Avatar by eveoart. Artwork - Artist

  • 0 Posts
  • 47 Comments
Joined 2 years ago
cake
Cake day: June 9th, 2023

help-circle

  • I added a cheap PCI 4 slot NVMe expansion card and a couple of SSDs for a new pool and then migrated all the database-heavy stuff over to it. Required some use of local ZFS send/receive which I didn’t know was possible, but it has gone smooth so far. Very happy with it! It no longer sounds like my HDD pool is trying to escape from hell and some of the services are much snappier, especially Bitmagnet. I’d highly recommend it as an upgrade for anyone still running purely HDDs. I thought I could get away with it but ZFS speeds are no faster than single drives and the amount of stuff I had was hammering it non-stop.

    I also bought my own domain finally to escape the free-tier dynamic DNS woes and I can finally feel good about sharing links with other people. I slapped a file share container with disabled registrations on a sub domain. I put it all behind free tier Cloudflare to hide my server’s IP, it took a little bit of learning what the different records are but so far much easier than I thought. Although I have yet to do the hardest part of setting up dynamic IP for my DNS records. I see a bunch of scripts floating around, but none seem that easy or well-maintained…

    Oh, and the PI I’ve had running Pi-Hole v5 for god knows how long with no maintenance couldn’t run Tailscale, so I wiped the entire thing to start fresh and got it up and running with Pi-Hole v6, Tailscale, and Unbound. I like having these separated from my other services as they are more critical to have at all times and I have had 100% uptime with my Pi so far. Although I chose Dietpi for my OS on a whim because it looked interesting and am not sold on it. I like that it has easy software installs with sane defaults so I probably saved time overall, but the amount of time I spent debugging the weird choices Dietpi made for basic shit like networking options really threw me off.







  • IronKrill@lemmy.catoSelfhosted@lemmy.worldIs this safe to use?
    link
    fedilink
    English
    arrow-up
    5
    ·
    edit-2
    28 days ago

    I’m using Gluetun via Docker Compose as well right now and can happily say all the ports exposed via the ports: setting are local network only. I could port forward them via the router probably (haven’t tried) but I only use them for access via LAN. To expose ports over the VPN connection you use the FIREWALL_VPN_INPUT_PORTS environment variable. A stripped version of my current compose (example port numbers, not real) with LAN access to 6000 and WAN access to 1234 and 5678:

    services:
      gluetun:
        image: qmcgaw/gluetun:latest
        restart: unless-stopped
        container_name: gluetun
        cap_add:
          - NET_ADMIN # in the default compose file i dunno what this does tbh
        environment:
          - VPN_SERVICE_PROVIDER=custom
          - VPN_TYPE=openvpn
          - OPENVPN_VERSION=<redacted>
          - OPENVPN_USER=<redacted>
          - OPENVPN_PASSWORD=<redacted>
          - OPENVPN_CUSTOM_CONFIG=/gluetun/custom.ovpn
          - FIREWALL_VPN_INPUT_PORTS=1234,5678 # allows ports through VPN connection
          - FIREWALL_OUTBOUND_SUBNETS=192.168.0.0/24 # I found that I needed this for certain LAN access
        ports:
          - 6000:6000 # port i access via LAN
        volumes:
          - /mnt/example/config.ovpn:/gluetun/custom.ovpn
    


  • “We’ve spent two years requiring our apps from the ground up to boost our development speed, which should enable us to bring new features to you more efficiently, across more platforms,”

    … “and that’s why we’re deleting a bunch of features never to bring them back. Because we’re just so efficient!” Crazy how many companies use this awful excuse.

    Also is that a misquote by the author or did they really write “requiring”?





  • I’m going to disagree on this one, I’ve seem far too many comments, especially from LW users, along the lines of “I can’t be bothered to change websites because I’m already settled in.” Most people are attached to their posts and content and consider moving instance as “losing progress”. And the bigger an instance is the harder it’ll be to leave if they ever pull something seriously “power trippy” that could lock off content to some people, because there will be a large mass of communities and posts on that instance.