bigdickdonkey

joined 3 months ago
sorted by: new top controversial old
Why Linux is Better Than Windows 11 in c/[email protected]
Authors Seek Meta’s Torrent Client Logs and Seeding Data in AI Piracy Probe * TorrentFreak in c/[email protected]
[–] bigdickdonkey 25 points 2 weeks ago (1 children)

would be crazy to see those logs. hopefully my employer will follow suit and let me set up a seedbox in our azure instance

Need some advice on caddy + podman + preserving source IPs in c/[email protected]
[–] bigdickdonkey 2 points 1 month ago* (last edited 1 month ago) (1 children)

Yeah the remote ip is always local. This comes from a podman configuration, not a caddy one. Setting the podman network mode to pasta or slirp4netns will show the proper remote ips

24
Need some advice on caddy + podman + preserving source IPs (self.selfhosted)
submitted 1 month ago* (last edited 3 weeks ago) by bigdickdonkey to c/[email protected]
4 comments fedilink
 

Edit: If anyone comes across this post, use the built-in socket activation provided in caddy 2.9+ https://github.com/eriksjolund/podman-caddy-socket-activation/

I have rootless podman containers all connected a network with caddy that proxies them by their hostname. It seems that the default networking mode doesn't preserve the source ip and instead shows all traffic coming internally from 10.89.1.98. Preserving that ip requires pasta/slirp4netns which is incompatible with adding the container to a network. I've found a few solutions but I'm having trouble deciding what is the right way to move forward.

Using the host network or running caddy with host loopback abilites

Would require exposing all the ports on all my containers which means I would lost the ability to access containers by the DNS inside the podman network. I have a lot of containers and manually managing ports is not something I want to do again.

socket activation + libsdsock with caddy

Socket forwarding done using systemd. I've tested it and it works but it requires systemd on the container, and caddy is built on alpine which uses a different boot system. There are ways to get the systemd libs on alpine but it would be quite hacky.

socket activation + libsdsock with another os

Caddy provides ways to build with extensions on debian but it seems tricky to do in a Containerfile because systemd init issues.

Has anyone experienced this issue before? What direction did you take?

How to get local SSL and use your public domain for local internal subdomains? in c/[email protected]
[–] bigdickdonkey 2 points 1 month ago (1 children)

I’m using this right now but I’m switching to having all my services under one domain and blocking non internal ips. Technically someone can access your site by providing the host manually, althought it’s unlikely since they would need to know it

How do you solve dynamic DNS? in c/[email protected]
[–] bigdickdonkey 12 points 1 month ago

I use ddclient but in a docker container. Works great with minimal config

High frame times after around 30 minutes in every game in c/[email protected]
[–] bigdickdonkey 3 points 1 month ago

This was the fix! Thank you so much

High frame times after around 30 minutes in every game in c/[email protected]
[–] bigdickdonkey 1 points 2 months ago

It seems like those posts are about freezing or crashes. This is more of a degradation I would say.

High frame times after around 30 minutes in every game in c/[email protected]
[–] bigdickdonkey 1 points 2 months ago (3 children)

I've got 565.77 so I think it can't be that

24
High frame times after around 30 minutes in every game (self.linux_gaming)
 

I play a few native games and ones using proton. After playing for about 30 minutes in any of them suddenly my frame times skyrocket from 6ms to ~60ms. Restarting the game always fixes this. Any ideas what to look for? nvtop seems to show normal usage and I don't see anything abnormal in journald.

Some info about my setup: Arch/endeavourOS, KDE wayland, nvidia 3060ti with proprietary drivers, 3 monitors (1440 165hz, 1080 165hz, 1080 75hz). Games I play are CS2, Marvel Rivals, Overwatch 2, Lethal Company.

Backup solution for docker volumes in c/[email protected]
[–] bigdickdonkey 3 points 2 months ago

I just bind mount volumes I want to keep and use duplicati to backup the contents of my containers folder. Another idea if you are committed to docker volumes, is to also mount them to your backup solution.

Why don't I show up in shodan? in c/[email protected]
[–] bigdickdonkey 3 points 2 months ago (2 children)

Interesting my ip shows up with a plex logo and a port that I've never opened. I have never used any plex services

22
Why don't I show up in shodan? (self.selfhosted)
 

I noticed nothing I have setup shows up in shodan by ip or domain. I'm not complaining, I'd rather not have it show up but I'm curious why. Could it be because of hosting behind a reverse proxy?

Linux Patches Add Support For New "Phone Link" Hotkey On Latest ThinkPads in c/[email protected]
[–] bigdickdonkey 4 points 2 months ago

keep up the good work boys

Podman or rootless docker? in c/[email protected]
[–] bigdickdonkey 2 points 2 months ago

Thanks for sharing this! It also took me a while to understand the difference between the Expose dockerfile command and the --publish cli command

64
Podman or rootless docker? (self.selfhosted)
 

I’m moving to a new machine soon and want to re-evaluate some security practices while I’m doing it. My current server is debian with all apps containerized in docker with root. I’d like to harden some stuff, especially vaultwarden but I’m concerned about transitioning to podman while using complex docker setups like nextcloud-aio. Do you have experience hardening your containers by switching? Is it worth it? How long is a piece of string?

7
Path to TVV? (self.trackers)
 

Nothing on the vinnie site. IIRC it has one or two sister sites?

35
The president's doctor: Why your projects take forever (thoughtbot.com)
view more: next ›