Like the title says, I want to replace the IP address in a wireguard .conf file to be a domain instead.
I own a domain through cloudflare, so say I wanted to use vpn.example.org
What DNS record and info do I need to put into Cloudflare? (I am aware I'll need to update it if my ip changes)
Is there any way to host an android app in a web browser?
Ideally with docker, likely all of Android, not just an app, but running just an app would be amazing.
Oops you are right.
A quick search said mc uses tcp
Yes, and Minecraft is TCP not http
Anything.
Personally I use Debian. But Docker doesn't care. I chose Debian because it is very stable and simple
I may explain this poorly, so feel free to ask clarifying questions.
I have my homelab setup, and you can access services at service.domain.com only on my network or on my Tailscale tailnet.
I use a pihole for my DNS, and so does my dad.
Would it be possible to install Tailscale on his pihole (or elsewhere) so that his entire network can access my services (ie service.domain.com) but not route all traffic over my pihole and still use his?
With Crafty you can bind a specific port.
I use tailscale for public access, and have set it up so tailscale users can access the domain.
I guess what I'm asking for is NPM but for tcp.
No I'm not.
I have tailscale setup for external access. (I have dns records already in my domain provider pointing to a tailscale ip, so a device on my tailnet can access my domain. ie an authorized tailscale device can access nginx.example.com)
I want to know what I have to do to get minecraft.example.com to resolve interenally.
I use Crafty Controller for Minecraft. I have a server running at 192.168.50.16:25540. I want it to resolve to minecraft.example.com. I have Nginx Proxy Manager setup for my domain and can access it from inside my network, but it'd be nice to be able to use a domain instead.
NPM only has options for http and https, so is this even possible using NPM?
EDIT: this is for only internal access I have external access via tailscale.
Oh fascinating. I'll have to look into that
For 4 II, its CNAME Name: @ Target: ???
What is the target supposed to be?
Edit: putting "@" for name on the A record, once saved, it changes to my domain instead of @, in your screenshot
A good dashboard helps with not remembering port numbers also. And can look slick
Holy crap thank you so much. I was literally thinking of figuring out how to do exactly this EARLIER TODAY!
Thank you again for this write up. I have almost all of what you wrote already done (cloudflare, NPM and tailscale setup) but haven't hooked Tailscale and NPM together yet.
I have gluetun+socks5 containea running, then in an app, I put in localip:port into a proxy field. Then that app will use that connection for internet.
Browsers on desktop also support proxies. So if you want a specific browser to always use the VPN, this is a very simple way to do that.
https://source.android.com/docs/security/features/private-space
Its not bad using the official wireguard app. Its definitely noticable. On the android battery screen it'll show around 5% after a full day of use and it on always
For an external VPN like mullvad, I run my own proxy. Again it's only available from my VPN or inside my network.
It uses socks5 and gluetun docket containers and in apps that support proxies, I can add my proxy to it and it'll route that traffic through the paid VPN.
Or, a work profile (see shelter) or androids new private spaces. If you have private spaces, it uses a seperate network. So if you have a VPN installed outside the private space, it won't work on apps inside the space. So, what you could do is have a paid VPN inside private spaces, and use it and a web browser or whatever there, and use your server's VPN outside the private space.
Lmk if you want any of my docker composes
I keep it running always. Partly to access stuff at home, and party to get the ad-blocking from pihole.
Do not expose stuff unless you fully understand the security risks
Correct. But also public access should be considered advanced
I may have messed things up....... I had a lot of docker config and data stored in /home/skynet I then ran a sshfs command and it disappeared. I was trying to send the contents of /home/skynet (server) to /home/shady/skynet (desktop). This was in order to be able to edit the files on the server on the desktop via VSCodium.
I'd love recommendations on how to do this, but first how do I get my files back???
Here is what I did
skynet@skynet:~/docker/keycloak$ sudo sshfs -o allow_other,default_permissions shady@192.168.50.16:/home/shady/skynet /home/skynet shady@192.168.50.16's password: skynet@skynet:~/docker/keycloak$ cd skynet@skynet:~$ ks -bash: ks: command not found skynet@skynet:~$ ls skynet@skynet:~$ ls -a . .. skynet@skynet:~$ lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS sda 8:0 0 3.6T 0 disk ├─sda1 8:1 0 16M 0 part └─sda2 8:2 0 3.6T 0 part /media/devmon nvme0n1 259:0 0 476.9G 0 disk ├─nvme0n1p1 259:1 0 476G 0 part / ├─nvme0n1p2 259:2 0 1K 0 part └─nvme0n1p5 259:3 0 975M 0 part [SWAP] skynet@skynet:~$ cd /home skynet@skynet:/home$ ls changedetection linuxbrew skynet syncthing skynet@skynet:/home$ cd skynet/ skynet@skynet:~$ ls skynet@skynet:~$ ls -a . .. skynet@skynet:~$ cd /home skynet@skynet:/home$ ls changedetection linuxbrew skynet syncthing skynet@skynet:/home$ fusermount -u /home/shady/skynet fusermount: bad mount point /home/shady/skynet: No such file or directory skynet@skynet:/home$ sudo journalctl -u sshfs -- No entries -- skynet@skynet:/home$
i have a custom domain witg catch all setup on protonmail. Is there a way to send every email that is sent to a specific address to spam always?
i.e. if I gave a company A the email "A@domain.tdl" and no longer want any emails from them, or anyone with who knows that specific email, how would I go about this? Thanks!
I would like to make some of my self-hosted services externally accessible. Currently I use a VPN to access stuff externally, however this doesn't work on all use-cases. I also use Tailscale for some things.
I would love to use cloudflare tunnels and another auth solution (like keycloak) to replace Tailscale and the VPN.
Is this feasible?
My end goal would be to setup Immich for my family, and have them not have to worry about Tailscale, a VPN or anything other than some initial login to keycloak (for example)
Hi. I would love to get notifications on GrapheneOS without any Google Play Services etc. or any MicroG or equivalent. (For ProtonMail)
I have seen posts that indicate that the Proton team is aware of this, and wanted to implement it (and has on their other apps) but is there any way to either tell them that this is desired, or make a poll or something?
I self host several things including ntfy, so is there any way to use that for notifications? Does Proton Mail have an API that I could use to programmatically send notifications?
I am trying to not use any Google services for notifications and so I'd like to make a script to send notifications via ntfy based on discord messages.
How would I get access programmatically to my own discord account? Do they even support it? They have bots, but is their api for DMs?
---
Edit: the solution may just be a bot in servers, then not responding to DMs unless they use signal
I have my own invidious instance, and i want all the new videos from my subscriptions to automatically get added to a playlist. Anyone know how do do this?
inspired by this post
I have aac mini with an infared reciever on it. I'd love to use it as a TV PC. And ideally an infared remote too.
I am looking for software recommendations for this, as I've done basically no research.
What's my best option? Linux with kodi? How would a remote connect / which software is required for the remote to work??
Thanks!
how would i go about getting the latest kde onto debian 12? is it worth it even?
EDIT: fine I wont try lmao
Say I have a large txt or CSV file with data I want to search. And say I have several files.
What is the best way to index and make this data searchable? I've been using grep, but it is not ideal.
Is there any self hostable docker container for indexing and searching this? Or maybe should I use SQL?
I'm wanting to heavily mod my 3D45. I basically want to use a raspberry pi to run it, but just repurpose the existing hardware. I am new to this area of 3d printing, and would love some suggestions to get started. I know of octoprint, but does it do all of the reading gcode?
Its new homelab time. And with that, potentially a new OS time too.
I currently am very happy with Debian and Docker. The only issue is I am brand new to using data redundancy. I have a 2 bay NAS I'll use, and I want the two HDDs to be in raid 1.
Now I could definitely just use ZFS or BTRFS with Debian, and be able to use Docker just like I do currently.
Or I could use a dedicated NAS OS. That would help me with the raid part of this, but a requirement is Docker.
Any recommendations?
I have nginx up and working with pihole and its great. I can get to: https://dashy.homelab.duckdns.org/ On my PC but not my phone. On my phone, pfsense blocks it and says "Potential DNS Rebind attack detected, see https://en.wikipedia.org/wiki/DNS_rebinding Try accessing the router by IP address instead of by hostname."
Why? I've disconnected and reconnected to WiFi, and waited a day.
I have a hdd attached to my server. It's sda but has 2 partitions so sda1 @16M and sda2 @3.6T
It defaulted to being in the location /media/devmon so I kept that and it worked for ages.
Suddenly the data is gone.
I had files located here: /media/devmon/4tb_drive/kiwix/zim and that directory is now empty.
But I put the drive into a Windows box, and everything was there.
When I run mount /dev/sda2 /media/devmon/ it says:
The disk contains an unclean file system (0, 0). Metadata kept in Windows cache, refused to mount. Falling back to read-only mount because the NTFS partition is in an unsafe state. Please resume and shutdown Windows fully (no hibernation or fast restarting.) Could not mount read-write, trying read-only
I originally formatted this drive in Windows, is that the issue? Ideally I'd use btrfs or zfs not ntfs, but here we are.
---
How do I get access again?
I'm looking for 16TB HDDs. They'll be for fairly light usage. Immich will be the heaviest thing running on it.
New? Used? Certified? Like this?
Referencing: https://lemmy.world/post/17588348
I want to make a NAS with a 500GB boot drive and 2x16TB HDDs. Based on my previous post, btrfs is a good option. It also looks easy to get started. My plan for the NAS would be to purchase several 16TB drives, and only use 2 of them.
My first question is about different drives. Could I purchase two different brand drives and use them with btrfs? (I assume yes)
2nd question: how does the replacement process go? Like if drive A died, so I remove it, and put a brand new replacement in. What do I have to do with btrfs to get the raid 1 back going? Any links or guides would be amazing.
Goal:
- 16TB mirrored on 2 drives (raid 1)
- Hardware raid?
- Immich, Jellyfin and Nextcloud. (All docker)
- N100, 8+ GB RAM
- 500gb boot drive ssd
- 4 HDD bays, start with using 2
Questions:
- Which os?
- My though was to use hardware raid, and just set that up for the 2 hdds, then boot off an ssd with Debian (very familiar, and use it for current server which has 30+ docker containers. Basically I like and am good at docker so would like to stick to Debian+docker. But if hardware raid isn't the best option for HDDs now a days, I'll learn the better thing)
- Which drives? Renewed or refurb are half the cost, so should I buy extra used ones, and just be ready to swap when the fail?
- Which motherboard?
- Which case?