Pi-hole erhält umfangreiches Update auf Version 6.1 mit zahlreichen Verbesserungen
Die Open-Source-Software Pi-hole bekommt mit Version 6.1 ein umfangreiches Update.
https://www.apfeltalk.de/magazin/news/pi-hole-erhaelt-umfangreiches-update-auf-version-6-1-mit-zahlreichen-verbesserungen/
#News #Services #Core #CPUAuslastung #DHCP #DNSBlocker #Docker #FTLEngine #Netzwerk #OpenSource #Pihole #PiholeUpdate61 #RaspberryPi #ReverseProxy #SynologyNAS #Weboberflche #ZweiFaktorAuthentifizierung
Pi-hole erhält umfangreiches Update auf Version 6.1 mit zahlreichen Verbesserungen
Die Open-Source-Software Pi-hole bekommt mit Version 6.1 ein umfangreiches Update.
https://www.apfeltalk.de/magazin/news/pi-hole-erhaelt-umfangreiches-update-auf-version-6-1-mit-zahlreichen-verbesserungen/
#News #Services #Core #CPUAuslastung #DHCP #DNSBlocker #Docker #FTLEngine #Netzwerk #OpenSource #Pihole #PiholeUpdate61 #RaspberryPi #ReverseProxy #SynologyNAS #Weboberflche #ZweiFaktorAuthentifizierung
Gemini
Vorab: ich finde es ziemlich störend, dass der Suchbegriff „Gemini“ seit einiger Zeit hauptsächlich irreführende Ergebnisse liefert. Wen interessiert schon dies Google-AI-Monster?
Vor ein paar Tagen bin ich durch einen Post im Fediverse mal wieder daran erinnert worden, dass meine eigene Gemini Capsule ordentlich Staub angesetzt hat. Staub, äh, Asche auf mein Haupt.
Da ich die Funktionstüchtigkeit des Servers zwar ab und an über den zusätzlich vorhandenen https-Link, aber nicht über z.B. LaGrange getest habe, ist mir der Ablauf des Zertifikats auf Port 1965 leider nicht aufgefallen. Seit der Zwischenschaltung des Reverse Proxy werden die Lets-Encrypt-Zertifikate nicht mehr auf dem heimischen Yunohost verwaltet und aktualisiert. Nun stehe ich also vor der Problematik, diese Teilung für eine einzelne Domain wieder aufheben zu müssen.
Da ich darauf nicht zu viel Zeit ver(sch)wenden möchte, könnte es durchaus passieren, dass der Gemini-Server auf den externen VPS umzieht. Der liefert sowieso schon GoToSocial als externes Backup, ergo keine zusätzlichen Kosten/Resourcen benötigt.
Wird außerdem Zeit, dass ich mich wieder mehr mit dem Thema Small Web beschäftige.
In the past three days, I've switched my #homelab to a new #ReverseProxy! After using #NginxProxyManager and #Zoraxy, I've now moved to #Pangolin.
Pangolin allows me to provide my #selfhosted services from my home lab without needing to open a port in my #firewall. 
Essentially, it's a self-hosted alternative to #CloudflareTunnels, running on a #VPS. Due to the current political situation in the #USA, I preferred not to use Cloudflare.
Pangolin is based on #WireGuard and #Newt, enabling a #certificate-based direct connection after installing a client on the home server. 
I'm extremely satisfied with it and now have no open ports in my private #network! 
Question: Nginx or HAProxy as a reverse proxy? I’ve tested both. In some cases, I still need nginx, while in others, after a closer look, it’s not necessary.
Performance, etc.
Opinions from those who use/have used both?
Curious about Docker or Reverse Proxies? Check out my latest post that simplifies these concepts and shows how straightforward they are to use! Discover more here: https://buff.ly/KoNWWuG #Docker #ReverseProxy #TechInsights
I would call this a big success. A valid, trusted certificate, signed by Let's Encrypt, without ever exposing a single port to the public internet. Just what I needed. I can't believe how easy it is to do this with #Caddy. They weren't lying when they said you barely needed any configuration. What an incredible program!
#Apache #WebServer #ReverseProxy
So, I don't seem to be seeing any useful information in systemd journal, but every time I enable this config and reload Apache it fails. I can't seem to figure out what I'm missing here. Any of y'all have any thoughts or suggestions?
Even if the ports aren't listening, that shouldn't cause Apache to crash out, I've been in that situation many times before. I don't normally use ServerAlias' much, but otherwise I have other almost identical configs that work.
Hi everyone,
I'm encountering an issue with my self-hosted setup using Caddy 2.9.1 and Authelia 4.38.19. All domains except auth.laniecarmelo.tech return a 401 Unauthorized error. Journald logs suggest issues with insecure schemes ('') instead of https or wss.
Details:
|
Feb 24 21:01:47 stormux authelia[2932]: level=error msg="Target URL '/' has an insecure scheme '', only 'https' and 'wss' are supported"Caddy:Feb 24 21:19:41 stormux caddy[48845]: {"msg":"handled request","method":"GET","host":"adguard.laniecarmelo.tech","status":200}Configurations:
Curl Output:
HTTP Request:
$ curl home.laniecarmelo.tech -v
< HTTP/1.1 308 Permanent Redirect
< Location: https://home.laniecarmelo.tech/
HTTPS Request:
$ curl https://home.laniecarmelo.tech -v
< HTTP/2 401
< content-type: text/plain; charset=utf-8
< server: Caddy
401 Unauthorized
Does anyone know what might be causing this? I suspect it could be related to forward_auth or trusted proxies.
Thanks in advance! 
#SelfHosting #CaddyServer #Authelia #ReverseProxy #TechHelp #Linux #HomeLab
@selfhost @selfhosting @selfhosted
Need help with #Caddy configuration. Getting error:
"Error: adapting config using caddyfile: /etc/caddy/Caddyfile:20: parsed 'header' as a site address, but it is a known directive; directives must appear in a site block"
Running #LinkAce behind Caddy. Config has global options block, site blocks for subdomains, and snippets for common configs. Error persists despite:
Full config: [Pastebin link]
#SelfHosted #Docker #ReverseProxy #WebDev #Linux #HomeLab
@selfhost @selfhosted @selfhosting
Cloudflare Tunnel to internal resource
or
NGINX reverse proxy?
Any #nginx #networking #jellyfin experts having a quite saturday and willing to help me get my #selfhosted journey underway?
I've got a domain and a box with some working apps on it but I can't get #certbot to recognise my DNS and am struggling to get the #ReverseProxy working.
There's a few too many moving parts for my little brain, I'd really value a helping hand to get me up and running, please.
#MiniFlux users, can anyone help?
Hi all. I'm having some issues with MiniFlux, a #SelfHosted #RSSReader, and hoping someone can help. MiniFlux was working fine until I tried to deploy ReactFlux on the same domain as it, rss.laniecarmelo.tech, on a subpath, /reactflux. This didn't work so I removed ReactFlux. I also migrated MiniFlux from #Docker to #Pacman package, thinking it would be easier on my system. This problem, or a similar one, was occurring before I did that though.
Now, rss.laniecarmelo.tech loads the MiniFlux login page, but when I login, it redirects to a blank page at rss.laniecarmelo.tech/login. I've added trusted proxies and cookie configuration to my miniflux.conf and headers to my Caddyfile, but I still have the issue.
I'm using #Caddy for #ReverseProxy and #Cloudflare for #SSO. Has anyone seen anything like this before? This is on a #RaspberryPi500 running #ArchLinuxARM.
I've checked MiniFlux logs, and it's getting the login requests and creating sessions. I'm not sure what's happening after that. Cloudflared and Caddy seem to be working normally.
#SelFhosting #Linux #RSS #RaspberryPi #RPi #tech #technology
@selfhost @selfhosted @selfhosting
to sum up what I figured out last night:
Wireguard point-to-point links are as easy to set up as the reverse-proxy apps ('frp' and 'rathole') I've used in the past, and likely more reliable, performant, and secure.
I used this guide to set up such a link: https://docs.vultr.com/how-to-install-wireguard-vpn-on-debian-12
I'm going to replace my existing setups with this, and I'm pleased that upon finally taking the time to look into it, #Wireguard proved very simple to use.
as for my claims of its likely superiority:
* more reliable due to more highly proficient eyes on the codebase and a bigger userbase smoking out bugs
* more performant due to less copying bytes to/from userspace
* more secure because one point of Wireguard is to have as small a codebase as possible, and again (being in the kernel in part) it has more smart sets of eyes on it; further, it makes use of existing IP networking security practices.
this is a major step forward for Surfhosting. I had a big mental block on deploying Wireguard for quite a while, and now I'm past it. 
@Tutanota
#passbolt for password management
#sentinelone for client security
#yubikey for keys
#trezor for crypto and keys
#GPG in general as security
#proton for mails
#Torbrowser/brave browsing
#Reverseproxy
#Tailscale for secure private network mesh
A deep dive into We2.ee's #Caddy configuration, handling #Matrix #federation offering profile and room redirection shortlinks, and combining multiple services on a single domain.
Running multiple #web #services doesn't have to be complicated, and it can be a low effort hobby or side gig for busy professionals. Here's how #Caddy makes it simple by handling #reverseproxy and #HTTPS certificates, plus a #Python #script I use to set up new services behind #Cloudflare #DNS with a single command.
I'm new to self-hosting and struggling to get my services accessible externally. I'm using Traefik as a reverse proxy on a Raspberry Pi 500 running Stormux (Arch Linux ARM-based). My public IP resolves correctly via Dynu DNS, and ports 80 and 8444 are forwarded in my router. I've configured Traefik to use port 8444 for HTTPS, but external connections time out. I’ve tried:
• Forwarding ports 80 and 8444 in my router
• Allowing ports in iptables and FirewallD
• Setting my router's firewall to low security
• Verifying Traefik is listening on port 8444 locally (works with curl)
• Using Authelia for authentication (middleware configured in Traefik)
Internal access works fine, but external access fails. Could this be an ISP block or something I’m missing? Any advice is appreciated!
#SelfHosting #Traefik #RaspberryPi #DynuDNS #ReverseProxy #Networking #Help #Tech #Technology #Linux
@selfhost @selfhosting @selfhosted @linux
Help Needed: Traefik + Authelia Setup
I'm trying to set up Traefik with Authelia for my self-hosted services using my domain, but I'm running into issues like Traefik generating invalid domains (`traefik-traefik`). I've posted all the details here: https://community.traefik.io/t/help-needed-traefik-with-authelia-and-domain-setup-traefik-traefik-error/26010
If you're experienced with Traefik, Authelia, or self-hosting, I’d greatly appreciate your insights!
My configuration files are available for download in the post.
#Traefik #Authelia #SelfHosting #ReverseProxy #Docker #YAML #Linux #RaspberryPi #Tech #Technology #ArchLinuxARM #Stormux
Tagging relevant groups for visibility: 
@selfhosting @linux
Also tagging Lemmy communities: @selfhost @selfhosted
Since I have a really bad hand with timing my posts, so that the least amount people possible see them, I have to try again 
Anyone out there who knows about hosting Fediverse Applications behind an Apache Reverse Proxy?
To be more specific - I have been trying for days to get Epicyon running on my server. Installation was easy and it is running, just not completely. I cannot follow people or accept follows from others and proxying is the most likely culprit (I'm seeing 400 and 401 errors in Epicyon's logs)
The Installation Manual describes how to set up a nginx Reverse Proxy but I already have Apache and cannot change that. I do run other services using it as a proxy though and these all work as expected.
I'm out of ideas and would appreciate any help translating from nginx config to Apache. Boosts Welcome!
