• 0 Posts
  • 6 Comments
Joined 2 years ago
cake
Cake day: July 3rd, 2023

help-circle
  • Invisible walls. And I’m not saying the ones that are like way up out of the way that you have to nearly use glitches to get to. I’m talking the “walking down a city street and then you’re stopped in the middle of the road for no reason” kind. Like, you put area there that I can see, I want to go there. If you don’t want me to go there at least put something there to indicate it’s the edge of the map.


  • I know there may be some which are better for various reasons, but look into nginx proxy manager to get those resources behind some URLs with SSL. I like it because it’s got a pretty easy to use web interface, but I know similar things can be accomplished with traefik and like a 3 line per service yaml file. I use NPM and a pihole for DNS to point to the NPM server, and it’s great for me, including automatic cert rotation with LetsEncrypt.


  • If you’re looking to actually do Fail2ban, look into crowdsec first. It’s a similar concept but instead of creating your own block lists by people hammering against your system until they’re banned, it uses community-populated lists to pre-ban known bad actors.

    I know a lot of people shit on it from a decentralization perspective, but I use Cloudflare to expose all my services. Then anyone who hits my sites has to go through Cloudflare’s detections first. I have all my services behind a reverse proxy (nginx proxy manager) running locally, and that’s the only though exposed to the Internet through my router, also that ONLY allows connections at all from Cloudflare IPs or my local network. My home IP is obfuscated, my services can only be accessed using the ports I define, and things are happy. I also block as much as possible on my router, and have automatic updates on all my server VMs/LXCs.

    You could also set up a Cloudflare tunnel to go to the reverse proxy and avoid needing to expose anything to the direct Internet.

    Just turn off caching for any media servers domains/subdomains if you go with Cloudflare, or else it will try to cache any media on their servers and it’s technically a ToS violation so people get their accounts banned. It’s a simple setup to disable cache though.




  • I do prefer instrumental music, but for completely different reasons. Mostly for me it’s because I get earworms extremely easily, and can have a song stuck in my head for days at a time. 99% of the time it’s the lyrics that are stuck, so it’s a much lower chance to get an instrumental song stuck in my head.