witten
@witten@lemmy.world
- Comment on Help with deployment 1 week ago:
I use Ansible to meet this need. Whenever I want to deploy to one or more remote hosts, I run Ansible locally and it connects via SSH to the remote host(s). There, it can run Docker Compose, configure services, lay down files on the host, restart things, etc.
- Comment on Self-hosted website for posting web novel/fiction 1 month ago:
I haven’t used an out-of-the-box self-hosted solution for this, but I agree with others that blog or static site generator software could work for this. I think the main challenges you’ll find though are: 1. Formatting the content/site for long-form readability, and 2. Table of contents and previous/next chapter links.
Fortunately blog and static site software have plugins that can add missing functionality like this. Here’s one for WordPress (that I have no first-hand experience with): wordpress.org/plugins/book-press/
I also want to ask: What’s your plan for discovery/marketing? Because one of the benefits of the non-self-hosted web novel sites is that readers can theoretically discover your story there. But if you instead just post it on your own site, how will readers ever find it?
- Comment on How do you guys handle reverse proxies in rootless containers? 2 months ago:
That’s unfortunate about NPM and Proxy Protocol, because plain ol’ nginx does support it.
I hear you about Traefik… I originally came from nginx-proxy (not to be confused with NPM), and it had pretty clunky configuration especially with containers, which is how I ended up moving to Traefik… which is not without its own challenges.
Anyway, I hope you find a solution that works for your stack.
- Comment on How do you guys handle reverse proxies in rootless containers? 2 months ago:
I struggled with this same problem for a long time before finding a solution. I really didn’t want to give up and run my reverse proxy (Traefik in my case) on the host, because then I’d lose out on all the automatic container discovery and routing. But I really needed true client IPs to get passed through for downstream service consumption.
So what I ended up doing was installing only HAProxy on the host, configuring it to proxy all traffic to my containerized reverse proxy via Proxy Protocol (which includes original client IPs!) instead of HTTPS. Then I configured my reverse proxy to expect (and trust) Proxy Protocol traffic from the host. This allows the reverse proxy to receive original client IPs while still terminating HTTPS. And then it can pass everything to downstream containerized services as needed.
I tried several of the other options mentioned in this thread and never got them working. Proxy Protocol was the only thing that ever did. The main downside is there is another moving part (HAProxy) added to the mix, and it does need to be on the host. But in my case, that’s a small price to pay for working client IPs.
- Comment on Stuck on Let's Encrypt certificate issuance due to firewall issue even after opening necessary ports 3 months ago:
Maybe…? I’m not familiar with that router software, but it looks plausible to me…
- Comment on Stuck on Let's Encrypt certificate issuance due to firewall issue even after opening necessary ports 3 months ago:
If this is on a home network, have you also forwarded port 80 from your router to your machine running certbot?
This is one of the reasons I use the DNS challenge instead… Then you don’t have to route all these Let’s Encrypt challenges into your internal network.
- Comment on What is the best way to safely and completely erase all data from old laptops? 6 months ago:
-
There are companies you can pay to physically shred your disk drives.
-
Or if you want to DIY, you can drill or smash your drives. Just wear eye protection, etc. Making the drives inoperative like this is the only thing I’d trust, but you can always software -wipe them first.
-
- Comment on What I just learned about restoring BorgBackups 7 months ago:
I hope one (or both!) of them end up working out for you.
- Comment on What I just learned about restoring BorgBackups 7 months ago:
Separate configs is totally reasonable. It just sounds like you haven’t configured your Borg passphrase with borgmatic… Otherwise it wouldn’t prompt for your passphrase at all.
- Comment on What I just learned about restoring BorgBackups 7 months ago:
I’m not super familiar with Unraid, but yeah, the borgserver image sounds like it’d work for this… You don’t need borgmatic on the server side unless you want it there to make running Borg commands easier.
- Comment on What I just learned about restoring BorgBackups 7 months ago:
Nope! Borg always requires Borg on the remote side. It’s Borg’s biggest strength and weakness versus competing backup systems IMO. Strength, because it can do pretty smart stuff with its own code running on both sides. Weakness, because it means it doesn’t work natively with cloud object storage like S3. It’s a tradeoff like anything else.
- Comment on What I just learned about restoring BorgBackups 7 months ago:
Glad to hear it’s (mostly) working out for you! I know you came here looking for best practices with restores, but if you end up coming up with anything yourself, feel free to comment on that Docker borgmatic ticket with requests or ideas. I use the container myself on some systems for the same reasons you do, and I also wouldn’t mind smoother restores!
- Comment on What I just learned about restoring BorgBackups 7 months ago:
borgmatic dev here. First of all, if Vorta is working well for you to recover files, then by all means use Vorta! Right tool for the job and all. Having said that, a couple of thoughts on using borgmatic in Docker and recovering files:
borgmatic has a search feature that makes finding a particular file in an archive or across archives pretty easy. So that might be step one in restoring an accidentally deleted file.
Once you’ve found the file and archive to restore, you can either use
borgmatic extract
orborgmatic mount
. Withextract
, you copy one or more files out of a backup archives. The challenge though is that with borgmatic in a container, by default there’s not an easy way to copy those files into their original locations. However I think the “fix” is to mount your source volumes as read-write instead of (the documented) read-only. That way you can easily copy extracted files back to where they belong.As for
borgmatic mount
, you’ve got a similar challenge and fix. You can presumably mount backup archives (or a whole repository) within the container, but then you need to copy your recovered files out of that mount into their original source volumes. So that probably also means those volumes need to be mounted read-write.Let me know if you have any questions!
- Comment on Docker vs Podman, which one to choose for a beginner and why ? 7 months ago:
I have one Compose file per stack, which is an application and all of its containers, databases, etc. Pretty much the same way I organized things with just Docker.
- Comment on Docker vs Podman, which one to choose for a beginner and why ? 7 months ago:
Since I use Docker Compose with Podman, I just make a single systemd service to run Docker Compose on boot, thereby starting all my containers at once.
- Comment on What is going to happen when people realize climate change is rolling in? 8 months ago:
Wait, when did the action happen??
- Comment on How to fix the internet 8 months ago:
Some of the most condescending, man-splainy, anti-social, but-what-abouty contrarians I’ve had the displeasure of encountering online have been technical users.
- Comment on Weezer straight up writing ads for audible.com 8 months ago:
Oh my God, it never occurred to me that money exchanged hands for that song. I just thought it was a cute little pop culture reference. How do we know it’s not? In any case, I bet this is the song OP is referring to.
- Comment on Giving up on selfhosted email / Any sane email setups? 8 months ago:
Ooh, lucky you! Maybe it was both the rDNS and the SNDS. Part of the problem IMO is it’s such a black box…
- Comment on Giving up on selfhosted email / Any sane email setups? 8 months ago:
I’ve had similar experiences trying to send mail to Microsoft-hosted email addresses. My current “solution” is to send all outgoing mail directly from my VPS-hosted Mailu server… EXCEPT for Microsoft-destined mail. For those messages, they get transparently relayed from Postfix to a third-party email sending service that Microsoft apparently trusts.
The upshot is I can still use my own Postfix daemon for all mail sent to sane (non-Microsoft) providers.
- Comment on Selfhosted backup solution with GUI 9 months ago:
Many folks use a centralized monitoring solution like Healthchecks to monitor backups across all of their servers. And borgmatic integrates directly with Healthchecks among others.
- Comment on Selfhosted backup solution with GUI 9 months ago:
You mentioned Borg and all of its command-line options, but have you taken a look at borgmatic? It should be much easier to learn and use than Borg, while still retaining Borg’s features. Just note though that borgmatic probably doesn’t hit all of your stated requirements (e.g., no GUI).
- Comment on Wisest Upgrade from Raspberry Pi 9 months ago:
Wow, that’s pricey!
- Comment on Wisest Upgrade from Raspberry Pi 9 months ago:
A grand?? You can pick up a used Lenovo Tiny for 50 bucks (US) on EBay.
- Comment on In China, It’s Already Cheaper to Buy EVs Than Gasoline Cars 10 months ago:
TIL!! I was snookered. Thanks so much for sharing this.
- Comment on In China, It’s Already Cheaper to Buy EVs Than Gasoline Cars 10 months ago:
That all sounds wonderful, but don’t forget that brake dust accounts for even more pollution than tailpipe emissions in many locations. And as electric cars are heavier, they generate more brake dust than their combustion counterparts. I’m all for the switch to EVs, personally, but I think even then we’ve still got work to do.
- Comment on Looking for new router for home network. 10 months ago:
Ah, maybe I need to do the auto reboot too. Thanks.
- Comment on Looking for new router for home network. 10 months ago:
I have the same, but just as another data point: mine regularly locks up and needs to be reset… Maybe made worse by big data transfers. Are you running stock firmware or OpenWRT or something?
- Comment on How do you manage your Docker-compose or Podman data? 10 months ago:
I’m not sure I understand the question. By “data” do you mean “configuration”? If you’ve got multiple devs working on a project (or even if you don’t), IMO your Docker Compose or Podman configuration should be in source control. That will allow multiple devs to all collaborate on the config, do code reviews, etc. Then, you can use whatever your deployment method is to effect those changes on your server(s)… manually run Ansible, automatically run CI-triggered deployment, whatever.
- Comment on Question about backup 10 months ago:
For the cron dumps, you could plug the cron job into a monitoring service (Healthchecks, etc.) so you’d at least know when it fails.