The IT Blog<p><strong>Migration, Containers and … It’s always DNS, really</strong></p><p>As I wrote in my previous post, I have a new member in the home server environment: The Lenovo ThinkCenter Mini Computer! Right after getting Ubuntu up and running on it, I began the process of easing the workload on my <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://www.locked.de/tag/raspberrypi/" target="_blank">#RaspberryPi</a>. PiHole had been flagging high CPU load a couple of times already, especially when Jellyfin was streaming media and performing its usual tasks.</p><p>The target was clear: keep PiHole on the Pi and move the heavier services to the Lenovo. But I also didn’t simply want to migrate the services. I also wanted to improve the setup …</p><p> […]</p><p><a href="https://www.locked.de/migration-containers-and-its-always-dns-really/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">locked.de/migration-containers</span><span class="invisible">-and-its-always-dns-really/</span></a></p><p><a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://www.locked.de/tag/jellyfin/" target="_blank">#Jellyfin</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://www.locked.de/tag/lenovo/" target="_blank">#Lenovo</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://www.locked.de/tag/navidrome/" target="_blank">#Navidrome</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://www.locked.de/tag/nginx/" target="_blank">#nginx</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://www.locked.de/tag/peertube/" target="_blank">#peertube</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://www.locked.de/tag/portainer/" target="_blank">#portainer</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://www.locked.de/tag/raspberrypi/" target="_blank">#RaspberryPi</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://www.locked.de/tag/selfhosting/" target="_blank">#selfhosting</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://www.locked.de/tag/traefik/" target="_blank">#traefik</a></p>
eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.
Administered by:
Server stats:
206active users
eupolicy.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.1
#traefik
0 posts · 0 participants · 0 posts today
Linuxiac<p>Traefik Proxy 3.5 lands with a new Ingress NGINX Provider, full Gateway API v1.3 support, and a modern React-based dashboard experience.<br><a href="https://linuxiac.com/traefik-proxy-3-5-brings-ingress-nginx-migration-react-dashboard/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">linuxiac.com/traefik-proxy-3-5</span><span class="invisible">-brings-ingress-nginx-migration-react-dashboard/</span></a></p><p><a href="https://mastodon.social/tags/traefik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>traefik</span></a> <a href="https://mastodon.social/tags/proxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proxy</span></a> <a href="https://mastodon.social/tags/reverseproxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>reverseproxy</span></a> <a href="https://mastodon.social/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a></p>
Multipath TCPThe last Traefik versions 2.11.26 and 3.4.2 have MPTCP support enabled by default 🎉<br><br><a class="hashtag" href="https://social.kernel.org/tag/traefik" rel="nofollow noopener" target="_blank">#Traefik</a> is the Cloud Native Application Proxy: <a href="https://traefik.io" rel="nofollow noopener" target="_blank">https://traefik.io</a><br><a class="hashtag" href="https://social.kernel.org/tag/mptcp" rel="nofollow noopener" target="_blank">#MPTCP</a> is short for Multipath TCP, an extension to TCP to make use of multiple interfaces at once to send and receive TCP packets over a single MPTCP connection: <a href="https://mptcp.dev" rel="nofollow noopener" target="_blank">https://mptcp.dev</a>
Larvitz :fedora: :redhat:<p>Thrilled to have a new, production-ready CI/CD pipeline live! It automatically builds and deploys my Jekyll static WIP site (<a href="https://hofstede.it" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">hofstede.it</span><span class="invisible"></span></a>) on every push to the main branch.</p><p>The architecture is a showcase of modern Linux tools:</p><p>🔹 Server running on Red Hat Enterprise Linux 10 (RHEL) <br>🔹 Forgejo for Git hosting & Actions.<br>🔹 A rootless Forgejo Runner, running in Podman, managed by a systemd Quadlet file.<br>🔹 Traefik reverse proxy running as a Podman container.<br>🔹 An Nginx web server for the site, also in a container for easy discovery by Traefik.</p><p>The Forgejo Runner and the Nginx Webserver run in different unprivileged user contexts. </p><p>The magic is the secure bridge between the rootless CI job and the web server. The pipeline creates a build artifact, and a systemd.path watcher on the host instantly triggers a deployment script. <br>It's fully decoupled, secure, and works like a charm.</p><p><a href="https://burningboard.net/tags/devops" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>devops</span></a> <a href="https://burningboard.net/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a> <a href="https://burningboard.net/tags/forgejo" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>forgejo</span></a> <a href="https://burningboard.net/tags/podman" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>podman</span></a> <a href="https://burningboard.net/tags/rhel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rhel</span></a> <a href="https://burningboard.net/tags/cicd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cicd</span></a> <a href="https://burningboard.net/tags/traefik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>traefik</span></a> <a href="https://burningboard.net/tags/systemd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>systemd</span></a> <a href="https://burningboard.net/tags/redhat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redhat</span></a></p>
Keywan Tonekaboni<p>Wie ihr Online-Dienste selbst betreibt, zeigen wir euch im <span class="h-card" translate="no"><a href="https://peertube.heise.de/accounts/ct_uplink" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>ct_uplink</span></a></span>. Ganz gleich, ob Smarthome auf dem Raspi, Nextcloud auf dem Homeserver oder auf einem angemieteten Server im Rechenzentrum. Selber machen ist angesagt.</p><p>Die Folge könnt ihr ganz einfach hier im Fediverse schauen, über unsere <a href="https://social.heise.de/tags/PeerTube" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PeerTube</span></a> Instanz.</p><p><a href="https://peertube.heise.de/w/djrpQYtR1pRdLuivb8t3G9" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">peertube.heise.de/w/djrpQYtR1p</span><span class="invisible">RdLuivb8t3G9</span></a></p><p><a href="https://social.heise.de/tags/selfhosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selfhosting</span></a> <a href="https://social.heise.de/tags/selfhostet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selfhostet</span></a> <a href="https://social.heise.de/tags/diy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>diy</span></a> <a href="https://social.heise.de/tags/hosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hosting</span></a> <a href="https://social.heise.de/tags/homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>homelab</span></a> <a href="https://social.heise.de/tags/homeserver" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>homeserver</span></a> <a href="https://social.heise.de/tags/nextcloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nextcloud</span></a> <a href="https://social.heise.de/tags/docker" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>docker</span></a> <a href="https://social.heise.de/tags/container" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>container</span></a> <a href="https://social.heise.de/tags/traefik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>traefik</span></a> <a href="https://social.heise.de/tags/portainer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>portainer</span></a> <a href="https://social.heise.de/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a> <a href="https://social.heise.de/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a></p>
CrowdSec<p>Looking to enhance your self-hosted setup with <span class="h-card" translate="no"><a href="https://hachyderm.io/@traefik" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>traefik</span></a></span> v3 and CrowdSec for automated threat blocking? 🛡️</p><p>Check out this step-by-step guide by community member Jonny5 covering:</p><p>✅ Traefik File Provider (Services/Routers/Middleware)<br>✅ CrowdSec Remediation Component (for automatic IP blocking) <br>✅ Parser Agent Config (to detect malicious traffic) <br>✅ Example Configs for Plex & Web Servers </p><p>Full guide 👉 <a href="https://nova-labs.net/setting-up-traefik-v3-with-file-provider-crowdsec-on-your-homelab/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">nova-labs.net/setting-up-traef</span><span class="invisible">ik-v3-with-file-provider-crowdsec-on-your-homelab/</span></a></p><p><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/selfhosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selfhosted</span></a> <a href="https://infosec.exchange/tags/Homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Homelab</span></a> <a href="https://infosec.exchange/tags/Traefik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Traefik</span></a> <a href="https://infosec.exchange/tags/CrowdSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CrowdSec</span></a></p>
Max<p>Gestern den halben Tag verbraucht um Jitsi aufzusetzten und es läuft noch immer nicht. 😑<br>Dann sucht man im Interweb nach den Fehlern nur um festzustellen, dass jemand den selben Fehler hatte aber der Post seit mehreren Jahren unbeantwortet blieb 😔<br><a href="https://afterspace.rocks/tags/Jitsi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Jitsi</span></a> <a href="https://afterspace.rocks/tags/Docker" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Docker</span></a> <a href="https://afterspace.rocks/tags/Traefik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Traefik</span></a></p>
Johannes Kastl<p>In case you want to get your hands dirty with Traefik, Kubernetes and the new GatewayAPI, I got you covered.</p><p>Here is another vagrant-libvirt setup that has <a href="https://digitalcourage.social/tags/k3s" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>k3s</span></a>, <a href="https://digitalcourage.social/tags/Traefik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Traefik</span></a> and a <a href="https://digitalcourage.social/tags/Nginx" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Nginx</span></a> deployment. Instead of using a <a href="https://digitalcourage.social/tags/Kubernetes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kubernetes</span></a> <a href="https://digitalcourage.social/tags/ingress" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ingress</span></a> or a Traefik ingressroute, this setup uses the <a href="https://digitalcourage.social/tags/GatewayAPI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GatewayAPI</span></a> resources like Gateways and HTTPRoutes.</p><p><a href="https://codeberg.org/johanneskastl/traefik_gateway-api_on_k3s_vagrant_libvirt_ansible" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">codeberg.org/johanneskastl/tra</span><span class="invisible">efik_gateway-api_on_k3s_vagrant_libvirt_ansible</span></a><br><a href="https://github.com/johanneskastl/traefik_gateway-api_on_k3s_vagrant_libvirt_ansible" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/johanneskastl/traef</span><span class="invisible">ik_gateway-api_on_k3s_vagrant_libvirt_ansible</span></a></p><p>As usual, <a href="https://digitalcourage.social/tags/Ansible" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ansible</span></a> does the heavy lifting and deploys everything in the cluster.</p><p>Have a lot of fun.</p><p><a href="https://digitalcourage.social/tags/k8s" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>k8s</span></a> <a href="https://digitalcourage.social/tags/Kubernetes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kubernetes</span></a> <a href="https://digitalcourage.social/tags/Traefik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Traefik</span></a> <a href="https://digitalcourage.social/tags/Ingress" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ingress</span></a> <a href="https://digitalcourage.social/tags/GatewayAPI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GatewayAPI</span></a> <a href="https://digitalcourage.social/tags/DevOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DevOps</span></a> <a href="https://digitalcourage.social/tags/vagrant" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vagrant</span></a> <a href="https://digitalcourage.social/tags/libvirt" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>libvirt</span></a> <a href="https://digitalcourage.social/tags/Nginx" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Nginx</span></a> <a href="https://digitalcourage.social/tags/HellYeah" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HellYeah</span></a></p>
Larvitz :fedora: :redhat:<p>Protected my website <a href="https://hofstede.io" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">hofstede.io</span><span class="invisible"></span></a> with Anubis (<a href="https://anubis.techaro.lol" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">anubis.techaro.lol</span><span class="invisible"></span></a>) to keep AI scraper bots out. It uses a proof-of-work algoritm to filter out some bots.</p><p>Was rather easy to integrate into my setup with Traefik and Podman 🙂 </p><p><a href="https://burningboard.net/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linux</span></a> <a href="https://burningboard.net/tags/ai" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ai</span></a> <a href="https://burningboard.net/tags/bots" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bots</span></a> <a href="https://burningboard.net/tags/anubis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>anubis</span></a> <a href="https://burningboard.net/tags/traefik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>traefik</span></a></p>
René Mayrhofer :verified: 🇺🇦<p>I declare partial success with much more aggressive connection, request, and transfer rate throttling in the embedded <a href="https://infosec.exchange/tags/nginx" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nginx</span></a> instance that serves my static page (plus the dynamic link maze that caught the stupid "AI" scraper bots...) behind <a href="https://infosec.exchange/tags/traefik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>traefik</span></a> (causing the TLS termination part to be overloaded and blocking authenticated users from legitimate access).</p><p><a href="https://www.mayrhofer.eu.org/post/defenses-against-abusive-ai-scrapers/nginx-default.conf" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">mayrhofer.eu.org/post/defenses</span><span class="invisible">-against-abusive-ai-scrapers/nginx-default.conf</span></a> is the current rate limiting config, <a href="https://www.mayrhofer.eu.org/post/defenses-against-abusive-ai-scrapers" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">mayrhofer.eu.org/post/defenses</span><span class="invisible">-against-abusive-ai-scrapers</span></a> has the explanations.</p><p>Something like <a href="https://blog.lrvt.de/configuring-crowdsec-with-traefik/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.lrvt.de/configuring-crowd</span><span class="invisible">sec-with-traefik/</span></a> will probably have to be the next level of escalation to deal with the issue on a global level.</p>
InfoQ<p><a href="https://techhub.social/tags/Traefik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Traefik</span></a> v3.3 - codename "Saint-Nectaire" - is here!</p><p>This release focuses on 2 critical areas:<br>✅ Observability capabilities <br>✅ Improved documentation structure</p><p>These upgrades make Traefik v3.3 even more powerful for platform engineers tackling complex cloud-native environments.</p><p>Learn more: <a href="https://bit.ly/4i7nRt3" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">bit.ly/4i7nRt3</span><span class="invisible"></span></a></p><p><a href="https://techhub.social/tags/InfoQ" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoQ</span></a> <a href="https://techhub.social/tags/DevOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DevOps</span></a> <a href="https://techhub.social/tags/Observability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Observability</span></a> <a href="https://techhub.social/tags/Kubernetes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kubernetes</span></a></p>
Schenkl | 🏳️🌈🦄<p>Selbst die aktuellste Version von <a href="https://chaos.social/tags/Traefik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Traefik</span></a> schafft es nach wie vor nicht in seinem ACME Modul nicht mehr konfigurierte Domains aus den Rezertifizierungen zu nehmen...<br>Gibt es eine Domain eines Kombi-Zertifikats nicht mehr kann das nicht erneuert werden und alle Domains laufen aus.</p><p>Es muss immernoch die komplette Chain gelöscht und alle Zertifikate neu beantragt werden...</p><p>Am einfachsten wäre es Traefik abzugewöhnen Zertifikate zu kombinieren, aber das geht ja auch nicht, oder?</p>
Udovič Arns :sgs: :arch: :qtile:<p><span class="h-card"><a href="https://mastodon.online/@rq" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>rq</span></a></span> kaip sakiau - :peertube: man yra interfeisas. Jei bus NAS'e, tai kaip aš pasidalinsiu su draugais? Patogumas ir tiek. Šiaip čia nieko nesiskiria nuo eilinės saugyklos. Šiaip instnce'ą, tai mažai prižiūriu - laukiu vieno fikso. Beje, ir dabar mano viskas pakurta VDS'e. Tai kainuoja ir :nextcloud: :peertube: norėčiau perkelti ant namūdinio serverio, nes nėra kritiniai servisai, o vieta kainuoja, bet reiktų pradėt nuo to, kad reikia pasikurti tą namūdinį :D su k8 net nežadu žaist – per mažai servisų. Gana <a href="https://s.arns.lt/tags/traefik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>traefik</span></a> ir <a href="https://s.arns.lt/tags/docker" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>docker</span></a>.<br>Dėl :forgejo: tai teisingai mąstai. Aš irgi laukiu :fedi: integracijos. Jau yra bandymų, tai viskas juda į tą pusę. Iš kitos pusės – nelabai tikiuos, kad išoriniai dirbs prie mano projektų. O fork'inti galima - tai tėra <code>git clone</code> su patogesniais įrankiais atnaujinimams ir PR'ų kurimams.<br>:nextcloud: jau tai padarė :fedi:</p>
Lanie Carmelo<p>Hi <a href="https://caneandable.social/tags/SelfHosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfHosted</span></a> community. I've figured out a lot of my setup. I now have a new domain, laniesplace.us, just for <a href="https://caneandable.social/tags/HomeServer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HomeServer</span></a> stuff. It's set up through Porkbun with Dynu for <a href="https://caneandable.social/tags/DDNS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DDNS</span></a>. I've now got <a href="https://caneandable.social/tags/Traefik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Traefik</span></a>, <a href="https://caneandable.social/tags/TailscaleVPN" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TailscaleVPN</span></a>, <a href="https://caneandable.social/tags/Linkding" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linkding</span></a>, <a href="https://caneandable.social/tags/Forgejo" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Forgejo</span></a>, <a href="https://caneandable.social/tags/Dokuwiki" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Dokuwiki</span></a>, Code-Server, <a href="https://caneandable.social/tags/Portainer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Portainer</span></a>, <a href="https://caneandable.social/tags/Netdata" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Netdata</span></a>, <a href="https://caneandable.social/tags/Watchtower" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Watchtower</span></a>, <a href="https://caneandable.social/tags/Cockpit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cockpit</span></a>, <a href="https://caneandable.social/tags/Pihole" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pihole</span></a>, <a href="https://caneandable.social/tags/MiniFlux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MiniFlux</span></a>, <a href="https://caneandable.social/tags/TheLounge" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TheLounge</span></a>, <a href="https://caneandable.social/tags/Filebrowser" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Filebrowser</span></a>, <a href="https://caneandable.social/tags/UptimeKuma" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UptimeKuma</span></a>, and the <a href="https://caneandable.social/tags/Homer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Homer</span></a> dashboard service installed. I'm now trying to set up <a href="https://caneandable.social/tags/Authelia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Authelia</span></a> so I can have single sign-on to my services. For some, it's working now, but I can't seem to get Linkding to work no matter what I do. This is on a <a href="https://caneandable.social/tags/RaspberryPi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RaspberryPi</span></a> 500 with 8 GB RAM and a 512 GB SD card, running <a href="https://caneandable.social/tags/Stormux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Stormux</span></a>, which is based on <a href="https://caneandable.social/tags/ArchlinuxARM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ArchlinuxARM</span></a>. Can anyone help? I'll reply to this post with all my relevant config files in separate posts. What's happening is this: Linkding is supposed to be available at bookmarks.laniesplace.us. When I go there, I see a 401 unauthorized error and a link to sign into Authelia. Once I sign in, though, it redirects back to the page with the 401 error. I've been trying to figure this out for hours with no luck. Files will be in replies to this post.<br><a href="https://caneandable.social/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfHosting</span></a> <a href="https://caneandable.social/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://caneandable.social/tags/HomeLab" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HomeLab</span></a> <a href="https://caneandable.social/tags/RPi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RPi</span></a> <a href="https://caneandable.social/tags/RaspberryPi500" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RaspberryPi500</span></a> <a href="https://caneandable.social/tags/RPi500" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RPi500</span></a> <a href="https://caneandable.social/tags/Tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tech</span></a> <a href="https://caneandable.social/tags/Technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Technology</span></a> <br><span class="h-card" translate="no"><a href="https://lemmy.ml/c/selfhost" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>selfhost</span></a></span> <span class="h-card" translate="no"><a href="https://a.gup.pe/u/selfhosting" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>selfhosting</span></a></span> <span class="h-card" translate="no"><a href="https://lemmy.world/c/selfhosted" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>selfhosted</span></a></span> <span class="h-card" translate="no"><a href="https://a.gup.pe/u/linux" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>linux</span></a></span></p>
ineiti<p>I made a blog post about <a href="https://ioc.exchange/tags/traefik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>traefik</span></a> to explain the basics you need to serve a https page using <a href="https://ioc.exchange/tags/docker" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>docker</span></a>. While I had traefik running for a couple of years, I never really understood what the different _labels_ did to traefik, and how the automatic generation of rules worked.</p><p>So here is a post which proposes a basic configuration for traefik, and explains how you can use this configuration to create simple endpoints for (sub)domains, docker containers without ports, multi-domain setups, and http/https mixed configurations.</p><p>I hope you enjoy it, as well as the commenting system: if you want to comment, reply to this toot, and your comment will be appended to the blog post.</p><p><a href="https://ineiti.ch/posts/traefik-101/traefik-101/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">ineiti.ch/posts/traefik-101/tr</span><span class="invisible">aefik-101/</span></a></p><p>Also, this is the first article on my technical blog post, which I hoped for a long time to put on my <a href="https://web.fledg.re" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">web.fledg.re</span><span class="invisible"></span></a> peer-to-peer system. But developing it takes longer than thought :)</p>
wallabag<p>Setting up wallabag — Read your articles later</p><p><a href="https://medium.com/@alexishevia/setting-up-wallabag-read-your-articles-later-c82e2aa0326b" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">medium.com/@alexishevia/settin</span><span class="invisible">g-up-wallabag-read-your-articles-later-c82e2aa0326b</span></a></p><p><a href="https://fosstodon.org/tags/tutorial" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tutorial</span></a> <a href="https://fosstodon.org/tags/wallabag" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>wallabag</span></a> <a href="https://fosstodon.org/tags/docker" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>docker</span></a> <a href="https://fosstodon.org/tags/traefik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>traefik</span></a></p>
#Sidekick transforms bare metal #VPS into a production-ready hosting platform for streamlined #DevOps
Key Features:
• Single-command VPS setup integrating #Docker, #Traefik, and #SOPS encryption
• Zero-downtime deployments with high availability and load balancing
• Automatic SSL certificate management with #sslip.io support
• Secure secrets management through encrypted environment files
Technical Highlights:
• Runs on Ubuntu LTS systems
• Requires only SSH key access and public IP
• Supports preview environments tied to git commits
• Direct container deployment from Dockerfiles
Platform Benefits:
• Escape vendor lock-in
• Affordable hosting ($8/month DigitalOcean instance)
• Simple CLI-based management
• Built-in security best practices
GitHubGitHub - MightyMoud/sidekick: Bare metal to production ready in mins; your own fly server on your VPS.Bare metal to production ready in mins; your own fly server on your VPS. - MightyMoud/sidekick
Ive recently set up #SSO into my #kubernetes ingress layer using #traefik in my #homelab setup, and I have to say its going quite well.
Im using the keycloakopenid middleware and pointing it to my #keycloak instance.
I could then enable the middleware on all of my ingressRoutes, and traefik immediately redirects requests to the login page if a valid bearer token is not present in the request.
I had to carve out some exceptions so the keycloak admin panel is protected but the routes needed to login are still accessible anonymously.
It works well, without any fuss.
Next up I am hoping to configure the backend apps protected by this for better integration.
For example, #argoCD has SSO capabilities, and I should be able to enable them and not be promoted for a second login after the traefik layer login.
Hier unsere Anleitung fürs #Upgrade von #Mastodon auf die #Beta 4.3.0
Unsere Instanz lief auf Version 4.2.12 in einem Docker Container. Geschützt von #Crowdsec und in Verbindung mit #Traefik und #Elasticsearch
Unsere Anleitung basiert auf der im Github angegebenen Schritte. https://github.com/mastodon/mastodon/releases/tag/v4.3.0-beta.2
Leider hat das bei uns nicht auf Anhieb funktioniert. Daher schreiben wir unsere Schritte. Bitte nicht vergessen vorher Backup anlegen! 
1/4
#MastoAdmin
GitHubRelease v4.3.0-beta.2 · mastodon/mastodonWarningThis is a pre-release! This has not been as widely tested as regular releases, although it is still tested on mastodon.social and some other servers. If you update to this release, you will ...
Den #Prometheus Endpunkt von #Traefik kann man ab der Version 3.1.2 mit einem Interval größer 15 Sekunden crawlen!
Endlich!
Das hat mir schon viel Kopfzerbrechen bereitet...
GitHubFix grafana dashboard to work with scrape interval greater than 15s by swiffer · Pull Request #10954 · traefik/traefikBy swiffer
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload