Bristlerock

joined 1 year ago
sorted by: new top controversial old
Help a noob find what I'm looking for please. I have a bunch of IP addresses and I wanna give em names. in c/selfhosted@lemmy.world
Help a noob find what I'm looking for please. I have a bunch of IP addresses and I wanna give em names. in c/selfhosted@lemmy.world
[–] Bristlerock@kbin.social 2 points 7 months ago

This is how I do it. It works internally and externally, though it's more than OP needs. :)

To add to what's been said (in case it's useful to others), it's worth looking at SWAG and Authelia to do the proxying for services visible to the Internet. I run them in a Docker container and it does all the proxying, takes care of the SSL certificate and auto-renews it, and adds MFA to the services you run that support it (all browsing, MFA-aware apps, etc).

Another thing I like about SWAG's setup is that you select which services/hostnames you want to expose, name them in the SUBDOMAINS environment variable in Docker (easy to remove one if you take a service down, for maintenance, etc), and then each has its own config file in Nginx's proxy-confs directory that does the https://name.domain -> http://IP:port redirection for that service (e.g. wordpress.subdomain.conf), assuming the traffic has met whatever MFA and geo-whitelisting stuff you have set up.

I also have Cloudflare protecting the traffic (proxying the domain's A record and the wildcard CNAME) to my public address, which adds another layer.

Was thinking of creating a honeypot in c/selfhosted@lemmy.world
[–] Bristlerock@kbin.social 1 points 1 year ago

The Honeynet Project, related to the SANS Institute when I last checked, has a lot of resources on honeypots that are worth a look, if you haven't already.

Ideas for self-hosted services in c/selfhosted@lemmy.world
[–] Bristlerock@kbin.social 1 points 1 year ago

That's a really open-ended question. Depends purely upon your interests and appetite for risk, etc.

Might be worth looking at, from a Docker perspective:

  • AdGuard Home (I think it's better than Pi-Hole)
  • Wireguard or similar. Great for reaching your services when away from home.
  • Audiobookshelf. Audiobooks. There are good apps.
  • Calibre-Web. Ebooks.
  • RSS feed reader, for non-social media websites you visit. Plenty to choose from: FreshRSS, TT-RSS, Sismics, etc.
  • Gitlab CE. If you're a developer or can otherwise make use of version control.
  • Gotify. Alerting on your containers. Has a good mobile app.
  • Heimdall. A dashboard for everything you're running.
  • Komga. If you're into manga. The best iOS app is meh, but the best Android app is awesome.
  • Mealie. Recipe database.
  • Paperless-ngx. Excellent for storing your PDFs and other digital life.
  • PhotoPrism. Basically Google Photos.
  • Portainer. Great for managing Docker containers/stacks.
  • qBitTorrent. Guess what that's for.
  • SWAG with Authelia. SWAG does reverse proxying with a Let's Encrypt certificate, and automatically renews it for you. Authelia provides MFA (Authy, Google Authenticator, etc) on top of it.
  • Vikunja. Todoist or Toodledoo without having to pay for features.
  • Wallabag. Basically Pocket.
  • Watchtower. Automatically updates containers for you. Can exclude the ones you don't want to update, etc.
  • Webtrees. Family tree research, if that's your thing.
  • YouTransfer. Useful for sharing files without having to use Dropbox, etc.

I have in the past run a Valheim server and a VRising server, too. FWIW.

Would you agree to algorithm-generated timelines if there were sufficient tools to check whether the timeline on an instance work as promised? in c/fediverse@lemmy.world
[–] Bristlerock@kbin.social 3 points 1 year ago* (last edited 1 year ago)

I have zero problem with curated or algorithmic timelines. I have a 100% problem when there isn't a chronology timeline option.

It's simple really: give me the permanent option of chronological without the dark pattern fuckery of having to reset it periodically, or fuck off forever.

Is Mastodon’s strictly chronological news feed based on a wrong assumption? in c/fediverse@lemmy.world
[–] Bristlerock@kbin.social 9 points 1 year ago

Every time a social media site has offered, pleaded, cajoled or forced me to take a non-chronological timeline, I've refused. And if that refusal eventually becomes impossible (no option, addons no longer work, etc), I take my eyeballs elsewhere.

You're not an edge case. :)