After my previous server got hacked (presumably), I am now looking for new solutions to my needs. CalDAV/CardDAV is a big one.

So far I switched from a content management system (PHP) to a static site generator for my blog, and I'm not looking back.

I wonder if it makes sense to also step away from PHP wrt CalDAV/CardDAV.

As ever so often, this list has some nice info.

I'd like to keep dependencies low. Python would be a good choice because it's already installed on my Debian Stable system. But would it be safer?

Back when I started this compatibility with clients was an issue; but I don't use Android anymore. In any case, is this still an issue?

edit: no, I don't use a web based app; and I'd prefer the server doesn't require admin via web UI either.

Thanks for all your replies! I chose Radicale, already set it up. Only what is needed, simple config files. Very nice. It runs under an nginx reverse proxy and they communicate encrypted (and of course the outside is also encrypted and password-protected). And the web UI can be disabled.

The documentation is very tutorial-like and security conscious.

A translation of this article with a few (minor additions). I could not find an English-language article. The original article has informative illustrations.

“Archive.Today” is a popular website for access to paid media content. Well-known domain names for the website are archive.is and archive.ph (and archive.md, archive.fo, archive.li, archive.vn).

What many users do not know: The website provides users' data to Russia.

The data goes to Mail.ru and thus to the Russian Internet company VK. A look at the website with Webbkoll shows the following Russian domain names:

• privacy-cs.mail.ru
• r.mradx.net
• rs.mail.ru
• top-fwz1.mail.ru

First and foremost, top-fwz1.mail.ru/js/code.js is integrated. Further code from Russia is then loaded.

The following applies to Russian Internet companies:

“Russia demands unconditional cooperation and extensive control options from its flourishing IT economy. It is not just about the full possession of the largest social network (VK) and the largest payment service (Mail.ru), but in the case of Yandex also to influence the entire output of Yandex News.

The data collected show which Paywall content is particularly popular in western media, but could also provide insight about their users. One can speculate about the importance of such data in the hybrid Russian war against Europe and the rest of the West.

(the following part is about the most common originating news sites in Switzerland that are to be archived. It refers to the above mentioned paywall content)

Incidentally (and in addition), anyone who pays for the paid media content must (also) expect for user data to go to Russia:

«Until recently, Ringier sent - thanks to these cookies - the IP addresses of "Blick" readers to the Russian tech company Yandex. […] Yandex is also listed at «20 Minuten». The free news portsal of the TX Group also works with the platform of the Interactive Advertising Bureau. […] The NZZ also sent data to the east. The traditional company on Falkenstrasse has integrated dozens of trackers, including from Yandex and also from Rutarget, an advertising company that belongs to the Russian Sberbank, is fully controlled by the state and is on the sanction list of the United States. »

The operators of «Archive.Today» do not open their identity. Neither an impressum nor a data protection declaration can be found on the website.

“Liberapay” in France should be able to say who operates “archive.today”. If you click on the "Donate" button at "Archive.Today", you will be forwarded to the donation platform "Liberapay".

A (more) reputable alternative is the Internet Archive at Archive.org, best known for the archiving of websites at web.archive.org.

Posted to privacy@lemmy.ml, privacy@lemmy.dbzer0.com and privacy@lemmy.world

edit 2 days later:

I'm aware this isn't the biggest smoking gun ever. But this particular service is in such widespread use that I feel it's important to shine a light on it.

Of course any post with certain keywords in the title will attract weird commentary, but I think you'll find that even the most contrary ones do not dispute the facts outlined in the article - just try to play them down, or ridicule them.

It's free, it has fast servers, it doesn't ask questions of you. It's a godsent!

A translation of this article with a few (minor additions). I could not find an English-language article. The original article has informative illustrations.

“Archive.Today” is a popular website for access to paid media content. Well-known domain names for the website are archive.is and archive.ph (and archive.md, archive.fo, archive.li, archive.vn).

What many users do not know: The website provides users' data to Russia.

The data goes to Mail.ru and thus to the Russian Internet company VK. A look at the website with Webbkoll shows the following Russian domain names:

• privacy-cs.mail.ru
• r.mradx.net
• rs.mail.ru
• top-fwz1.mail.ru

First and foremost, top-fwz1.mail.ru/js/code.js is integrated. Further code from Russia is then loaded.

The following applies to Russian Internet companies:

“Russia demands unconditional cooperation and extensive control options from its flourishing IT economy. It is not just about the full possession of the largest social network (VK) and the largest payment service (Mail.ru), but in the case of Yandex also to influence the entire output of Yandex News.

The data collected show which Paywall content is particularly popular in western media, but could also provide insight about their users. One can speculate about the importance of such data in the hybrid Russian war against Europe and the rest of the West.

(the following part is about the most common originating news sites in Switzerland that are to be archived. It refers to the above mentioned paywall content)

Incidentally (and in addition), anyone who pays for the paid media content must (also) expect for user data to go to Russia:

«Until recently, Ringier sent - thanks to these cookies - the IP addresses of "Blick" readers to the Russian tech company Yandex. […] Yandex is also listed at «20 Minuten». The free news portsal of the TX Group also works with the platform of the Interactive Advertising Bureau. […] The NZZ also sent data to the east. The traditional company on Falkenstrasse has integrated dozens of trackers, including from Yandex and also from Rutarget, an advertising company that belongs to the Russian Sberbank, is fully controlled by the state and is on the sanction list of the United States. »

The operators of «Archive.Today» do not open their identity. Neither an impressum nor a data protection declaration can be found on the website.

“Liberapay” in France should be able to say who operates “archive.today”. If you click on the "Donate" button at "Archive.Today", you will be forwarded to the donation platform "Liberapay".

A (more) reputable alternative is the Internet Archive at Archive.org, best known for the archiving of websites at web.archive.org.

Posted to privacy@lemmy.ml, privacy@lemmy.dbzer0.com and privacy@lemmy.world

edit 2 days later:

I'm aware this isn't the biggest smoking gun ever. But this particular service is in such widespread use that I feel it's important to shine a light on it.

Of course any post with certain keywords in the title will attract weird commentary, but I think you'll find that even the most contrary ones do not dispute the facts outlined in the article - just try to play them down, or ridicule them.

It's free, it has fast servers, it doesn't ask questions of you. It's a godsent!

I want to have a mirror of my local music collection on my server, and a script that periodically updates the server to, well, mirror my local collection.

But crucially, I want to convert all lossless files to lossy, preferably before uploading them.

That's the one reason why I can't just use git - or so I believe.

I also want locally deleted files to be deleted on the server.

Sometimes I even move files around (I believe in directory structure) and again, git deals with this perfectly. If it weren't for the lossless-to-lossy caveat.

It would be perfect if my script could recognize that just like git does, instead of deleting and reuploading the same file to a different location.

My head is spinning round and round and before I continue messing around with find and scp it's time to ask the community.

I am writing in bash but if some python module could help with it I'm sure I could find my way around it.

TIA

additional info:

• Not all files in the local collection are lossless. A variety of formats.
• The purpose of the remote is for listening/streaming with various applications
• The lossy version is for both reducing upload and download (streaming) bandwidth. On mobile broadband FLAC tends to buffer a lot.
• The home of the collection (and its origin) is my local machine.
• The local machine cannot act as a server

I want to have a mirror of my local music collection on my server, and a script that periodically updates the server to, well, mirror my local collection.

But crucially, I want to convert all lossless files to lossy, preferably before uploading them.

That's the one reason why I can't just use git - or so I believe.

I also want locally deleted files to be deleted on the server.

Sometimes I even move files around (I believe in directory structure) and again, git deals with this perfectly. If it weren't for the lossless-to-lossy caveat.

It would be perfect if my script could recognize that just like git does, instead of deleting and reuploading the same file to a different location.

My head is spinning round and round and before I continue messing around with find and scp it's time to ask the community.

I am writing in bash but if some python module could help with it I'm sure I could find my way around it.

TIA

additional info:

• Not all files in the local collection are lossless. A variety of formats.
• The purpose of the remote is for listening/streaming with various applications
• The lossy version is for both reducing upload and download (streaming) bandwidth. On mobile broadband FLAC tends to buffer a lot.
• The home of the collection (and its origin) is my local machine.
• The local machine cannot act as a server

I want to have a mirror of my local music collection on my server, and a script that periodically updates the server to, well, mirror my local collection.

But crucially, I want to convert all lossless files to lossy, preferably before uploading them.

That's the one reason why I can't just use git - or so I believe.

I also want locally deleted files to be deleted on the server.

Sometimes I even move files around (I believe in directory structure) and again, git deals with this perfectly. If it weren't for the lossless-to-lossy caveat.

It would be perfect if my script could recognize that just like git does, instead of deleting and reuploading the same file to a different location.

My head is spinning round and round and before I continue messing around with find and scp it's time to ask the community.

I am writing in bash but if some python module could help with it I'm sure I could find my way around it.

TIA

additional info:

• Not all files in the local collection are lossless. A variety of formats.
• The purpose of the remote is for listening/streaming with various applications
• The lossy version is for both reducing upload and download (streaming) bandwidth. On mobile broadband FLAC tends to buffer a lot.
• The home of the collection (and its origin) is my local machine.
• The local machine cannot act as a server

That's all. I just found this in a random script. Generates a random UUID every time it's called. I didn't know.

Of course I can also use uuidgen or pipe /dev/(u)random into something to get a random alphanumeric string - but this is built right into the kernel!

In /proc/sys/kernel/random/, there's also boot_id which ~~seems to do the same~~ is static, and some tweakable parameters.

❤️🐧

I am myself a newcomer, did a full switch straight from reddit.

However, I did it just a few weeks before mods and admins started to crack down hard on certain opinions. Guess I had seen the sign on the wall.

I believe reddit's clear change of direction has pushed many more people into the lemmyverse, many of them just like me, straight from reddit.

I sense that recently the tone around many subs has shifted towards more agressive and more divisive, and other patterns I recognize all too well from my years on reddit.

Do other people sense this too? Am I on the right track or completely off?

I ran my own blog for many years but recently I suspect my server got hacked, and after reinstalling I want to do things a little differently.

I'd like to move away from PHP and I don't really need a dynamic CMS anyhow.

So far I've been using PicoCMS which serves content from markdown pages with a little header. I got quite good at it, wrote my own theme and a few plugins. The templating language is Twig so something similar would be a boon for me.

Writing content in markdown is my most important requirement, or rather reusing the existing pages with as little massaging as possible. Here is one example:

***
Title: Create WiFi Hotspot with NetworkManager
date: 24.11.2022
Tags: archlinux,android
template: post
***

# Make sure required depenencies are installed

blablablablablablablabla

I really want a tag cloud, which used to be my only sorting mechanism apart from date. Most generators, at first glance, offer a tags page. Honestly I have no idea if I'd have to template the cloud myself but tag functionality seems to be common, I guess?

What I don't want is any sort of web UI or even builtin server functionality or other bells and whistles for the user. I prefer to ssh into the server and do things on the CLI.

Now my most important constraint is that I want to use what's available in (or as a) Debian repositories. After a quick search around it boils down to:

• blag
• Jekyll
• Hugo
• Lektor
• Pelican
• staticsite

Searching for similar topics I found this and this. I read all the comments.

TIA

edit: Lots of people mention Hugo. Why would I choose that over, say, Jekyll or Pelican?
Personally I feel drawn more towards Python than Go or Rust, and a Twig-like (e.g. Jinja) templating language. If that's idiotic, please let me know why.
Also please remember I'm not running a github (or other similar VCS) page but have a dedicated VPS running Debian Stable. Deployment or containerization are of no interest to me.

I hadn't realized this episode had been sitting on my playlist since February.

But it's a long term view on war (defense) in space, and how it's been a favorite but useless toy of more than 1 potus.

And it's even more dystopian & pessimistic than the usual tone of this excellent podcast.

President Donald Trump wants to build an American Iron Dome. He even signed an executive order to make it happen. It’s a terrible idea, one we’ve tried before, and one that will make America less safe.

In this episode, Joseph Cirincione returns to the program to detail his personal history with complicated and costly missile defense systems.

• It all starts during a snowstorm in 1982 and with the High Frontier
• Zombie defense pitches
• It’s almost impossible to knock a bullet out of space with a bullet
• How Israel’s Iron Dome works
• Slow and hot vs fast and cold
• Lasers don’t work, thanks Teller
• Pitch: lasers in space. Reality: missile batteries in Alaska
• These systems only work half the time and only under perfect conditions
• SpaceX contracts abound!
• A Pentagon Powerpoint slide enters chat
• Jason’s Superman reverie, starring Gene Hackman as Lex Luthor
• How do China and Russia react?
• “The enemy gets a vote.”
• The last arms control treaty
• Ronald Reagan: anti-nuclear advocate
• How SDI kept us from eliminating nuclear weapons
• Anatomy of an arms race
• AI is coming to nuclear command and control