

I am definitely not the best at networking, but can’t you do that through your current dhcp client?
I am definitely not the best at networking, but can’t you do that through your current dhcp client?
The server has been reverse engineered for literal decades at this point.
I can share my traefik setup - note I am doing this on my phone at work, so I might miss something
compose.yaml
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik.middlewares=authwares@file"
GNU nano 7.2 /config/traefik/dynamic/middlewares.yaml
http:
middlewares:
limit:
buffering:
memRequestBodyBytes: 5000000000
memResponseBodyBytes: 5000000000
maxRequestBodyBytes: 5000000000
maxResponseBodyBytes: 5000000000
authwares:
chain:
middlewares:
- default-headers
- authelia
- limit
default-headers:
headers:
accessControlAllowHeaders: "content-type,authorization"
accessControlAllowMethods:
- GET
- OPTIONS
- PUT
- POST
- DELETE
frameDeny: true
accessControlAllowOriginList: "*"
accessControlMaxAge: 100
addVaryHeader: true
browserXssFilter: true
contentTypeNosniff: true
forceSTSHeader: true
stsIncludeSubdomains: true
stsPreload: true
stsSeconds: 15552000
customFrameOptionsValue: SAMEORIGIN
referrerPolicy: "strict-origin-when-cross-origin"
customRequestHeaders:
X-Forwarded-Proto: https
customResponseHeaders:
X-Robots-Tag: "none,noarchive,nosnippet,notranslate,noimageindex"
server: ""
X-Forwarded-Proto: "https,wss"
hostsProxyHeaders:
- "X-Forwarded-Host"
authelia:
forwardAuth:
address: http://auth/api/verify?rd=https%3A%2F%2Fauth.example.com%2F
trustForwardHeader: true
authResponseHeaders:
- "Remote-User"
- "Remote-Groups"
- "Remote-Email"
- "Remote-Name"
GNU nano 7.2 /config/traefik/traefik.yaml
global:
checkNewVersion: false
sendAnonymousUsage: false
entryPoints:
web:
address: :80
proxyProtocol:
insecure: false
trustedIPs:
- 172.32.0.0/16
- 192.168.1.0/24
forwardedHeaders:
insecure: false
trustedIPs:
- 172.32.0.0/16
- 192.168.1.0/24
http:
redirections:
entryPoint:
to: websecure
scheme: https
permanent: true
websecure:
address: :443
proxyProtocol:
insecure: false
trustedIPs:
- 172.32.0.0/16
- 192.168.1.0/24
forwardedHeaders:
insecure: false
trustedIPs:
- 172.32.0.0/16
- 192.168.1.0/24
http:
tls:
options: modern@file
certResolver: letsencrypt
domains:
- main: "example.com"
sans:
- "*.example.com"
providers:
docker:
exposedByDefault: false
network: compose_proxied
allowEmptyServices: true
endpoint: "http://socket:2375/"
defaultRule: "Host(`{{ index .Labels \"com.docker.compose.service\"}}.example.com`)"
file:
directory: /config/dynamic
watch: true
api:
insecure: false
dashboard: true
certificatesResolvers:
letsencrypt:
acme:
email: acme@example.com
storage: /certificates/acme.json
dnsChallenge:
provider: cloudflare
resolvers:
- "1.1.1.1:53"
- "1.0.0.1:53"
log:
level: DEBUG
filePath: /config/logs/traefik.log
format: json
accesslog:
filepath: /config/logs/access.log
bufferingSize: 100
format: json
Guess I am making this in excel now.
Note that its also possible to set up service auto discovery with traefik, the only traefik related config I do on new containers is
Traefik.enabled=true
My mother used to call me a son of a bitch until I one day replied “I know”.
Or
“I don’t believe in god because of the things He has done to me, but that doesn’t mean you shouldn’t believe in Him”
She also talked about her “schizo friend” quite a lot, as if the events were recent, even though there was no chance she had seen the person in over a decade.
We don’t speak anymore.
I gave up on automating it, I download with slskd, and run musicbrainz Picard (import slskd download folder, and set it to always save to the jellyfin music folder/rename with my preferred sorting method). This has the bonus of downloading the cover art, and rarely has issues.
Currently Souls Remnant, though only the lowest tier because I am broke
Its possible to learn how, but no, most people can’t do it.
I have heard it helps reduce eye strain in dim environments though.
I can do this, in addition to being able to vibrate my eyes.
Can also wiggle each ear independently, though the scalp always moves along with them
To add to that, most of the time cam girls don’t even turn the thing on, and do an incredibly over exaggerated reaction to the sound the chat makes when someone gives a tip, and videos of this get posted unironically to any nsfw forum/board/sub/community, as if it is high quality enjoyable content.
If there’s a pink stick coming out, its 100% onlyfans.
Ehlers-Danlos Syndromes
This person and your sister should look into EDS, its one of the main symptoms.
Cornflower by volume takes up a lot more space though, so visually/per teabag the weight looks much higher. That, and it “naturally” sweetens the tea, helping improve the flavour with the cheaper, lower quality, tea leaves.
Its cornflowers, and it means i can’t drink it.
Something about the flavour ruins tea for me, can tell immediately when its being used as a filler.
On windows, I have been a big fan of MPC-BE for years. That being said, I switch to linux (arch BTW) and now I watch basically everything using jellyfin instead.
That being said, VLC is the main Linux option, so VLC I guess.
You can try setting up a VPN, eg headscale/tailscale with your home server being an exit node, and then just set up your questionable services on a domain that only resolves locally - and then you don’t need to use authentik for authorisation to those services.
This is what I have been trying recently, and seems to work well.
I recently posted most of my traefik configs, you can use it as a base to learn how traefik works:
https://lemmy.ca/comment/17702205
Note that I might not be much help with troubleshooting, as this took me a lot of trial and error and googling to make work.