byeCloud: Firefox Sync Server - UPDATE

In this article I will show you how to set up a Firefox Sync Server as a Docker container. In my case this will replace iCloud Bookmark / Tab synchronization. This article is part of the byeCloud series in which I try to replace iCloud with self-hosted services. I’ve evaluated different solutions to synchronize tabs and bookmarks, but none of them seemed to satisfy my needs. Firefox Sync almost does.

byeCloud: Replace iCloud Keychain with KeePass

iCloud Keychain has always been a love-hate relationship for me. I loved the simplicity of just being able to generate passwords right from the registration form of every page while it would also autofill passwords when I try to log in again. But I hated not being in charge of telling this thing to sync. Sometimes when I got a new device, the Keychain would just not start synching. Or passwords that I just created wouldn’t show up.

byeCloud: GitLab with Docker and Traefik

For some months now I’m running a private GitLab server. I really enjoy using it, especially with all the great features like the Docker Container Registry and GitLab Pages to host static pages, even with own domains. Normally I would prefer a more lightweight solution, such as Gitea but GitLab has so many advantages that, at least for me, this is currently the only way to go. However, it felt tedious setting it up, even with Docker.

Resize all images in subdirectories

For a project I was working on, I had a folder structure full of images and wanted to compress them to a specific maximum resolution in-place while retaining the aspect ratio using ImageMagick. The crucial point, as so often, were spaces and special characters in the folder names, making it really hard to use bash loops etc. to make this work. With the NULL character trick, luckily this works pretty well.

Sign your Git commits with PGP

In the last days I tinkered a bit with things in Git that I haven’t tried yet. One was signed commits. Signed commits help other people to know that it’s actually you who committed changes. So when people trust you as a person, they can also trust your code because they can verify that it’s been actually done by you. It’s pretty easy to set up and once configured, everything else will just happen automatically.

Download encrypted HLS content with ffmpeg

I maintain an archive of videos, especially documentaries from public media libraries from tv channels etc. on my NAS. Whilst I can use youtube-dl for the most part, it’s rather difficult for sites that use HTTP live streaming (HLS) to stream their content. In the most cases this is even AES-128 encrypted, which makes it difficult to download it. But since there’s players that support playback, it’s obviously possible to decode the stream on the client side.

Securing macOS

Even though there are like one million guides on how to secure macOS properly, I decided to throw in my 5c on this topic. In contrast to many other guides, I’d just like to provide you with the best practices that I also use. This one is about the essential things that I always do when getting a new Mac to provide better security while preserving almost all macOS features like iCloud document saving or Time Machine usage.

Gmail DNS records for Hetzner Domain Robot

During a setup change I had to temporarily move my incoming mailserver to Gmail and while I am now back in my own mail server, I again had this major headache of configuring the my DNS (using BIND) because I always forget the dots in the end of CNAME and MX records because usually I dont create nameserver records for external domains… So anyway here is the final configuration I used in Hetzners Domain Robot:

byeCloud: News with Miniflux

In this article I will show you how to set up your own RSS feed aggregator with sync support for many third-party clients through the Fever API as a replacement for Apple News/Google News/Feedly. This article is part of the byeCloud series in which I try to replace iCloud with self-hosted services. Choosing the right software I fiddled around for a while with the News app for Nextcloud, ttr-rss and a few other alternatives, but ended up with Miniflux (now in version 2) because it is simple and lightweight and provides the most important thing for me, a Fever-compatible API without any plugins.

Mount Time Capsule SMB from a Linux host

As it turns out, the Apple Time Capsule only uses SMB protocol version 1 and NTLM for authentication. While this works with macOS without any changes, it often creates problem when trying to mount the the Time Capsule’s SMB share on a Linux system. With this parameters, mounting should work out of the box, given you have the cifs-utils (Debian/Ubuntu) installed: sudo mount.cifs // /mnt/timecapsule/ -o password='yourpw',sec=ntlm,uid=<local user>,vers=1.0 If you have any problems or further insights, feel free to leave a comment.