I use an Apple Magic Trackpad on KDE and it works great. My only problem is that customizing the touch gestures is not well supported. Unsure if it’s any better on Gnome or COSMIC Desktop.

I tried to find you on the fediverse (mastodon) and saw this comment!

I just wanted to say, you’re doing a great job! This release, with native apps is awesome. I see that Android Auto is on the roadmap, and I’m excited for that as well :)

I have tested with Pocket Casts, AntennaPods (with PinePods as the backend!) and the PinePods android app… the fact that PinePods supports server downloads, and the Android app allows for bypassing local downloads (to stream the server version)… I notice that when I listen with PinePods Android, there’s less ads compared to Pocket Casts Android and AntennaPods! +1 for PinePods Android :)

These podcast streams must detect if a request is on mobile and inject specific ads 😅

I’m not sure how caddy works, but if curl says it’s insecure, to me it sounds like the certs are not installed correctly.

Also good to do. I think using HTTPS, even over LAN, is just table stakes at this point. And people dismissing that are doing more harm than good.

💯 Generally I see the dismissal from people who use their services purely through LAN. But I think it’s good practice to just set up HTTPS/SSL/TLS for everything. You never know when your needs might change to where you need to access things via VPN/WG/Tailnet, and the moment you do, without killswitches everywhere, your OPSEC has diminished dramatically.

Generally the tokens and credentials are sent along with the request. Which is plaintext if you don’t use HTTPS. If you lose connection, you’re sending the details along regardless if it connects (and if you’re on someone’s network, they can track and log).

(It’s also plaintext if the auth method isn’t secure as well; e.g. using a GET request or sending auth through HTTP headers unencrypted)

This is a really good idea that I see dismissed a lot here. People should not access things over their LAN via HTTP (especially if you connect and use these services via WG/Tailscale). If you’re self hosting an vital service that requires authentication, your details are transmitted plaintext. Imagine the scenario where you lose connection to your tailscale on someone else’s WiFi and your clients try to make a connection over HTTP. This is terrible opsec.

Setting up letsencrypt via DNS is super simple.

Setting up an A record to your internal IP address is really easy, can be done via /etc/hosts, on your router (if it supports it, most do), in your tailnet DNS records, or on a self hosted DNS resolved like pihole.

After this, you’d simply access everything via HTTPS after reverse proxing your services. Works well locally, and via tailscale.

Whoa. This actually works pretty close. Although, I am not seeing the ability to drag and drop re-order list items. Which is the big feature I want and need.

I am seeing in their github issues that CKEditor doesn’t support it. Thanks for the suggestion though!

Signal