1·
6 months agoI would’ve if I was wrong
- 0 Posts
- 51 Comments
Joined 1 year ago
Cake day: July 3rd, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
If you really think someone is wrong don’t ask them “why, why, why” incessantly like a toddler, grow a pair of balls and just speak your mind.
And in this case I meant “your IP” as in, the grand scheme of things “an IP address that you own”, a VPS for instance, not necessarily the destination. Obviously you wouldn’t need to tell a firewall what its own public IP is. Have I clarified my thought to your standards?
No fucking shit? In that scenario your friend could use DDNS and you point your access rule to his FQDN to allow access.
Did you really ask me a billion fucking “why” questions just to come back and fucking what prove me wrong? Is this a good use of your time? I literally thought you were a noobie looking to understand.
Fuck off.
An access rule for instance. To say to allow all traffic or specific types of traffic from a public IP address. This could be if you wanted to allow access to some media server from your friends house or something.
If OP needs a firewall rule to do any number of things that a firewall does.
Because you’re not going to setup any rules pointed to a dynamic public IP address. Otherwise you’re going to be finding a way to change the rule every time the ip changes.
The ddns automatically updates an A record with your public IP address any time it changes, so yeah the rules would use the fqdn for that A record.
To resolve whatever hostname you’ve setup for ddns
As long as whatever firewall rules you’re using is capable of resolving FQDNs then I don’t see an advantage of doing this. Maybe in the off chance that your IP changes, someone else gets the old IP and exploits it before the DDNS setup has a chance to update. I think that’s really unlikely.
Edit: just to add to this, I do think static IPs are preferable to DDNS, just because it’s easier, but they also typically cost money.
So here’s my two cents:
I think that if you have a bunch of services, then you should use caddy or Apache or nginx. doing this in caddy and Apache is not that difficult, but I understand the hesitation (I don’t have much experience with nginx)
If you just want to get something working you could do bookmarks with the http://host.whatever.com:port and that would be Gucci.
You could also use another registrar or name server besides Cloudflare to make URL redirect records. This is like an A record but it also includes a port. This is not a standard type of record, but some places will do it like Namecheap.
Again, if you want to do it the right and best way, then I do think a reverse proxy is the way to go.
-1 for Netdata. I used it for a bit, but the configuration is not very intuitive and the docs for alerts were basically “rest of the fucking owl”, at least for the non-cloud version. I ended up just switching to Glances which is pretty boneless but it’s easy.
Though for OP I’d probably recommend Prometheus.
It’s at /app/public/conf.yml within the container. But I suppose you’re asking how you would pull it out? I’d probably just get into the container interactively and just copy the contents of that file. I would suggest using volumes in the future for persistent data.
They’re generally highly regarded.
Sure and I know that you meant. But I also think that with a little creativity and compromise it’s also not difficult at all to get something that’s not that long and also easily said.
Even if they are finite, the number would be so impossibly large that for all practical purposes this would not be the case.
I use Portainer for this, though it doesn’t aggregate logs or anything. It just makes them easy to get to and read.
You don’t need a protectli, even an old optiplex should be able to handle opnsense and/or a pi hole. You would just want to have 2+ NICS.
Or if it needs to be low powered there are definitely other options.
Look, I never said you were wrong man. Clearly you probably have a lot more experience than i do. Which is why I said what I said. Because I personally believe Proxmox is way easier for someone who is a casual like me. That’s all.
Edit: Also, though it doesn’t really matter, I don’t use LXC.
I’m going to disagree with this. I’ve setup everything in one Debian server before and it became unwieldy to keep in check when you’re trying new things, because you can end up with all kinds of dependencies and leftover files from shit that you didn’t like.
I’m sure this can be avoided with forethought and more so if you’re experienced with Debian, but I’m going to assume that OP is not some guru and is also interested in trying new things, and that’s why he’s asked this question.
Proxmox is perfectly fine. For many years I had an OMV VM for my file server and another server for my containers. If you don’t like what you’ve done it is much easier to just remove one VM doing one thing and switch to some other solution.
It seems cool but it’s just going to be a big headache man. I would just spin up a domain controller and maybe some workstations to play around with.
https://github.com/ipsingh06/seedsync