What are some cool projects that I can do with a 1st gen Raspberry Pi?
I have a question about xcaddy, if anyone would be so kind as to school me. I too would like to geoblock with Caddy. I have investigated the process and of course it uses xcaddy. Having no knowledge of xcaddy, how does that work? Is xcaddy for building modules for Caddy? Does it run separately or in conjunction with Caddy? Does it interfere with Caddy in any way. My hesitation stems from the embarrassingly long time it took for me to wrap my noodle around how Caddy works. IKR? Now it seems so simple, but I'd like very much not to mess up my Caddy installation fat fingering my way through xcaddy. Yes, I know screw ups build knowledge bases, but I'm really trying to be careful and not go in like a bull in a china closet.
'presh
I'll probably get boo'd but NetData covers just about everything I could want to monitor, and then some. If you don't want to hook up to the mother ship, you can use the /v3 switch in the url on your homarr dash, or equal like:
https://netdata.mycoolserver.duckdns.org/v3
Also, as has been mentioned, ntopng is pretty awesome as well.
so if any questions here seem dumb
Not dumb. I say the same, but I have a severe inferiority complex and imposter syndrome. Most artists do.
1 local backup 1 cloud back up 1 offsite backup to my tiny house at the lake.
I use Synchthing.
Don’t ever install WordPress, just let it die
I've never run wordpress, but it always fascinates me at the number of daily exploits that get released for WP. It seems to me that the core WP is solid, but it's all the plugins that open up unintentional attack surfaces.
Hey bro. I apologize for getting back to you so late. Did you ever get this resolved? I'm not hugely knowledgeable about the intricacies of nginx. I went with Caddy, but there is probably some commonality between the two. lmk
From the guy that has been accused of going overboard on security measures, I use both. It just depends on your setup tho. On a low resource server, I would pick crowdsec as it covers more ground than F2B. Running two log parsers does use more resources. ~ my 2 cents
As you probably know the crowdsec bouncer doesn't directly parse logs or do checks like F2B filters. It queries the crowdsec LAPI for decisions and applies them. The “allowed” or “whitelisted” IP logic is handled at the Security Engine or LAPI level, not by the bouncer itself.
You can whitelist an ip in /etc/crowdsec/whitelists.yaml or even whitelist decisions in the whitelist.yaml as such:
name: private-ips
description: Whitelist local and private IPs
whitelist:
reason: "Allow local and private IPs"
ip:
- "127.0.0.1"
- "192.168.1.0/24"
cidr:
- "10.0.0.0/8"
Then issue sudo systemctl reload crowdsec. Kind of the same concept as F2B's ignoreip option. If you are using Tailscale to administer the server, then it's easier to whitelist. IIRC, you can use cscli decisions add --type whitelist --ip 192.168.1.100 --duration 1y but it doesn't add them to the whitelist.yaml. Instead it keeps them in crowdsec's database managed by LAPI. To undo: cscli decisions delete --ip 192.168.1.100 --type whitelist
https://docs.crowdsec.net/u/getting_started/post_installation/whitelists/
You dared to ask a question and the tools to explore answers are readily available.
Right, however, before I go 'test' and screw things up, why not dare to consult with more knowledgeable sources? Maybe I have not taken into account other things that could be negatively affected by said testing? I mean, if you came to me and said 'Hey bro, I'm thinking about learning how to play the guitar (something I've been doing for 65 years). What guidance could you offer a guy just starting out? What about equipment, type strings, etc'? Sure, you could easily go out and buy a cheap, sub $100 guitar only to have it wear your wrists and fingers out and then quit because it's too painful to practice. Or, you could ask the guy who has been playing the guitar and other stringed instruments for virtually all his life, what guidance he could give. 😀
I appreciate your input greatly, and as I said, 25 years of experience does speak for itself.
Thank you
past 25 or so years that’s been fine.
Well, two independent sources with 25+/- years of experience say leave it alone. It sounds to me like I should leave it alone.
but that’s been my experience after ~25 years of using Linux daily.
Certainly, 25 years of experience speaks for itself. If I may ask a follow up question.
I run Portainer, and in Portainer you can adjust Runtime & Resources per container. I am apparently too incompetent to grasp Dockge. Currently everything in Runtime & Resources is unchanged. Is there any benefit to tweaking those settings, or just let 'em eat when hungry?
Well, I passed 40, thirty years ago, but I feel pretty good for an old fart.
To me, it's always nice meeting the face behind the software. I have never used copyparty, but if I had a use case, it would be high on the list just based of the volume of detailed instructions. I think that is probably the most detailed selfhosted piece of software I've seen at GitHub......gotta be something good going on with that. And...and replete with pictures of the UI in a variety of scenarios. That's just top drawer in my book. If a need ever arises, I have bookmarked it, because that's where I'll start. Awesome job my man, and thank you for your dedication to the craft.
Hey, man you talkin' back to me?
Ok so, I got a popup asking to adjust the Appearance in Settings (Windows/Firefox edition) a little while ago, it seems like it was a month or so ago. I have all the settings there ticked. However, I think what a lot of people who knew, went to their official GitHub and downloaded the previous version's xpi and sideloaded it. You would have to untick auto updates. That way you can just go back to clicking on the entry in Bitwarden and that autofills instead of having to click the $@#%$$$ 'Fill' button. The only caution would be if they upgraded the security components in the new version, meaning the last version may or may not have the same security components baked in.
Yes, the new theme is absolute crap.
I have used the free Bitwarden now for untold years. It not only houses passwords for personal applications, I use it to keep track of my business account passwords as well. The only problem I've had with Bitwarden is their recent UI retool which ended up causing a huge ruckus among the user base to the point where they gave an option to switch back.
There is a certain level of trust for whatever option you choose. If you use Bitwarden free, then you have to trust that Bitwarden will keep your data is safe on their servers. If you self host, the onus of trust lies in you're ability to secure your server, and to the extent that you trust your host as well. The latter option leaves me a bit queasy, so I do not selfhost my passwords in a selfhosted vault.
Others may have more trust in their security skills than I do. LOL There's just a lot of sensitive data I have housed within Bitwarden free. Selfhosting it would keep me up at nights.
Kener open source status page v3.2.14 released with the most requested change: Subscribe to monitors
Jump
Social Media Reactions
Interesting article.
I’ve used Grocy.
I use Grocy daily almost, but I think that is a bit more than what OP is looking for. I use it for my pantry inventory. I am somewhat of a prepper, tho I don't prep for EOTW scenarios. Mostly for localized incidents, weather related disasters, imminent social uprisings, etc. I figure, if we start dropping nukes, point me towards the bright light and let it rip. I have no interest in 'repopulating the earth'.
I took a hand-scanner, disassembled it, and re-assembled it into a more form fitting box and mounted it conveniently in the pantry. When I bring groceries into the house, I scan them into inventory. When I use an item, I scan it out. I also use the Grocy mobile app. So, at any time I can view my inventory and see that I either have enough of an item, or need to replenish the stock.
Actually I do. In the evenings when I take my nightly meds with a bowl, I sit in my bed and peruse the 'read it later' articles.
I have not tried Traefik, tho looking at what it does, it's pretty amazing. Caddy seems to fit what I do, and as OP stated, Caddy is pretty easy to master, even tho it took me an embarrassingly long time to get it through my dim brain. Traefik does seem like a very polished app tho and is very integrated in with docker.
Pi-Hole always tops my list as a cool project that has definite benefits and will still be in service after the new wears off. It's been quite a while ago, but I built an Alexa with an RPI. That was kind of cool. Home Assistant on an RPI is pretty cool. In fact, there is a whole list of cool stuff to do with an RPI: https://pimylifeup.com/category/projects/ . There's also an Awesome list for the RPI: https://github.com/thibmaek/awesome-raspberry-pi.