when people have too much free time
when people have too much free time
Do you have sample of what kind of errors you’re getting? are they docker related or service related? as in jackett can’t connect/reach sonarr for example?
Yeah I did, my reply ended up reading like a car accident 😭
frantically searches what playdate is ⭐ the repo
this might be more on me writing shit code than on tokio/hyper. give it a go.
Yeah, I’m looking at it, will probably rewrite the logic using Pingora. or maybe I did something wrong. Not sure if its something using the hyper legacy client, that has connection pooling, maybe there’s something there to improve.
or maybe the use of RwLock to share the config struct is reaching some limits. Will try using parking_lot to see if anything changes.
reverse proxy using tokio and hyper, there are few things to figure out on high traffic sites, it doesn’t work as well compared to nginx after a certain threshold.
latest cargo crates updated
Navidrome over wireguard, and music library in folders and proper tagging trough beets and picard. using subsonic as a client for it. tried plex and plexamp but I’m moving away from them.
Check netmaker for wireguard vpn if you want a ui, but its straightforward to set it up manually.
I’d say, what kind of security are you talking about? Apart from standard HTTPS to keep things encrypted, there are other layers if you want to keep your service exposed to the internet.
Also how things are installed and if they are correct, proper file permissions. nothing different than having it on the server somewhere. You just need to keep thing up to date and you’ll be fine.
I like it here on Lemmy as there are quality talks from people and not too much circlejerking same concepts around. I actually like going trough here.
About 6 year uptime on one machine before we shut it down and relocated.
Yes, thats exactly it.
Make sure your HAProxy is listening on the wireguard interface as well.
Once you have the wireguard tunnel working, do a quick test, like curl -H "Host: domain.tld" https://router_wireguard_ip/
and if that works, add in the iptables roules and you should be all set.
Thanks for the reply, flux is pretty good, I’m using ArgoCD, but both are basically following gitops priciples.
I might give k3s a look and see how ot all work together.
disadvantages: everything else
What would be a benefit to run k8s at home, apart from bit dealing with it, compared to docker-compose on a single or two nodes? or docker swarm? Unless there is a big load of services that are selfhosted, which I get, and the autohealing from k8s as the orchestrator.
Just courious, not taking a swing. Thanks!
Yes, that would be possible with this setup. Port on which HAProxy listens just needs to be publicly accessible, and just DNAT traffic from the VPS to your $IP:$PORT .
Technically everything is possible, I just don’t have context if you have a static IP with your ISP or it changes every so often (daily, weekly, every n months). If it’s not, you might consider using a VPN connection between VPS and your router to keep the connection open at all times, and also not exposing HAProxy directly to the live internet.
I’m running both, via docker.
Here’s the basic setup:
NGiNX is standard installation, using certbot to manage the SSL certificates for the domains. Setup is via Nginx virtual hosts (servers), separate for Lemmy and Mastodon. Lemmy and Mastodon run each in their Docker containers, with different listning ports on localhost.
lemmy.domain.tld+------------------------+
+------------------+ |
| | Lemmy |
| | 127.0.0.1:3000 |
| +------------------------+
|
+--------------+----+
|NGiNX with SSL | mastodon.domain.tld
|and separate VHOSTS+--------------+-----------------------+
| | | Mastodon |
+-------------------+ | 127.0.0.1:3001
+------------------------
did it before my smoke break