- 2 Posts
- 83 Comments
Joined 5 months ago
Cake day: February 8th, 2025
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
171·8 days agoPostgres, SQLite, etc are tools for database management, things like user data, application data and so on are collected here.
Edit: the
DB_PASS=“postgres”is the default password when setting up a Postgres database.Take Reddit’s Karma system or Upvotes/Downvotes for example, they’re stored in a database and however Reddit wants to utilize that data Postgres makes it easy to call upon it.
I’m sure others can give more detailed responses, I’m typing this out in a rush.
The Matrix.org Foundation is a non-profit and only relies on donations to operate. Its core mission is to maintain the Matrix Specification, but it does much more than that.
Non-profit… only relies on donations…
This was taken quite literally at the bottom of that article.
5·10 days agoThe Docker Engine makes hosting applications over your network easy, if you have spare hardware I highly recommend setting up your own server.
I would disagree, you’re still directly communicating with YouTube servers without a proxy in-between. Invidious or Piped are the proxies you need, they let you blend in with the other users of their services making data-collection on YouTube’s part difficult.
We need to make feeding the algorithm as difficult as possible.
I spent 25 years on this planet without the need for an actual Ai, I’ve used Siri when she was dumb to make quick phone calls or to turn lights off but other than that I really don’t need to know the last digit to Pi.
Depends on how many sites comply, most will likely block Belgian IP’s due to this.
Once again, thank you for your insight! It truly does help a lot.
Today I learned the VPN routing is the cause of my issues, I opted to expose my homelab to WAN and tried to connect over LTE/5G and was surprised to see it actually resolve!
I also learned Fail2Ban has failed me in this regard.
Unfortunately this now throws a wrench in my plans In regard to security so now I’m debating on getting another piece of hardware and labelling one as “front end” and the other as “back end” so that the “back end” doesn’t share the same public IP as the “front end”.
This has ignited a spark to rework my homelab!
6·15 days agoSo glad my router supports WireGuard/OVPN server hosting, doing it this way also relieves resources off your homelab and for whatever reason your homelab shuts off or loses network access you can at least rely on your router to re-establish the VPN server without further intervention.
While i appreciate the detailed response here i did make another comment letting OP know i’m in a similiar situation as them, i use Docker Engine & Docker Compose for my self-hosting needs on a 13th Gen Asus Nuc (i7 model) running Proxmox with a Debian 12 VM. My reverse proxy is traefik and i am able to receive SSL certificates on port :80/:443 (also have Fail2Ban setup) however, i can’t for the life of me figure out how to expose my containers to the internet.
On my iPhone over LTE/5G trying my domain leads to an “NSURLErrorDomain” and my research of this error doesn’t give me much clarity. Edit appears to be a 503 error.
This is a snippet of my docker-compose.yml
services: homepage: image: ghcr.io/gethomepage/homepage hostname: homepage container_name: homepage networks: - main environment: PUID: 0 # optional, your user id PGID: 0 # optional, your group id HOMEPAGE_ALLOWED_HOSTS: my.domain,* ports: - '127.0.0.1:3000:3000' volumes: - ./config/homepage:/app/config # Make sure your local config directory exists - /var/run/docker.sock:/var/run/docker.sock #:ro # optional, for docker integrations - /home/user/Pictures:/app/public/icons restart: unless-stopped labels: - "traefik.enable=true" - "traefik.http.routers.homepage.rule=Host(`my.domain`)" - "traefik.http.routers.homepage.entrypoints=https" - "traefik.http.routers.homepage.tls=true" - "traefik.http.services.homepage.loadbalancer.server.port=3000" - "traefik.http.routers.homepage.middlewares=fail2ban@file" # - "traefik.http.routers.homepage.tls.certresolver=cloudflare" #- "traefik.http.services.homepage.loadbalancer.server.port=3000" #- "traefik.http.middlewares.homepage.ipwhitelist.sourcerange=127.0.0.1/32, 192.168.1.0/24, 172.18.0.0/16, 208.118.140.130" #- "traefik.http.middlewares.homepage.ipwhitelist.ipstrategy.depth=2" traefik: image: traefik:v3.2 container_name: traefik hostname: traefik restart: unless-stopped security_opt: - no-new-privileges:true networks: - main ports: # Listen on port 80, default for HTTP, necessary to redirect to HTTPS - target: 80 published: 55262 mode: host # Listen on port 443, default for HTTPS - target: 443 published: 57442 mode: host environment: CF_DNS_API_TOKEN_FILE: /run/secrets/cf_api_token # note using _FILE for docker secrets # CF_DNS_API_TOKEN: ${CF_DNS_API_TOKEN} # if using .env TRAEFIK_DASHBOARD_CREDENTIALS: ${TRAEFIK_DASHBOARD_CREDENTIALS} secrets: - cf_api_token env_file: .env # use .env volumes: - /etc/localtime:/etc/localtime:ro - /var/run/docker.sock:/var/run/docker.sock:ro - ./config/traefik/traefik.yml:/traefik.yml:ro - ./config/traefik/acme.json:/acme.json #- ./config/traefik/config.yml:/config.yml:ro - ./config/traefik/custom-yml:/custom # - ./config/traefik/homebridge.yml:/homebridge.yml:ro labels: - "traefik.enable=true" - "traefik.http.routers.traefik.entrypoints=http" - "traefik.http.routers.traefik.rule=Host(`traefik.my.domain`)" #- "traefik.http.middlewares.traefik-ipallowlist.ipallowlist.sourcerange=127.0.0.1/32, 192.168.1.0/24, 208.118.140.130, 172.18.0.0/16" #- "traefik.http.middlewares.traefik-auth.basicauth.users=${TRAEFIK_DASHBOARD_CREDENTIALS}" - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https" - "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https" - "traefik.http.routers.traefik.middlewares=traefik-https-redirect" - "traefik.http.routers.traefik-secure.entrypoints=https" - "traefik.http.routers.traefik-secure.rule=Host(`my.domain`)" #- "traefik.http.routers.traefik-secure.middlewares=traefik-auth" - "traefik.http.routers.traefik-secure.tls=true" - "traefik.http.routers.traefik-secure.tls.certresolver=cloudflare" - "traefik.http.routers.traefik-secure.tls.domains[0].main=my.domain" - "traefik.http.routers.traefik-secure.tls.domains[0].sans=*.my.domain" - "traefik.http.routers.traefik-secure.service=api@internal" - "traefik.http.routers.traefik.middlewares=fail2ban@file"Image of my port-forwarding rules (note; the 3000 internal/external port was me “testing”)
Edit: I should note the Asus Documentation for Port-forwarding mentions this:
- Port Forwarding only works within the internal network/intranet(LAN) but cannot be accessed from Internet(WAN).
(1) First, make sure that Port Forwarding function is set up properly. You can try not to fill in the [ Internal Port ] and [ Source IP ], please refer to the Step 3.
(2) Please check that the device you need to port forward on the LAN has opened the port. For example, if you want to set up a HTTP server for a device (PC) on your LAN, make sure you have opened HTTP port 80 on that device.
(3) Please note that if the router is using a private WAN IP address (such as connected behind another router/switch/modem with built-in router/Wi-Fi feature), could potentially place the router under a multi-layer NAT network. Port Forwarding will not function properly under such environment.
Private IPv4 network ranges:
Class A: 10.0.0.0 – 10.255.255.255
Class B: 172.16.0.0 – 172.31.255.255
Class C: 192.168.0.0 – 192.168.255.255
CGNAT IP network ranges:
The allocated address block is 100.64.0.0/10, i.e. IP addresses from 100.64.0.0 to 100.127.255.255.
I want to highlight the fact that i may be under a multi-layered NAT, the folks in my household demand the ISP router given that i have PiHole running DNS blocking and my Asus Router routes all outbound connections through a VPN tunnel, besides DDNS obviously which my router also handles, i have to run these routers in bridged-mode so that they share the same WAN IP but, if I am able to receive SSL/TLS certificates from LetsEncrypt on port :80/:443 that means port-forwarding is working as intended right?
I’m in the same boat (sorta)!
Follow up question, did you have trouble exposing port :80 & :443 to the internet? Also are you also using Swarm or Kubernetes?
I have the docker engine setup on a machine along side Traefik (have tried Nginx in the past) primarily using Docker Compose and it works beautifully on LAN however I can’t seem to figure out why I can’t connect over the internet, I’m forced to WireGuard/VPN into my home network to access my site.
No need to provide troubleshooting advice, just curious on your experience.
around the 12 week mark.
Not all computers need to tell the date & time, just uninstall clock.exe
If you don’t mind me asking, how do you host your site?
deleted by creator
Waiting on the day Firefox extensions support the iOS app.
Unpopular opinion, if you’re going to use a Debian based distro you should just use Debian.
Yes, it is command-line/BASH heavy however, once you learn it it’ll make all the other Debian based distro’s even easier to manage. Only real difference is system directories are in different locations distro-to-distro.
deleted by creator
So… they’re doing exactly what apple was forced to do.
I’ll just leave this video guide here to cure world of this cancer
Fixed that for you.
I was in a rush! Honestly it was the quickest thing I could come up with on the spot, plus database tools are something I lack a lot of knowledge about so I really couldn’t go in depth even if I wanted to.
Appreciate the history behind Reddit’s database!