gurapoku

joined 1 year ago
[–] [email protected] 1 points 5 months ago* (last edited 5 months ago) (3 children)

Yes, hosting the site seems much safer (at least in theory) since I am proxying it through cloudflare and I am planning on putting ngynx too on top of that this afternoon

(And signup is disabled, so hopefully only trusted users can access it)

[–] [email protected] 2 points 5 months ago (2 children)

A good suggestion, but it would still be hasslesome to setup. Plus, my friend would have to connect to the vpn whenever he wants to push/pull the repo

[–] [email protected] 1 points 5 months ago (5 children)

Yes, or else I wouldn't have access to the web interface haha

[–] [email protected] 1 points 5 months ago

I'd rather not say which router I have since it would reveal quite a bit of information about me. However, I do know that the connections that my router allows are tcp and udp

[–] [email protected] 2 points 5 months ago

That's also a possibility, yes. Probably what I should do, taking the rest of the answers into account

[–] [email protected] 1 points 5 months ago (2 children)

I see, only allowing established traffic to connect sounds like something that could work. But I don't know how I can do this, do you have some pointers :)?

Blocking outgoing traffic and having to whitelist forgejo seems a bit extreme though

[–] [email protected] 4 points 5 months ago* (last edited 5 months ago)

The reason why I am asking this question is because I think that the ssh port I am opening only has access to my repos (which means that even if I somehow get hacked the damage is minimal) and it doesn't accept any keys aside from mine and my friend's, which we set up through the web interface :).

I have wireguard setup and I'd also thought about sharing a tunnel with my friend, but it seemed much more hasslesome than simply opening the port, not to mention the fact that if anyone wanted to join too I'd have to do that again.

It is exactly because I am afraid of getting fucked that I am asking this and being careful. For now, my idea is to only open the port when someone is about to use it, since I am not absolutely sure that it won't somehow accept a request from a person with less than noble intentions. (either that, either simply use tokens)

Reverse proxying was also my intention at first, but I just couldn't get it to work with cloudflare for some reason!

Thanks for the insight!

[–] [email protected] 2 points 5 months ago* (last edited 5 months ago) (3 children)

I am still very much a noob to self-hosting, but I am not the one managing this ssh port, forgero is. Is there not any difference between the two? I think you can only access the forgejo ssh if you have a matching private key for one of the user's public keys...

(And although it surprised me too, I couldn't find information about the safety of specifically this online)

 

Hello all! Yesterday I started hosting forgejo, and in order to clone repos outside my home network through ssh://, I seem to need to open a port for it in my router. Is that safe to do? I can't use a vpn because I am sharing this with a friend. Here's a sample docker compose file:

version: "3"

networks:
  forgejo:
    external: false

services:
  server:
    image: codeberg.org/forgejo/forgejo:7
    container_name: forgejo
    environment:
      - USER_UID=1000
      - USER_GID=1000
      - FORGEJO__database__DB_TYPE=postgres
      - FORGEJO__database__HOST=db:5432
      - FORGEJO__database__NAME=forgejo
      - FORGEJO__database__USER=forgejo
      - FORGEJO__database__PASSWD=forgejo
    restart: always
    networks:
      - forgejo
    volumes:
      - ./forgejo:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      - "3000:3000"
      - "222:22" # <- port 222 is the one I'd open, in this case
    depends_on:
      - db

  db:
    image: postgres:14
    restart: always
    environment:
      - POSTGRES_USER=forgejo
      - POSTGRES_PASSWORD=forgejo
      - POSTGRES_DB=forgejo
    networks:
      - forgejo
    volumes:
      - ./postgres:/var/lib/postgresql/data

And to clone I'd do

git clone ssh://git@<my router ip>:<the port I opened, in this case 222>/path/to/repo

Is that safe?

EDIT: Thank you for your answers. I have come to the conclusion that, regardless of whether it is safe, it doesn't make sense to increase the attack surface when I can just use https and tokens, so that's what I am going to do.

1
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
 

Notes

  • Please note that this workflow is not meant for anyone but me to use. I will provide a guide on how to replicate it, but this is more of a "read because it's interesting post" rather than "read because it'll make you more productive post". Nevertheless, I'd love it if you learned something from this mess and used it in your own setup!

  • Most shortcuts here appear with WIN (windows key). For KDE, this key is META

Preface

Hey all!

I am a single tasker. The opposite of what you call a multi-tasker. It is very hard for me to concentrate in 2 tasks at the same time, and even harder for me to change my focus from one thing to another.

Briefly, I am the type of person who only ever has a few browser tabs open at the same time.

I've been thinking about publishing something for a while, since I had yet to contribute with content to lemmy. Thus, I decided I'll explain the setup I came up with to be able to use multiple windows at the same time without getting stressed out!

If you only care about the setup itself, you can skip to the setup chapter.

I'll go explain how to do replicate my setup in kde, but the same should be possible in most other DEs

Thanks for reading!

What I wanted to achieve

Whenever I want to do something, I want it to be:

  • Effortless -> I want to be able to do something without thinking about it
  • Muscle-memory driven -> Whenever I do something (e.g. press a shortcut), the outcome should be the same, allowing me to easily build muscle memory
  • In as few steps as possible -> The more steps, the more likely I am going to lose concentration on whatever I am doing
  • Instantaneous -> Few animations and/or performance heavy tasks

Stuff I really wanted to get rid off

Alt+tab

Alt+tab is the bane of my existence. It is nigh impossible for me to use this shortcut without getting extremely stressed. Looking and processing each window I have open in order to select it would oftentimes make me forget which window I wanted to open, and what I was doing entirely, so most of the times I'd just press and pray. I can't tell you how many times I had wanted to do something like this:

  • pressed alt tab -> didn't change to the window I wanted
  • pressed alt tab again -> back to the first window
  • pressed alt tab x2 -> Wrong window too
  • pressed alt tab x3 -> correct

(I got extremely annoyed and failed a few times just by testing this, that's how bad this shortcut is for me)

This took 5 steps! And in those 5 steps I had to process which window I changed to, and then process whether they were the ones I wanted. It's terrible, and it gets exponencially more terrible with more windows open!

Setup Explanation

This is simply an overview of what I do. How to do this is explained below.

Window management

A shortcut for each category

So the thing I wanted to get rid off the most was alt+tab. But how is one meant to get rid of one of the most used shortcuts?

There's at least one simple answer: Virtual Desktops! (These are usually called "Workspaces" however, KDE calls them Virtual Desktops for some reason so that's what I am going to call them)

Put simply, Virtual Desktops are a group of windows. It's easy to picture if you think of it as something that automatically minimizes windows for you.

Let's say you have opened 2 windows in Virtual Desktop 1. If you change Virtual Desktop to 2, those windows will be automatically minimized. You can then do whatever you want in Virtual Desktop 2, and when you come back to Virtual Desktop 1: Ta-da! The windows you had opened there are exactly as you left them. Cool, isn't it?

Right now, I have 9 workspaces for different purposes.

  1. Browser -> I leave firefox open here
  2. Discord -> I leave discord open here
  3. Terminal -> I leave kitty (my terminal) open here
  4. Gaming -> I play videogames here
  5. Depends on whether I am working or gaming. Usually used for TeamSpeak.
  6. Emacs -> I leave emacs open here
  7. Wild card
  8. Music -> I leave Spotify or whatever music service I am using open here
  9. Wild card

Whenever I press Win+num, I go to num workspace.

But there's one slightly annoying issue: The numbers on the keyboard are hard to reach. Try to type win+9. Hard, isn't it?

To fix this, meet the:

Virtual Desktop grid

Have you ever heard of a desktop grid?! NO??? Well, it's amazing. Mine is 3x3 (That's why I have 9 workspaces).

Since we have the amazing Win+num shortcut, this is a little unnecessary, but I personally rarely use those.

I always use ctrl+win+arrowkey to travel! Let me draw it for you:

[Sketch of my workspace grid][https://imgur.com/a/wWY70st]

And since I always know where I am in that grid, I can move to any adjacent workspace with a shortcut:

  • ctrl+win+up -> Go one desktop up
  • ctrl+win+down -> Go one desktop down
  • ctrl+win+left -> Go one desktop left
  • ctrl+win+right -> Go one desktop right

GREEAAT!!! One issue though, we still need to be able to change window's assigned Virtual Desktop.

  • ctrl+win+shift+up -> Move window one desktop up
  • ctrl+win+shift+down -> Move window one desktop down
  • ctrl+win+shift+left -> Move window one desktop left
  • ctrl+win+shift+right -> Move window one desktop right

Perfect.

...Or not. Let's say I am in desktop 1 and I want to change to desktop 9.

Damn. Seems like I'll need to click "ctrl+win+down ctrl+win+down ctrl+win+right ctrl+win+right", and while that does indeed work, it completely defeats the point of trying to do everything in as few steps as possible.

And this is where I introduce perhaps the most alienating part of my workflow:

Wrap around Virtual Desktops.

yes.

This will be tough to explain in a concise way.

Pros:

  • This allows me to reach any desktop with a single shortcut, regardless of how far they are.

Cons:

  • It is extremely confusing

For instance, let's pretend I am in the deskop 1.

Since the Virtual Desktops wrap around, this is how it looks like.

[Sketch of wrap around Virtual Desktops with Firefox one in the middle][https://imgur.com/a/sM1P6W7]

Yeah, I know. Hard to wrap your head around it if you know what I mean.

Now, if I wanted to get to desktop 9 It'd be a single shortcut:

  • ctrl+window+up+left (yep, you can join them like this)

It may seem extremely overly complicated and weird and unnecessary and stupid and redundant but it's surprisingly easy to navigate with this once you get used to it.

Surely I wouldn't have started using it if it were stupid. right? right? right...

Note: I started with ctrl+win+arrowkey, but nowadays I use ctrl+win+(hjkl) so I can stay in the home row :) Since this would make the post harder to understand for non-vimmers I decided to not use it

KRUNNER

Note: I don't know what applies and what doesn't apply to the default kde search engine. I think krunner looks sleeker, so I use that one.

Want to see if a word is spelled correctly? Maybe you want to get its definition. Maybe you want to do some quick maths?

Krunner can do all that. And oh boy, that's just the tip of what krunner can do.

Krunner is an app that comes bundled with KDE. If you type anything into an empty desktop a little search bar will appear in the top. That's Krunner! I have remapped win+d to start it.

You can put a ton of plugins into that thing, for instance, making [any search started with define show the definition of the subsequent word (just like google!)][https://imgur.com/a/OHkZQJK], and much, much more.

There were 6 things that made it seem cool to me:

  • The fact that you can disable plugins -> You'd usually assume this is possible, but I guess windows just lowered my expectations. If you disable the majority of them, krunner becomes lightning fast and as predictable as it gets (some plugins make it a little unpredictable for me). I'm not entirely sure whether the default search tool from KDE also has this feature.
  • No need for a calculator -> I don't even have a calculator app installed. Wanna do some arithmetic? Just type [128 * 98 + 45][https://imgur.com/a/wrfWKzP]
  • As a non-native english speaker, the dictionary plugin :(
  • pretty. it looks pretty. it looks pretty. it looks pretty. it looks pretty.
  • God, does it looks pretty.

If you want to know all it can do, just search "?"!

Kwin!

Kwin is the KDE's window manager. I won't go into details about what is a window manager, since I don't think it's very important at all, but I'll tell you to run a single shortcut.

Alt+f3 (notice: in some laptops, this may be alt+fn+f3)

Goodness gracious, you're a linux adult now! You can even access that secret menu. I'm gonna cry!

This menu is amazing. A godsent. I pray to it every day.

...Or not. I most certainly should.

With it, you can:

  • Assign windows to virtual desktops
  • Change the size, position, and whether it should start fullscreen or minimized when that specific app opens.
  • Much, much more... A little too much. In a good way.

How to replicate it

Virtual Desktop Grid

  • Go to settings, and search Virtual Desktops in the top left search bar.

  • Click the add button until you get 9 desktops

  • In the right, there should be a button saying "1 row". Write 3 instead of 1 or click in the arrow pointing up until you get it to 3.

  • Enable Navigation Wraps around

  • Disable animation when switching (optional)

  • Still in the settings, go to shortcuts

  • Scroll down until you find Kwin

  • Remap Switch One Desktop Down/To The Left/To The Right/Up to whatever you want (you can simply enable ctrl+win+arrow too, the default)

  • Remap Switch to Desktop num to your liking

And I think you're good to go!

Krunner

  • Go to settings, then shortcuts
  • Search krunner and and remap it to whatever you want.
  • Use the shortcut, krunner will start. Inside Krunner, click on the leftmost button
  • Change position on screen to center (optional)
  • Click Configure enabled search plugins and change those to your liking!

Kwin

  • With a window opened, press Alt+F3
  • Go to more actions and click special application settings
  • Press Add property and have fun! If you want the window to start in a specific desktop every time, you can move it to that desktop and add the property virtual desktops with "apply initially". Should be the default

End

And that was... Much less than I thought. Apparently, this whole thing was a journey to get rid of alt+tab. That's quite funny, but seriously, screw alt+tab. I vehemently hate it.

I am probably forgetting to talk about something.

Nevertheless, I hope you enjoyed this post! It's my first one talking about linux. If you see any mistake, grammar or factual, I'd really appreciate it if you pointed it out. I won't get mad. Promise.

Also, if you also have a weird setup such as mine, I'd love to hear about it, and to see if I can incorporate whatever you do that's weird to other people into my own setup. I am a weird person after all.