toothpaste_sandwich @ toothpaste_sandwich @feddit.nl

Posts

12

Comments

296

Joined

2 yr. ago

Thanks for the advice, I'll give that a try!

Yes, Russia trying to annex Ukraine is far from imperialistic, of course.

Alrighty then! ㄟ(ツ)ㄏ

What kindergartner has a partner, pray tell? Are kindergartners even sexually active?

Oh I see, you mean minus the fucking 10 dudes part.

Oh, that sounds like that game with dwarves. Dwarf Fortress or something?

I don't get it

Ding ding ding ding ding!

So... So how...

Huh, well, that doesn't seem very convenient at all. I'm not all that interested in Ubuntu-based distros, for one.

Still, the ChatGPT bot seems to work well, so that's pretty cool.

Reading this post in Jerboa is mildly infuriating. You keep clicking the wrong upvote button.

That's interesting, I'd be interested in finding out more about that. Let's see, I've always wanted to try this:

@ChatGPT@lemmings.world, how do you set up Ventoy for persistent installs of distros? That is, to be able to make changes to the operating system and have them stick?

Interesting! But will changes made to the OS you're using be persistent? If I'm reading this right, then probably not, right?

Good stuff, can't wait to test this out.

They certainly do. There's still wayyyy too many people driving everywhere, with just one person per car.

No worries, hope you still had a laugh.

Yeah but what's the name of the webcomic you don't have?

Thanks for your reply!

First, in your caddyfile, “my.server” should reflect the real address used for access. Something like “jellyfin.my-domain.com”. This is important for the tls certificate to be generated correctly.

Ah yes, I wasn't clear in my original post—I had censored the address of my actual web address myself. In actuality it is more like this:

    
{
    debug
    
}

# Jellyfin:
myserver.now-dns.net:26347,
myserver.now-dns.net:443,
[my ipv6]:26347 {
    header / {
        # Enable cross-site filter (XSS) 
        # and tell browser to block detected attacks    
        X-Frame-Options "Deny"
        Content-Security-Policy "
                default-src 'self' data: blob:;
                style-src 'self' 'unsafe-inline' bootstrapcdn.com *.bootstrapcdn.com https://ctalvio.github.io/Monochromic/default_style.css https://ctalvio.github.io/Monochromic/jfblue_style.css https://ctalvio.github.io/Monochromic/jfpurple_style.css https://ctalvio.github.io/Monochromic/bottom-progress_style.css https://ctalvio.github.io/Monochromic/customcolor-advanced_style.css https://ctalvio.github.io/Monochromic/improve-performance_style.css https://fonts.googleapis.com/css2;
                script-src 'self' 'unsafe-inline' bootstrapcdn.com *.bootstrapcdn.com googleapis.com *.googleapis.com https://www.gstatic.com/cv/js/sender/v1/cast_sender.js worker-src 'self' blob:;
                font-src 'self' bootstrapcdn.com *.bootstrapcdn.com;
                img-src data: 'self' imgur.com *.imgur.com;
                form-action 'self';
                connect-src 'self' pokeapi.co;
                frame-ancestors 'self';
                report-uri {$CSP_REPORT_URI}
            "
    }
    reverse_proxy 127.0.0.1:8093
    #reverse_proxy localhost:8093
}

# Nextcloud:
myserver.now-dns.net:65001 {
    root * /usr/share/webapps/nextcloud
    file_server
    #        log {
    #                output file     /var/log/caddy/myserver.now-dns.net.log
    #                format single_field common_log
    #        }

    #php_fastcgi 127.0.0.1:9000
    #php_fastcgi unix//run/php-fpm/php-fpm.sock # veranderd naar correcte adres uit /etc/php/php-fpm.d/www.conf
    php_fastcgi unix//run/nextcloud/nextcloud.sock # veranderd naar nieuwe correcte adres uit /etc/php/php-fpm.d/nextcloud.conf

    header {
        # enable HSTS
        Strict-Transport-Security max-age=31536000;
    }

    redir /.well-known/carddav /remote.php/dav 301
    redir /.well-known/caldav /remote.php/dav 301

    # .htaccess / data / config / ... shouldn't be accessible from outside
    @forbidden {
        path /.htaccess
        path /data/*
        path /config/*
        path /db_structure
        path /.xml
        path /README
        path /3rdparty/*
        path /lib/*
        path /templates/*
        path /occ
        path /console.php
    }

    respond @forbidden 404
}

  

Where I replaced myserver by my actual name. I also updated my original post to reflect this just now.

Once updated, pull out a cell phone, turn off wifi (use LTE/5G), and verify it can connect to your site. This makes sure you can access from outside your home network.

Yes, I have done this a lot over the past few months (in the hopes that the problem would've somehow fixed itself) but no dice.

Once confirmed working, try again from your home network. Most likely the page will timeout. This will be due to DNS pointing you back to your own network, which can cause trouble. This can be solved several ways. One is by adding a static DNS entry which points to the IP of your caddy server. You can do this on a per system basis in the hosts file, or at the lan level with you DNS server or router, assuming it allows you to add a custom DNS entry. I do this with my Mikrotik router.

Well, from my home network I just used the internal (IPv4) address to connect to Jellyfin, and that still works. Nextcloud did not work. I'll play around with this once I get the server working again externally.

But yeah, no, I'm afraid I had already taken the steps you outlined here. Any further ideas would be appreciated!

I used this software quite a bit when I was preparing moving to my new house. I could import the floor plan of the place and go to town, it was great!

I still sometimes use it when I'm making plans for redecorating, very convenient.

Very cute. Lovely!