happening here. The Ollama page says it doesn’t have all functionality, for example it doesn’t have sentence triggers? And weather forecast is a bit of a weird one in Home Assistant. That’s not an entity (unless you configure one manually) but a service call to fetch the forecast. Maybe your AI just doesn’t have the forecast available, just the current condition and maybe current temperature. Everything else must be specifically requested with a deliberate “weather.get_forecast” call. Maybe that service call and the specific processing is in the official Assistant, but not in the Ollama integration?

deleted by creator

Thanks for the link! As a short aside for the other people here: Try not to spam developers. That usually achieves the opposite and makes them miserable, when we want them to not burn out, and write good software for us. A thumbs-up emoji is the correct reaction for the average person. Or for the pros - a code-review highlighting specific issues within the code.

Uh. I’d really prefer if people experimented with new technology a bit more cautiously and not directly jump to “the biggest release […] ever done”.

I feel Anti-DDOS and Cloudflare as a web application firewall has traditionally been a lot of snake-oil as well. Sure there’s applications for it. Especially for the paid plans with all the enterprise functions. And all the way at the other end of the spectrum, where it serves as a means to circumvent NAT and replace DynDNS. But there’s a lot in-between where I (personally) don’t think it’s needed in any way. Especially before AI.

From my own experience, personal blogs, websites of your local club, church, random smaller projects, small businesses… rarely need professional DDoS protection. I’ve been fine hotsing it myself for decades now. And I’m not sure if people know what they’re paying with. I mean everytime we get a Cloudflare hiccup (or AWS…) we can see how the internet has become very centralised. Half of it just goes down for an hour or so, because we all rely on the same few, big tech services. And if you’re terminating SSL there, or use it to look inside of the packets to prevent attacks, you’re giving away all information about you and your audience/customers. They don’t just get all metadata, but also read all the transferred content/data.

It all changed a bit with the AI crawlers. We definitely need countermeasures these days. I’m still fine without Anubis or Cloudflare. I block their IP ranges and that seems to do most of the job. I think we need to pay a bit more attention to what’s really happening. Which tools we have, instead of always going with the market leader with the biggest marketing budget. Which problems we’re faced with in the first place and what tools are effective. I don’t think there’s a one size fits all solution. And you can’t just roll out random things without analyzing the situation properly. Maybe the correct answer is Cloudflare, but there’s also other way less intrusive and very effective means available. And maybe you’re not even the target of script kiddies or annoyed users. And maybe your your convoluted Wordpress setup isn’t even safe with the standard web application firewall in front.

Anubis is an entirely different story. It’s okay concerning privacy and centralisation. It doesn’t come without downsides, though. I personally hate if that thing pops up instead of the page I requested. I don’t like how JavaScript is mandatory now to do anything on the web. And certain kinds of crawler protection contribute to the situation how we can’t google anything anymore. With all the people locking down everything and constructing walled gardens, the internet becomes way less useful and almost impossible to navigate. That’s all direct consequences of how we decide to do things.

Hmmh. I’m not entirely satisfied with any of them. Crowdsec is a bit too complex and involved for my taste. And oftentimes there’s no good application config floating around on the internet, neither do I get any sane defaults from my Linux distribution. Whereas fail2ban is old and eats up way too much resources for what it’s doing. And all of it is a bit too error-prone(?) As far as I remember I had several instances when I thought I had set it up correctly, but it didn’t match anything. Or it was looking for some logfile per default but my program wrote to the SystemD journal. So nowadays, I’ll double-check everything. I wish programs like sshd and webapps came with that kind of security built in in some foolproof way.

For remote management, I just enable SSH, configure it to run on some non-standard port and enable Fail2ban… Make sure I use certificates or secure passwords and also check if fail2ban is actually doing its job. Never had any issues with that setup.

For the services I’ll either use a reverse proxy, plus configure the applications not to allow infinite login attempts, or Wireguard / a VPN.

Continuwuity. I’m using it. And contrary to other projects, it’s a community effort. So I have my hopes up it’ll last and not depend on any singular person.

And I wouldn’t recommend Conduit or Conduwuit. Conduit development is very slow, that’s why we got the forks in the first place. And Conduwuit is discontinued, so it wouldn’t be wise choice at all. So you’re left with 2 choices, Tuwunel and Continuwuity. One is a one-man show and they’re calling it the “official” successor. The other one is a community project… They both work fine.

I follow a similar strategy. I back up my important stuff. And I’m gonna have to re-rip my DVD collection and redownload the Linux ISOs in the unlikely case the RAID falls apart. That massively cuts down on the amount of storage needed.

Good question! That’s exactly one of the major issues with biometric authentication. And there’s no way around it. You need a second factor. Configure your phone so it only unlocks if you also input something you know. Like a password or pin.

Yeah, they often get quite warm. Some day I’ll be in the same situation as OP. And I can’t wait to throw out that supid modem. No clue, though what kind of SFP the fiber provider requires. I mean there’s quite a selection available…

Maybe correct? Though my cable modem gobbles down some 15W… Without even doing the Wifi… So, I bet this isn’t a universal truth, as a Mini-PC will comsume less and provide all kinds of extra services, networking, NAS…

You should have all kinds of options on Lemmy… You can edit a post and change it to whatever you like. Or delete it and optionally post a new one…

Just delete the post if it’s a mess-up.

Livekit can be used to build voice assistants. But it’s more a framework to build an agent yourself, not a ready-made solution.