cyberwolfie

I want to mirgrate my Nextcloud instance from a VPS to server in my home. I run the Nextcloud AIO Docker container, which uses Borg backup. The backup repo is about ~70 GB.

How would I best go about transferring it? Is using scp a good solution here (in combination with nohup so that I don't have to keep my ssh session active)? Or is there some other best practice way of doing this?

I switched to Linux about 1.5 years ago now when replacing my old Macbook Pro with a Tuxedo Infinity Book. I am super happy with the transition, and for the most part my digital life has severely improved as a result of it. There's one thing in particular though that I haven't fully grasped or understood despite all the talk about it, and that really has mostly caused confusion on my part, and that is Xorg/X11 (I don't know the difference...) vs. Wayland.

I started out with Tuxedo OS 1 and 2 running KDE Plasma 5.x.x, and thus have been on X11 for the most part since switching to Linux. I never dared switching to Wayland myself. However, they somewhat recently started offering optional upgrades to Tuxedo OS 3 running KDE Plasma 6 where Wayland is the default, and I took the plunge. The only real difference I noticed was small annoyances that I had to fix. Glitching windows running on XWayland and having to configure some .desktop-files to force apps to launch natively in Wayland. Apps not showing the correct desktop icons but the generic Wayland logo instead, making Alt+Tabbing a bit more difficult because it is harder to tell applications apart. Annoying smooth scrolling (I don't want scrolling to have as much friction as polished ice) activated in all kinds of applications that I seem to have to turn off individually. Nothing breaking (though I haven't dared booting with my Nvidia dGPU yet in fear of breaking something irreversibly...), but I haven't noticed any improvements either, and I find it a bit frustrating not knowing where to make the necessary changes and always having to search for it seemingly on a case by case basis.

Now for instance I was updating FreeTube to a new version, and the flags I previously added to the ́.desktop'-file suddenly doesn't work anymore (--enable-features=UseOzonePlatform,WaylandWindowDecorations --ozone-platform-hint=auto). The application won't launch unless I remove them, but then it launches under XWayland instead. Not that I have any issues so far running it like that, but I guess I would prefer to run everything natively in Wayland if I can.

I have previously written a lot of code that is hosted on a public repo on GitHub, but it never had a license. It was written as part of my work while working for a non-commercial academic entity, and I would like to add a license before the link to the repo will be included in something that will be made public, potentially attracting one or two visitors.

This leaves me with a couple of questions:

1. Can I just add a license after the fact and it will be valid for all prior work?
2. Do I have to make sure the license is included in all branches of the repo, or does this not matter? There are for instance a couple of branches that are used to freeze the state of code at a certain time for reproducibility's sake (I know this could be solved in a better way, but that's how it is).
3. I have myself reused some of the code in my current work for a commercial entity (internal analysis work, only distributed within the organization). Should this influence the type of license I choose? I am considering a GPL-license, but should I go with (what I believe to be) a more permissive license like MIT because of this?

I am trying to set up KDE Connect between a machine running Linux Mint and my Android-device. It does not show up, and it turns out I don't receive any response if I ping it, and I have the same issue trying to ping the machine from my Android device (from Termux). I've tried two different Android devices, but no luck.

This is not an issue with two other machines I have. Both have KDE Connect setup and I can ping the phone just fine, and I can also ping from the phone. They're all connected to the same VLAN. I can also ping from this machine to the other machines. ufw is disabled.

What could be the issue here?

EDIT: Connection established suddenly after installing and running iptraf.

I have a Python-package that calls Inkscape as part of a conversion process. I have it installed, but through Flatpak. This means that calling inkscape does not work in the terminal, but rather flatpak run org.inkscape.Inkscape. I need the package to be able to call it as inkscape.

What is the best way to go about this?

I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would've thought that it would be reflected in /var/log/auth.log. Instead, it shows up as failed password entry. Is this intended?

What I've done is to uncomment the PermitRootLogin no line in /etc/ssh/sshd_config. Rest of the config file is left at default.

Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?

This is not strictly a Linux-issue as I reproduce this issue under Windows 10 as well (but can not reproduce under Android or macOS), but I will be using Linux for any troubleshooting and I wasn't sure where else to post this.

I have a pair of Sony WH1000MX5 that acts like an expensive piece of garbage so far. I will eventually (usually within 2-10 minutes usually) hear crackling noises when using the headset via Bluetooth in high-fidelity mode on my Linux machine (and as mentioned above, this is reproduced on two other machines running Windows 10). The crackling noises are there regardless of whether active noise canceling is active or not. It is not constant, but it is enough to significantly reduce the listening experience, especially for tracks where not too much is going on, such as quiet piano pieces.

On my Linux machine, I can choose between three codecs: SBC, SBC-XQ and LDAC. It tends to be less pronounced using the LDAC codec over SBC (right now I've had a longer period with no issue). SBC-XQ also seems better. However, I have experienced it for all choices of codecs before. Also, under Windows (which I must use for work), this does not seem to be a choice at all. But I wonder if the problem lies here? I don't know much about Bluetooth codecs.

Ideally, as in addition to these issues, they are not very comfortable, I would like to return them and get a refund (should be possible under local laws), but I am having some issues with the retailer claiming they can't find anything wrong with them after two trips to a repair shop. The first time they factory reset it and updated the firmware, the second time they did nothing. I don't think local Sony support will be of much help, and the local laws relate to to the buyer/seller contract, so for the refund or repair they will anyway refer me to the retailer.

So I am trying to get a better understanding of the issue before pursuing this further, and if I fail to get a refund, I would like to fix the issue if possible. So if anyone is familiar with this and could help point me in the right directions to fix these issues, I would be very grateful.

I am running Pop_OS! and want to set up an old WiiMote I have lying around as a mouse. I have a USB-sensor bar, and I don't have any issues connecting the remote to the computer, and the inputs seems to register just fine when running xwiishow 1 after the remote is connected. I am also able to use it perfectly fine as a WiiMote in the Dolphin emulator.

Now, I want it to function as a mouse, and being a fairly new Linux user, this is where I get confused. I am not entirely sure what I need to have happen in order to make this work, but I realize there must be some translation of the IR-sensor data and some way for Pop_OS! to understand that this should be a mouse.

When searching for it, a lot of different names are thrown around, so I am not entirely sure what I should be looking for. However, from the ArchWiki (https://wiki.archlinux.org/title/Wiimote) it seems I have three choices:

1. MoltenGamepad (https://github.com/jgeumlek/MoltenGamepad), but this seems to only handle button presses? This is also something I would like, i.e. mapping buttons to Pause/Play media. But it is not the only thing I want, and mouse movement + clicks is higher in priority.

2. An X11 input driver - this I have tried to install according to the instructions on their GitHub-page (https://github.com/xwiimote/xf86-input-xwiimote), but failed to do so. The last commit to this project was back in 2014. The ArchWiki states:

"xf86-input-xwiimote has support for mouse-emulation via IR using the Option "MotionSource" "ir""

... which is what I want, but then also directly underneath:

"There is currently no user-space application that enables mouse-emulation with the IR-sensor. If you need that, you should consider using the no longer supported cwiid approach. However, the xwiimote tools are under heavy development and will soon support IR mouse-emulation, too. "

... which confuses me.

3. cwiid is also listed as an approach on the ArchWiki, but they also say that it should not be used since it is discontinued.

I'm sure the main issue here is a knowledge gap on my part, so if there is a solution that seems obvious to any of you, I would greatly appreciate the help in both getting this to work and in understanding my system better.

For some time now I have been trying to clean up my digital footprint by requesting deletion of accounts and associated data for unused accounts, and being critical about which accounts I actually benefit from keeping. This turned out to be far more time consuming than I imagined beforehand.

I've been using a password manager for about a decade, so I have a fairly good overview of a lot of the accounts I've opened over the years. However, while privacy has always been important to me, I was more concerned with increasing governmental surveillance rather than corporate surveillance for many years. So over the years I've signed up uncritically to a large number of services. Most of these do not have much data about me, but my username has generally been reused, along with e-mail and sometimes phone number and other more sensitive data. This of course doesn't take into account all those minor services I've signed up for with e-mail + reused password. I have no control over those...

Now GDPR thankfully makes the job of cleaning up the accounts I do have control over a lot easier, because I doubt many of these services would even let me delete my account if not for it. However, it does not regulate enough how easy this process should be, and there are so many different ways companies implement this. From extremely convenient and easy ways of exporting all data and deleting the account, such as implemented by Strava (kudos to these companies!), to the worst offender of them all: British Airways... Until recently you would have to send an actual letter to their data protection offer with a copy of your passport (yeah right...). Sometime this year they've changed this, so now you just have to upload a picture of a letter to their document's portal, but since that is borked, I can't even access it to complete the deletion request. Apple also rejected my deletion request for an unknown reason, and I had to spend 45 minutes on the phone with them to understand that a cancelled, but still active subscription (a 1-year subscription that had not expired yet) from the app store, was blocking the deletion. Most are in between these two extremes, and either require that I actively follow up that I get a reply when I send an e-mail to their data protection officer with my request, or have processes that take up to a month to complete.

Of course, cleaning up 10-15 years of uncritical online presence would take a long time anyway, but companies making it hard on purpose to delete your account and data is infuriating, and a testament to a status quo that should burn in hell.

On the plus side: I no longer have accounts with Microsoft and Twitter, accounts with Apple and Amazon should soon be closed. My goal is to have completely phased out Meta and Google by the end of this year, although the communication lock-in of Meta and the fact that my primary e-mail was Gmail for 15 years (I've switched two years ago to Proton), makes these transitions a bit more difficult.

If nothing else, this process has made me very conscious about platform lock-in and the "joys" of ecosystems...

I've been self-hosting Nextcloud for sometime on Linode. At some point in the not too distant future, I plan on hosting it locally on a server in my home as I would like to save on the money I spend on hosting. I find the use of Nextcloud to suit my needs perfectly, and would like to continue using the service.

However, I am not so knowledgeable when it comes to security, and I'm not too sure whether I have done sufficient to secure my instance against potential attacks, and what additional things I should consider when moving the hosting from a VPS to my own server. So that's where I am hoping from some input from this community. Wherever it shines through that I have no idea what I'm talking about, please let me know. I have no reason to believe that I am being specifically targeted, but I do store sensitive things there that could potentially compromise my security elsewhere.

Here is the basic gist of my setup:

• My Linode account has a strong password (>20 characters, randomly generated) and I have 2FA enabled. It required security questions to set up 2FA, but the answers are all random answers that has no relation to the question themselves.
• I've disabled ssh login for root. I have instead a new user that is in the sudo usergroup with a custom name. This is also protected by a different, strong password. I imagine this makes automated brute-force attacks a lot more difficult.
• I have set up fail2ban for sshd. Default settings.
• I update the system at the latest bi-weekly.
• Nextcloud is installed with the AIO Docker container. It gets a security rating A from the Nextcloud scan, and fails on not being on the latest patch level as these are released slower for the AIO container. However, updates for the container is applied automatically, and maintaining the container is a breeze (except for a couple of problems I had early on).
• I have server-side encryption enabled. Not client-side as my impression is that the module is not working properly.
• I have daily backups with borg. These are encrypted.
• Images of the server are also daily backed up on Linode.
• It is served by an Apache web server that is exposed to outside traffic with HTTPS with DNS records handled by Cloudflare.
• I would've wanted to use a reverse proxy, but I did not figure out how to use it together with the Apache server. I have previously set up Nginx Reverse Proxy on a test server, but then I used a regular Docker image for Nextcloud, and not the AIO.
• I don't use the server to host anything else.