overview for mike

qbittorrent-1         | 2024-11-04T15:25:25.201955254Z The WebUI administrator username is: admin
qbittorrent-1         | 2024-11-04T15:25:25.201974066Z The WebUI administrator password was not set. A temporary password is provided for this session: H7ct3xPes

That's the default admin credentials for the instance. I can then change the login or pw in the UI.

Simple Minimal Backup Solution in c/selfhosted@lemmy.world

[–] mike_wooskey@lemmy.thewooskeys.com 1 points 2 weeks ago

Thanks for sharing about Backrest. I use Restic and Backrest looks like a great addition to it.

Where Do You Guys Throw Your Local Git Repos? in c/linux@lemmy.ml

[–] mike_wooskey@lemmy.thewooskeys.com 9 points 3 weeks ago* (last edited 3 weeks ago)

~/git/vendor/<gitUser>/<repo>

and

~/git/<myName>/<forge>/<user>/<repo>

Examples:

~/git/vendor/EnigmaCurry/d.rymcg.tech
~/git/mike/forgejo/mikew/myproject
~/git/mike/github/johndoe/otherProject

Please check my setup. in c/selfhosted@lemmy.world

[–] mike_wooskey@lemmy.thewooskeys.com 2 points 1 month ago

I should add the d.rymcg.tech includes step-ca if you want to host your own CA server, but I agree with @joe@discuss.tchnic.de : it's not necessary for securely hosting services, and ir can be dangerous I'd not done carefully.

Please check my setup. in c/selfhosted@lemmy.world

[–] mike_wooskey@lemmy.thewooskeys.com 2 points 1 month ago (1 children)

I have a similar setup. I use d.rymcg.tech (a configuration manager for Docker, as well as a collection of open source web services and config templates) and have Traefik (reverse proxy) on a Digital Ocean dropet connected to a VM in my home lab through wireguard. This framework allows me to put authentication and authoriation in front of any apps/services I'm hosting (HTTP basic auth, oauth2, mTLS). This setup allows me to control what is allowed access from outside of my home, without opening any ports.

Best Grafana alternative? in c/selfhosted@lemmy.world

[–] mike_wooskey@lemmy.thewooskeys.com 2 points 1 month ago

Glances?

Link manager with browser plugin support in c/selfhosted@lemmy.world

[–] mike_wooskey@lemmy.thewooskeys.com 1 points 1 month ago (1 children)

I self-host xBrowserSync. It's a bookmark sync tool, not a link manager, but it does that very well (set-and-forget - it's almost invisible). There are browser extensions and mobile apps

I've also used Shaarli, which is more of a link sharing tool. Don't remember much about it, though - sorry.

29

Having difficulty visiting an mTLS-authenticated website from GrapheneOS [SOLVED] (lemmy.thewooskeys.com)

submitted 2 months ago* (last edited 2 months ago) by mike_wooskey@lemmy.thewooskeys.com to c/selfhosted@lemmy.world

9 comments fedilink

I host a website that uses mTLS for authentication. I created a client cert and installed it in Firefox on Linux, and when I visit the site for the first time, Firefox asks me to choose my cert and then I'm able to visit the site (and every subsequent visit to the site is successful without having to select the cert each time). This is all good.

But when I install that client cert into GrapheneOS (settings -> encryption & credentials -> install a certificate -> vpn & app user certificate), no browser app seems to recognize that it exists at all. Visiting the website from Vanadium, Fennec, or Mull browsers all return "ERR_BAD_SSL_CLIENT_AUTH_CERT" errors.

Does anyone have experience successfully using an mTLS cert in GrapheneOS?

[SOLVED] Thanks for the solution, @Evkob@lemmy.ca