So the workaround is running the SFTP process as root?
Why not run the SFTP server as a docker container as well (e.g. with https://hub.docker.com/r/atmoz/sftp/ )? You can mount the same volume in the SFTP container, and have it listen on some random port. Just make sure to configure the SFTP container to use the same uid:gid as the one used in the syncthing container to avoid file permission issues.
The easiest setup I tried so far is to simply put your docker container's volume on an external path, e.g. /mnt/hdd1/some-directory, instead of putting it in the standard docker location (/var/lib/docker/volume). You'll have full control over ACL on those custom paths.
I was excited for nothing...
Not sure if it's related, but my youtube revanced installation was also not working. I had to repatch again using the most recent patch.
Maybe Manjaro should delay update even longer to make it extra secure /s
If you're using xz version 5.6.0 or 5.6.1, please upgrade asap, especially if you're using a rolling-release distro like Arch or its derivatives. Arch has rolled out the patched version a few hours ago.
I always thought ubuntu logo is three kids holding each other hands, not three buff dudes hugging each other.
If you can't find anything, you can still use the web version of audacity with Firefox: https://wavacity.com/
US: "You should watch your border, Russia is about to invade"
Ukraine: "Pfft, yeah, riight..."
Later...
US: "You should be careful, ISIS is about to let loose in Moscow"
Russia: "Pfft, yeah, riight..."
Keycloak seems complicated, but it's actually not that complicated if you use it for simple OIDC provider.
Just create a new realm, then go to client -> create. Enter your client-id, with openid-connect as protocol. Then, set access type to "confidential", set valid redirect uri to "https://" (or even "https://*" if you're lazy and want to use it on multiple apps). Then hit save and go to the credential tab to copy your client secret. Then head to "users" menu to start adding users to your realm.
That's the basic setup which should be good for home use. The good thing about keycloak is, as you grow your homelab, whatever stuff you may need later can be provided by keycloak. Want some users to have access to app A, but not app B? 2 factor auth? Allow users to login with google account? Heck, allow users to login with another sso provider (chaining)? You can do pretty much anything.
When that happened, Microsoft can fix their reputation again by buying more popular open source companies again. Nothing money can't fix. Maybe they'll buy Canonical next.
In that case, perhaps replacing
-o sftp_server="/usr/bin/sudo /usr/lib/openssh/sftp-server"with-o sftp_server="/usr/bin/sudo -u <syncthing_user> /usr/lib/openssh/sftp-server"is a good compromise?