• 0 Posts
  • 15 Comments
Joined 1 年前
cake
Cake day: 2024年3月27日

help-circle
  • That’s fair, I get the frustration.

    I guess I’ve been cutting Mitchell some slack since this is a passion project for him - his goal was to build the modern terminal he always wanted, so an opinionated feature set was always expected. And, new terminals with actual new features need their own terminfo entries, it just comes with the territory. It’ll sort itself out as the databases catch up.

    For now, though, you don’t need to address this on an individual host level. I’m in the same boat at work with thousands of servers. If you want to give Ghostty another shot, this wrapper handles the issue automatically, even for servers where AcceptEnv doesn’t include TERM or where SetEnv is disabled:

    ssh() {
        if [[ "$TERM" == "xterm-ghostty" ]]; then
            TERM=xterm-256color command ssh "$@"
        else
            command ssh "$@"
        fi
    }
    

    Just drop it in your .bashrc (or functions.sh if you rock a modular setup) and SSH connections will auto-switch to compatible terminfo while keeping your local session full-featured. Best of both worlds. ¯\_(ツ)_/¯







  • arcayne@lemmy.todaytoSelfhosted@lemmy.worldDNS?
    link
    fedilink
    English
    arrow-up
    1
    ·
    9 个月前

    My preferred way of solving this is to run a PowerDNS cluster with DNSDist and keepalived. You get all the redundancy via a single (V)IP.

    Technitium is probably more user friendly for greenhorns, though… and offers DHCP too. Beats pihole by a mile.


  • Wezterm is my primary. Love the built-in domain/sshmux features, especially for work. The LUA config rocks, sky is the limit. Highly portable when using something like Chezmoi or YADM.

    That said, it’s not always the most performant, especially with certain TUIs. I’ve been running my NVim workspace in Kitty lately just to avoid the minor UI lag (primarily with lazygit). Not a fan of Kitty (or its dev) otherwise, but it serves its purpose.

    If Wezterm ever gets optimized, it’ll be the GOAT for me.

    Ghostty also sounds like it’s got potential, but haven’t gotten my invite yet. ¯\(ツ)






  • Apps: SSO via Authentik where I can, unique user/pass combo via Bitwarden where I can’t (or, more realistically, don’t want to).

    General infra: Unique RSA keys, sometimes Ed25519

    Core infra: Yubikey

    This is overkill for most, but I’m a systems engineer with a homelab, so it works well for me.

    If you’re wanting to practice good security hygiene, the bare minimum would be using unique cred pairs (or at least unique passwords) per app/service, auto-filled via a proper password manager with a browser extension (like KeePassXC or Bitwarden).

    Edit: On the network side, if your goal is to just do some basic internal self-hosting, there’s nothing wrong with keeping your topo mostly flat (with the exception of a separate VLAN for IoT, if applicable). Outside of that, making good use of firewalls will help you keep things pretty tight. The networking rabbit hole is a deep one, not always worth the dive unless you’re truly wanting to learn for the sake of a cert/job/etc.