19
[Question] Network-Wide Resolution & Routing of Non-Standard Traffic? (leminal.space)
submitted 3 weeks ago by fenndev@leminal.space to c/selfhosted@lemmy.world
5 comments fedilink

TL; DR: Is it possible (and if so, desirable) to configure my OPNsense router to handle non-standard traffic instead of needing to configure each client device manually? Examples of what I mean by 'non-standard traffic' include Handshake, I2P, ZeroNet, and Tor.

8
[SOLVED] Traefik + Vaultwarden 502 Error (leminal.space)
submitted 1 month ago* (last edited 1 month ago) by fenndev@leminal.space to c/selfhosted@lemmy.world
5 comments fedilink

Edit: Thanks for the help, issue was solved! Had Traefik's loadbalancer set to route to port 8081, not the internal port of 80. Whoops.

Intro

HI everyone. I've been busy configuring my homelab and have run into issues with Traefik and Vaultwarden running within Podman. I've already successfully set up Home Assistant and Homepage but for the life of me cannot get things working. I'm hoping a fresh pair of eyes would be able to spot something I missed or provide some advice. I've tried to provide all the information and logs relevant to the situation.

Expected Behavior:

  1. Requests for *.fenndev.network are sent to my Traefik server.
  2. Incoming HTTPS requests to vault.fenndev.network are forwarded to Vaultwarden
    • HTTP requests are upgraded to HTTPS
  3. Vaultwarden is accessible via https://vault.fenndev.network and utilizes the wildcard certificates generated by Traefik.

Quick Facts

Overview

  • I'm running Traefik and Vaultwarden in Podman, using Quadlet
  • Traefik and Vaultwarden, along with all of my other services, are part of the same fenndev_default network
  • Traefik is working correctly with Home assistant, Adguard Home, and Homepage, but returns a 502 Bad Gateway error with Vaultwarden
  • I've verified that port 8081 is open on my firewall and my service is reachable at {SERVER_IP}:8081.
  • 10.89.0.132 is the internal Podman IP address of the Vaultwarden container

Versions

Server: AlmaLinux 9.4

Podman: 4.9.4-rhel

Traefik: v3

Vaultwarden: alpine-latest (1.30.5-alpine I believe)

Error Logs

Traefik Log:

2024-05-11T22:09:53Z DBG github.com/traefik/traefik/v3/pkg/server/service/proxy.go:100 > 502 Bad Gateway error="dial tcp 10.89.0.132:8081: connect: connection refused"

cURL to URL:

[fenndev@bastion ~]$ curl -v https://vault.fenndev.network
*   Trying 192.168.1.169:443...
* Connected to vault.fenndev.network (192.168.1.169) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
*  CAfile: /etc/pki/tls/certs/ca-bundle.crt
* TLSv1.0 (OUT), TLS header, Certificate Status (22):

Config Files

vaultwarden.container file:

[Unit]
Description=Password 
After=network-online.target
[Service]
Restart=always
RestartSec=3

[Install]
# Start by default on boot
WantedBy=multi-user.target default.target

[Container]
Image=ghcr.io/dani-garcia/vaultwarden:latest-alpine
Exec=/start.sh
EnvironmentFile=%h/.config/vault/vault.env
ContainerName=vault
Network=fenndev_default

# Security Options
SecurityLabelType=container_runtime_t
NoNewPrivileges=true                                    
# Volumes
Volume=%h/.config/vault/data:/data:Z

# Ports
PublishPort=8081:80

# Labels
Label=traefik.enable=true
Label=traefik.http.routers.vault.entrypoints=web
Label=traefik.http.routers.vault-websecure.entrypoints=websecure
Label=traefik.http.routers.vault.rule=Host(`vault.fenndev.network`)
Label=traefik.http.routers.vault-websecure.rule=Host(`vault.fenndev.network`)
Label=traefik.http.routers.vault-websecure.tls=true
Label=traefik.http.routers.vault.service=vault
Label=traefik.http.routers.vault-websecure.service=vault

Label=traefik.http.services.vault.loadbalancer.server.port=8081

Label=homepage.group="Services"
Label=homepage.name="Vaultwarden"
Label=homepage.icon=vaultwarden.svg
Label=homepage.description="Password Manager"
Label=homepage.href=https://vault.fenndev.network

vault.env file:

LOG_LEVEL=debug
DOMAIN=https://vault.fenndev.network
KDE Plasma needs stability by fenndev in c/linux@lemmy.ml
[-] fenndev@leminal.space 10 points 1 month ago

If you want your environment to be consistent between desktops, keep it mostly stock. The default KDE themeing and setup is pretty damn similar to Windows 10, and I've kept it stock ever since I started using it ~1 ½ years ago.

[Request] Any Guides to FFMPEG, Transcoding, Codecs, and Metadata? by fenndev in c/piracy@lemmy.dbzer0.com
[-] fenndev@leminal.space 12 points 2 months ago

Mhm, I'm aware. I just figured the nice folks here would likely have more experience with codecs and such than elsewhere!

(That, and, if I can build my own replacement Disney+, I would definitely want to share with friends.)

21
[Request] Any Guides to FFMPEG, Transcoding, Codecs, and Metadata? (leminal.space)
submitted 2 months ago by fenndev@leminal.space to c/datahoarder@lemmy.ml
1 comments fedilink

cross-posted from: https://leminal.space/post/6179210

I have a collection of about ~110 4K Blu-Ray movies that I've ripped and I want to take the time to compress and store them for use on a future Jellyfin server.

I know some very basics about ffmpeg and general codec information, but I have a very specific set of goals in mind I'm hoping someone could point me in the right direction with:

  1. Smaller file size (obviously)
  2. Image quality good enough that I cannot spot the difference, even on a high-end TV or projector
  3. Preserved audio
  4. Preserved HDR metadata

In a perfect world, I would love to be able to convert the proprietary HDR into an open standard, and the Dolby Atmos audio into an open standard, but a good compromise is this.

Assuming that I have the hardware necessary to do the initial encoding, and my server will be powerful enough for transcoding in that format, any tips or pointers?

55
[Request] Any Guides to FFMPEG, Transcoding, Codecs, and Metadata? (leminal.space)
submitted 2 months ago by fenndev@leminal.space to c/piracy@lemmy.dbzer0.com
29 comments fedilink

I have a collection of about ~110 4K Blu-Ray movies that I've ripped and I want to take the time to compress and store them for use on a future Jellyfin server.

I know some very basics about ffmpeg and general codec information, but I have a very specific set of goals in mind I'm hoping someone could point me in the right direction with:

  1. Smaller file size (obviously)
  2. Image quality good enough that I cannot spot the difference, even on a high-end TV or projector
  3. Preserved audio
  4. Preserved HDR metadata

In a perfect world, I would love to be able to convert the proprietary HDR into an open standard, and the Dolby Atmos audio into an open standard, but a good compromise is this.

Assuming that I have the hardware necessary to do the initial encoding, and my server will be powerful enough for transcoding in that format, any tips or pointers?

A Bash script to rip music off CUE/BIN files by fenndev in c/linux@lemmy.ml
[-] fenndev@leminal.space 11 points 2 months ago

It is not an abuse of anyone's creative rights to the convert music from a game you legally own to a different format.

Which communication protocol or open standard in software do you wish was more common or used more? by fenndev in c/linux@lemmy.ml
[-] fenndev@leminal.space 11 points 2 months ago

I think Obsidian and Logseq are helping to change this.

Streaming Video Discord Replacements for Linux? by fenndev in c/linux@lemmy.ml
[-] fenndev@leminal.space 10 points 2 months ago

For what it's worth, I've been running alternative Discord clients for years (Webcord, discord-screenaudio, and now Vesktop/Vencord) and haven't encountered any issues or bans. By far, the most polished and well integrated is Vesktop/Vencord. I don't consider my Discord account worth risking either, but given that I've yet to see a verifiable report of someone losing access to Discord for using an alternate client (even the ones that enable Nitro subscription features), I think I'm pretty safe.

Personally, I'd say risk it for the biscuit. There are some hacky workarounds but all of them are annoying to set up and finicky. As for alternative platforms, I'm not sure...

*Permanently Deleted* by fenndev in c/opensource@lemmy.ml
[-] fenndev@leminal.space 14 points 2 months ago

Gas fees, fees to convert to fiat, electricity bills for miners / initial investment for stakers... No matter how you frame it, there are still associated fees. Might as well use the standard we have at the moment.

4
Automated Archival-Level Git Repo Mirroring? (leminal.space)
submitted 3 months ago by fenndev@leminal.space to c/libre_software@lemmy.ml
0 comments fedilink

cross-posted from: https://leminal.space/post/4761745

Shortly before the recent removal of Yuzu and Citra from Github, attempts were made to back up and archive both Github repos; it's my understanding that these backups, forks, etc. are fairly incomplete, either lacking full Git history or lacking Pull Requests, issues, discussions, etc.

I'm wondering if folks here have information on how to perform thorough backups of public, hosted git repos (e.g. Github, Gitlab, Codeberg, etc.). I'd also like to automate this process if I can.

git clone --mirror is something I've looked into for a baseline, with backup-github-repo looking like a decent place to start for what isn't covered by git clone.

The issues I can foresee:

  • Each platform builds its own tooling atop Git, like Issues and Pull Requests from Github
  • Automating this process might be tricky
  • Not having direct access/contributor permissions for the Git repos might complicate things, not sure

I'd appreciate any help you could provide.

27
Automated Archival-Level Git Repo Mirroring? (leminal.space)
submitted 3 months ago by fenndev@leminal.space to c/linux@lemmy.ml
11 comments fedilink

cross-posted from: https://leminal.space/post/4761745

Shortly before the recent removal of Yuzu and Citra from Github, attempts were made to back up and archive both Github repos; it's my understanding that these backups, forks, etc. are fairly incomplete, either lacking full Git history or lacking Pull Requests, issues, discussions, etc.

I'm wondering if folks here have information on how to perform thorough backups of public, hosted git repos (e.g. Github, Gitlab, Codeberg, etc.). I'd also like to automate this process if I can.

git clone --mirror is something I've looked into for a baseline, with backup-github-repo looking like a decent place to start for what isn't covered by git clone.

The issues I can foresee:

  • Each platform builds its own tooling atop Git, like Issues and Pull Requests from Github
  • Automating this process might be tricky
  • Not having direct access/contributor permissions for the Git repos might complicate things, not sure

I'd appreciate any help you could provide.

14
Automated Archival-Level Git Repo Mirroring? (leminal.space)
submitted 3 months ago* (last edited 3 months ago) by fenndev@leminal.space to c/opensource@lemmy.ml
2 comments fedilink

Shortly before the recent removal of Yuzu and Citra from Github, attempts were made to back up and archive both Github repos; it's my understanding that these backups, forks, etc. are fairly incomplete, either lacking full Git history or lacking Pull Requests, issues, discussions, etc.

I'm wondering if folks here have information on how to perform thorough backups of public, hosted git repos (e.g. Github, Gitlab, Codeberg, etc.). I'd also like to automate this process if I can.

git clone --mirror is something I've looked into for a baseline, with backup-github-repo looking like a decent place to start for what isn't covered by git clone.

The issues I can foresee:

  • Each platform builds its own tooling atop Git, like Issues and Pull Requests from Github
  • Automating this process might be tricky
  • Not having direct access/contributor permissions for the Git repos might complicate things, not sure

I'd appreciate any help you could provide.

Libation: Download DRM Free copies of those audiobooks you've paid for on Audible. by fenndev in c/piracy@lemmy.dbzer0.com
[-] fenndev@leminal.space 7 points 3 months ago

Unrelated, but I would have preferred a stolen, watermarked Getty Images photo rather an an AI-generated one. Fits the pirate vibe better to have blatantly and unabashedly stolen something than to indirectly do so with plausible deniability.

WhatsApp's interoperability agreement doesn't allow GNU (A|L)GPL licenses by fenndev in c/opensource@lemmy.ml
[-] fenndev@leminal.space 12 points 3 months ago

Pardon me, but would this not interfere with partners' ability to host services via 99% of Linux-based servers?

How to sign up to services that require sms authentication? by fenndev in c/privacyguides@lemmy.one
[-] fenndev@leminal.space 16 points 3 months ago

Depending on your threat model, your best bet would probably be to purchase a burner phone at Walmart or something with cash. Then only use the phone for verification purposes.

Joplin alternative needed by fenndev in c/selfhosted@lemmy.world
[-] fenndev@leminal.space 29 points 5 months ago

Have you looked into either Obsidian or Logseq?

Obsidian is not open source, but uses Markdown for notes just like Logseq. Very popular overall.

The free fediverses should support concentric federations of instances by fenndev in c/fediverse@lemmy.world
[-] fenndev@leminal.space 18 points 5 months ago

Interesting idea. Personally, I would like to see larger groups of admins and server members working together towards common goals and setting common standards - what we have right now is more like a confederacy, not a federation. There is no unifying, governing body made up of representatives from the servers.

What odt editor for Android do you recommend? by fenndev in c/foss@beehaw.org
[-] fenndev@leminal.space 8 points 5 months ago

May I ask why? Using alternative sources from the vendors themselves usually isn't any less secure than using the official F-Droid repos. It's a common thing on Linux.

view more: next ›

fenndev

joined 6 months ago