I’ve been using glauth + Authelia for a couple years with no issues and almost zero maintenance.
- 0 Posts
- 21 Comments
Joined 1 year ago
Cake day: July 6th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
2·4 months agoYes, absolutely. Ideally there would be an automated check that runs periodically and alerts if things don’t work as expected.
Monitoring if the backup task succeeded is important but that’s tue easy part of ensuring it works.
A backup is only working if it can be restored. If you don’t test that you can restore it in case of disaster, you don’t really know if it’s working.
Ah got it. I didn’t know there was a free tier!
How do you use ChatGPT anonymously? It requires a valid login linked to a payment method. It doesn’t get any less anonymous than that.
I don’t think I’ve ever come across a DNS provider that blocks wildcards.
I’ve been using wildcard DNS and certificates to accompany them both at home and professional in large scale services (think hundreds to thousands of applications) for many years without an issue.
The problem described in that forum is real (and in fact is pretty much how the recent attack on Fritz!Box users works) but in practice I’ve never seen it being an issue in a service VM or container. A very easy way to avoid it completely is to just not declare your host domain the same as the one in DNS.
If they’re all resolving to the same IP and using a reverse proxy for name-based routing, there’s no need for multiple A records. A single wildcard should suffice.
Not sure if this is helpful in any way, but it might give you some clue.
100./8 addresses are reserved for CG-NAT.
This is probably the IPv4 address your modem/router is receiving from the ISP.
I might pick it back up some day but at the moment I have other projects going on at the moment.
I’m still using Proxmox myself but unfortunately it’s all fairly manually configured.
I started writing a Terraform provider for Proxmox a while ago.
Unfortunately, the API is a massive mess and the documentation is not very helpful either. It was a nightmare and I eventually gave up.
K3s is k8s
lol at the downvote. K3s is k8s. The very first 2 words in its website are
Lightweight Kubernetes. https://k3s-io.github.io/
On macOS I’ve been using Ollama. It’s very easy to setup, can run as a service and expose an API.
You can talk to it directly from the CLI (
ollama run) or via applications and plugins (like https://continue.dev ) that consume the API.It can run on Linux but I haven’t personally tried it.
It’s pretty easy with Ollama. Install it, then
ollama run mistral-7b(or another model, there’s a few available ootb). https://ollama.ai/Another option is Llamafile. https://github.com/Mozilla-Ocho/llamafile
I run it on my router which has the CG-NAT IP address.
Whilst you’re right that it could clash, it’s very unlikely (a 1 in 4194302 chance), I imagine Tailscale would detect the clash and change IPs though I could be wrong as it never happened to me (and probably never will - though in all fairness it will eventually happen to someone).
Been using Tailscale behind CG-NAT for years. It works wonderfully and very rarely needs to route through the DERP infrastructure - it’s almost always a P2P connection.
You’re not wrong that the storage itself is undoubtedly more robust on any cloud provider than a cheap consumer NAS box.
However, there are other factors to consider.
A NAS or any storage solution is only useful if you can access it if you need and if the network speed and stability match your expectations.
A cloud solution will be inaccessible if your internet is down. It may also suffer tremendously if your connection is unstable or slow.
In that sense, even a laptop’s drive connected to your switch could prove more robust than any cloud solution.
You don’t have to use the registrar’s DNS system.
I use LuaDNS. They even offer a fully functional free tier that might be enough for your needs.
They have an API that can be used with certbot, and you can manage your zones with git.
£35 for symmetrical 1gbps. In practice, I get fairly stable ~850mbps either way but I reckon my router is the bottleneck rather than the actual line.
I’ve been using Posteo with my own domain for a few years.
You do need an email forwarder in addition to the hosting since, as you noticed, they don’t support that use-case natively.
My DNS provider, LuaDNS, does that for me. I pay for their Basic tier (US$29/year) but only because I’m using a lot more than what the free tier provides. I did get away with free for about a year though, so that could in fact be sufficient for you, if you decide to go that route.
Ah NFS… It’s so good when it works! When it doesn’t though, figuring out why is like trying to navigate someone else’s house in pitch dark.