3·
17 days agoI am definitely not the best at networking, but can’t you do that through your current dhcp client?
DarkSirrush
- 0 Posts
- 19 Comments
Joined 2 years ago
Cake day: June 10th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
The server has been reverse engineered for literal decades at this point.
I can share my traefik setup - note I am doing this on my phone at work, so I might miss something
compose.yaml labels: - "traefik.enable=true" - "traefik.http.routers.traefik.middlewares=authwares@file"GNU nano 7.2 /config/traefik/dynamic/middlewares.yaml http: middlewares: limit: buffering: memRequestBodyBytes: 5000000000 memResponseBodyBytes: 5000000000 maxRequestBodyBytes: 5000000000 maxResponseBodyBytes: 5000000000 authwares: chain: middlewares: - default-headers - authelia - limit default-headers: headers: accessControlAllowHeaders: "content-type,authorization" accessControlAllowMethods: - GET - OPTIONS - PUT - POST - DELETE frameDeny: true accessControlAllowOriginList: "*" accessControlMaxAge: 100 addVaryHeader: true browserXssFilter: true contentTypeNosniff: true forceSTSHeader: true stsIncludeSubdomains: true stsPreload: true stsSeconds: 15552000 customFrameOptionsValue: SAMEORIGIN referrerPolicy: "strict-origin-when-cross-origin" customRequestHeaders: X-Forwarded-Proto: https customResponseHeaders: X-Robots-Tag: "none,noarchive,nosnippet,notranslate,noimageindex" server: "" X-Forwarded-Proto: "https,wss" hostsProxyHeaders: - "X-Forwarded-Host" authelia: forwardAuth: address: http://auth/api/verify?rd=https%3A%2F%2Fauth.example.com%2F trustForwardHeader: true authResponseHeaders: - "Remote-User" - "Remote-Groups" - "Remote-Email" - "Remote-Name"GNU nano 7.2 /config/traefik/traefik.yaml global: checkNewVersion: false sendAnonymousUsage: false entryPoints: web: address: :80 proxyProtocol: insecure: false trustedIPs: - 172.32.0.0/16 - 192.168.1.0/24 forwardedHeaders: insecure: false trustedIPs: - 172.32.0.0/16 - 192.168.1.0/24 http: redirections: entryPoint: to: websecure scheme: https permanent: true websecure: address: :443 proxyProtocol: insecure: false trustedIPs: - 172.32.0.0/16 - 192.168.1.0/24 forwardedHeaders: insecure: false trustedIPs: - 172.32.0.0/16 - 192.168.1.0/24 http: tls: options: modern@file certResolver: letsencrypt domains: - main: "example.com" sans: - "*.example.com" providers: docker: exposedByDefault: false network: compose_proxied allowEmptyServices: true endpoint: "http://socket:2375/" defaultRule: "Host(`{{ index .Labels \"com.docker.compose.service\"}}.example.com`)" file: directory: /config/dynamic watch: true api: insecure: false dashboard: true certificatesResolvers: letsencrypt: acme: email: acme@example.com storage: /certificates/acme.json dnsChallenge: provider: cloudflare resolvers: - "1.1.1.1:53" - "1.0.0.1:53" log: level: DEBUG filePath: /config/logs/traefik.log format: json accesslog: filepath: /config/logs/access.log bufferingSize: 100 format: json
Guess I am making this in excel now.
Note that its also possible to set up service auto discovery with traefik, the only traefik related config I do on new containers is
Traefik.enabled=true
19·2 months agoMy mother used to call me a son of a bitch until I one day replied “I know”.
Or
“I don’t believe in god because of the things He has done to me, but that doesn’t mean you shouldn’t believe in Him”
She also talked about her “schizo friend” quite a lot, as if the events were recent, even though there was no chance she had seen the person in over a decade.
We don’t speak anymore.
I gave up on automating it, I download with slskd, and run musicbrainz Picard (import slskd download folder, and set it to always save to the jellyfin music folder/rename with my preferred sorting method). This has the bonus of downloading the cover art, and rarely has issues.
Currently Souls Remnant, though only the lowest tier because I am broke
Its possible to learn how, but no, most people can’t do it.
I have heard it helps reduce eye strain in dim environments though.
I can do this, in addition to being able to vibrate my eyes.
Can also wiggle each ear independently, though the scalp always moves along with them
9·5 months agoTo add to that, most of the time cam girls don’t even turn the thing on, and do an incredibly over exaggerated reaction to the sound the chat makes when someone gives a tip, and videos of this get posted unironically to any nsfw forum/board/sub/community, as if it is high quality enjoyable content.
If there’s a pink stick coming out, its 100% onlyfans.
Ehlers-Danlos Syndromes
This person and your sister should look into EDS, its one of the main symptoms.
Cornflower by volume takes up a lot more space though, so visually/per teabag the weight looks much higher. That, and it “naturally” sweetens the tea, helping improve the flavour with the cheaper, lower quality, tea leaves.
Its cornflowers, and it means i can’t drink it.
Something about the flavour ruins tea for me, can tell immediately when its being used as a filler.
On windows, I have been a big fan of MPC-BE for years. That being said, I switch to linux (arch BTW) and now I watch basically everything using jellyfin instead.
That being said, VLC is the main Linux option, so VLC I guess.
You can try setting up a VPN, eg headscale/tailscale with your home server being an exit node, and then just set up your questionable services on a domain that only resolves locally - and then you don’t need to use authentik for authorisation to those services.
This is what I have been trying recently, and seems to work well.
I recently posted most of my traefik configs, you can use it as a base to learn how traefik works:
https://lemmy.ca/comment/17702205
Note that I might not be much help with troubleshooting, as this took me a lot of trial and error and googling to make work.