Thanks for the share - have grabbed the latest Firefox repo for my private Forgejo.
DeltaTangoLima
joined 1 year ago
I haven't gone into detail on this, but I suspect some shiny-suited, greasy-haired wanker lawyer has been able to make a case that things like site-specific CSS classes and the like can somehow be covered by DMCA.
I'm 100% speculating (not American, not a lawyer) but it's more than URIs and Javascript, is what I'm saying.
I use Nginx Proxy Manager and Authelia for just this. Authelia supports a wide range of identity and MFA providers.
Edit: although Authelia has an article on how to set it up, I found it still missed some key info. This article was the one that helped me most in getting it to work.
I run Proxmox with a few nodes, and each of my services are (usually) dockerized, each running in a Proxmox Linux container.
As I like to keep things segregated as much as possible, I really only have one shared Postgres, for the stuff I don't really care about (ie. if it goes down, I honestly don't care about the services it takes with it, or the time it'll take me to get them back).
My main Postgres instances are below - there's probably others, but these are the ones I backup religiously, and test the backups frequently.
- RADIUS database: for wireless auth
- paperless-ngx: document management indexing & data
- Immich: because Immich has a very specific set of Postgres requirements
- Shared: 2 x Sonarr, 3 x Radarr, 1 x Lidarr, a few others
Is that the one started by the bloke on YouTube - Jerry Rig Everything?
If you're starved for RAM, there's nothing wrong with a shared instance, as long as you're aware of the risk of that single instance bringing down multiple services.
I run a three node Proxmox cluster, and two nodes have 80GB RAM each, so my situation is very different to yours. So, I have four Postgres instances:
- Mission critical: pretty much my RADIUS database, for wireless auth and not much else (yet)
- Important: paperless-ngx, and other similarly important services
- Immich: because Immich has a very specific set of Postgres requirements
- Meh: 2 x Sonarr, 3 x Radarr, 1 x Lidarr (not fussed if this instances goes down and takes all of those services with it)
Each to their own. Immich devs themselves strongly recommend not relying on Immich as a backup solution.
I don't, therefore I don't consider it critical enough to worry about.
Lol - Immich is one of those stacks that I let Watchtower auto-upgrade. I don't consider it mission critical if it breaks and it takes me a day or so to notice it (all my photos and videos are also backed up using Syncthing).
I've gotten used to just going to the repo if the error message for the container doesn't immediately lead me to the fix.
Backblaze don't have a POP in my country, unfortunately.
I use rclone, with encryption, to S3. I have close to 3TB of personal data backed up to S3 this way - photos, videos, paperless-ngx (files and database).
Only readable if you have the passwords configured on my singular backup host (a RasPi), or stored in Bitwarden.
10 (11?). You shall put critical thinking before assumption; empathy before judgment.
- s/food/[food/coffee/beer]/
It all comes down to what you trust each type of device to do and how you want to handle their traffic.
I have seven VLANs, with each one's traffic being treated very specifically. The subnets for each VLAN route to specific interfaces on a virtualised OPNsense firewall, which is where my traffic handling and policy enforcement takes place.
Also remember VLANs are just plain useful for segregating traffic, particularly broadcast traffic, without having to invest in separate switching/routing for each subnet. Having a single managed switch that limits the broadcast domains for you is a really efficient way to (physically) setup your network.