overview for shiftymccool

China's workout routine in c/[email protected]

US Social Security Administration Shifting All Public Communications to X in c/[email protected]

[–] shiftymccool 6 points 3 days ago

Elon's wet fucking dream

Liberux NEXX Is a New (Still in Development) Linux Phone in c/[email protected]

[–] shiftymccool 15 points 6 days ago (1 children)

It needs to run the McD app... JFC....

How To: Automate version update for your selfhosted Docker containers with Gitea, Renovate, and Komodo in c/[email protected]

[–] shiftymccool 1 points 1 week ago

I use it in a homelab, I don't need to apply prod/team/high-availability solutions to my Audiobookshelf or Mealie servers. If an upgrade goes wrong, I'll restore from backup. Honestly, in the handful of years I've been doing this, only one upgrade of an Immich container caused me trouble and I just needed to change something in the compose file and that was it.

I get using these strategies if you're hosting something important or just want to play with new shiny stuff but, in my humble opinion, any extra effort or innovating in a homelab should be spent on backups. It's all fun and games until your data goes poof!

How To: Automate version update for your selfhosted Docker containers with Gitea, Renovate, and Komodo in c/[email protected]

[–] shiftymccool 3 points 1 week ago* (last edited 1 week ago)

Komodo is a big topic so I'll leave this here: komo.do.

In a nutshell, though, all of Komodo is backed by a TOML-based config. You can get the config for your entire setup from a button on the dashboard. If have all of your compose files inline (using the editor in the UI) and you version control this file, you can basically spin up your entire environment from config (thus my Terraform/Cloudformation comparison). You can then either edit the file and commit, which will allow a "Resource Sync" to pick it up and make changes to the system or, you can enable "managed mode" and allow committing changes from the UI to the repo.

EDIT: I'm not really sure how necessary the inline compose is, that's just how I do it. I would assume, if you keep the compose files in another repo, the Resource Sync wouldn't be able to detect the changes in the repo and react ¯\_(ツ)_/¯

How To: Automate version update for your selfhosted Docker containers with Gitea, Renovate, and Komodo in c/[email protected]

[–] shiftymccool 0 points 1 week ago (3 children)

I guess I don't get that granular. It will respect the current docker compose image path. So. if you have the latest tag, that's what it will use. Komodo is a big topic: https://komo.do

How To: Automate version update for your selfhosted Docker containers with Gitea, Renovate, and Komodo in c/[email protected]

[–] shiftymccool 5 points 1 week ago (7 children)

Not sure why Renovate is necessary when Komodo has built-in functionality to update Docker images/containers. I wish there was an option to check less often (like once a day), maximum time is hourly.

Also, if you're using Komodo and have one big repo of compose files, consider just saving your entire config toml to a repo instead. You end up with something akin to Terraform or Cloudformation for your Docker hosts

What's the community for stuff like this? in c/[email protected]

[–] shiftymccool 6 points 2 weeks ago

It's almost like punctuation was made for a reason...

When Life Gives you a Lemon ... in c/[email protected]

[–] shiftymccool 10 points 2 weeks ago (2 children)

I, apparently, have the pleasure of introducing you to Cave Johnson: https://youtu.be/NyLUU3O4zW8?si=FQy2MbPEy2_xEzzG

Google to pay $100 million to settle 14-year-old advertising lawsuit in c/[email protected]

[–] shiftymccool 5 points 2 weeks ago

Oh no, they might have to flip over another couch cushion to find that kind of money

Some ideas 💡 (not mine) in c/[email protected]

[–] shiftymccool 3 points 2 weeks ago (1 children)

I used nextcloud for a while but ended up with a combo of syncthing and filebrowser to similar effect

So seductive in c/[email protected]

[–] shiftymccool 9 points 2 weeks ago

Multiple sag layers? What is this, the early 90's?

20

Docker network internet access (self.selfhosted)

submitted 9 months ago* (last edited 9 months ago) by shiftymccool to c/[email protected]

7 comments fedilink

Hey all! I'm having an issue that's probably simple but I can't seem to work it out.

For some history (just in case it matters): I have a simple server running docker and all services being defined in docker-compose files. Probably doesn't matter, but I've switched between a few management UIs (Portainer, Dokemon, currently Dockge). Initially, I set everything up in Portainer (including the main network) and migrated everything over to Dockge. I was using Traefik labels but was getting a bit annoying since I tend to tinker on a tablet. I wanted something a bit more UI-focused so I switched to NPM.

Now I'm going through all of my compose files and cleaning up a bunch of things like Traefik labels, homepage labels, etc... but I'm also trying to clean up my Docker network situation.

My containers are all on the same network, and I want to slice things up a little better, e.g. I have the Cloudflared container and want to be selective about what containers it has access to network-wise.

So, the meat of my issue is that my original network (call it old_main) seems to be the only one that can access the internet outbound. I added a new network called cloudflared and put just my Cloudflared container and another service on it and I get the 1033 ARGO Tunnel error when accessing the service and Cloudflare says the tunnel is down. Same thing for other containers I try to move from old_main, SearXNG can't connect, Audiobookshelf can't search for author info, etc... I can connect to these services but they can't reach anything on the web.

I have my docker daemon.json set to use my Pi-hole for DNS and I only see my services like audiobookshelf.old_main coming through. I also see the IP address of the old_main gateway coming into Pi-hole as docker-host. My goal is to add all of my services to new, more-specific networks then remove old_main but I don't want to drop the only network that seems to be able to communicate with the web until I have another that can.

I'm not sure what else to look for, any suggestions? Let me know if you need more info.

20

Traefik conditional certificate for same URL (self.selfhosted)

submitted 11 months ago* (last edited 11 months ago) by shiftymccool to c/[email protected]

16 comments fedilink

Hey all!

I have a bunch of services running on my home server and was looking to expose some of them publicly via Cloudflare tunnel. This is done and working great using the origin server certificate and strict TLS.

Up until now, I've been using self-signed certs internally but now I don't want to deal with the "proceed anyway" crap on browsers. I have Traefik set up to get certs from Cloudflare using DNS challenge and that seems to be working.

So, now my problem is: how do I switch between these certificates for the same URL when I'm internal vs public? I'd rather keep that traffic local if I'm at home, which is also working, I just can't figure out how to get Traefik to use the appropriate certificate depending on if the request is coming from my LAN or Cloudflare.

Any suggestions? Is there a better way to accomplish what I want to do?

EDIT: Looks like I'm just going full Cloudflare on this one, thanks for your help everyone!