So sad, I remember seeing his YT vid announcing his health updates and mentioning he was getting things in order to make his network more manageable for his family :(
He seemed like a great dude.
- 32 Posts
- 79 Comments
Joined 2 years ago
Cake day: June 7th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
Ah, I guess I might need to add my RootCA to my phone, laptop, pc huh? That would get rid of the untrusted warnings. Yes, please feel free to share if you have documentation!
Update: I setup my own local CA and got it working. Thanks for the tip!
Gotcha, that matches my assumptions. Yes everything is internal. It’s accessible remotely via Wireguard, but I mostly wanted to get some practice with NGINX/ TLS certs (also way easier to refer to things around the house with
<service>.homelabisntead ofIP:port, haha.So if I did want this to be fully encrypted, I would essentially need to configure each service (jellyfin, home assistant, etc) to have SSL on them with this self-signed cert/ key that I used on NGINX (or perhaps new cert/ key) and then I would be all set?
I haven’t. I created this custom cert and uploaded in in NGINX (NGINX itself isn’t using SSL) and applied it to each proxy client, then when I visit one of them it appears to be HTTPS, but I feel that it probably isn’t actually giving me the protections I imagine.
They’re both different VMs on different VLANs running on the same Proxmox host
He’s a saint. I saw the commit last night and was waiting for an update. I have SearXNG working now but also left up my Whoogle VM. I’ll try the update and keep using that until the lights go out :')
Just a heads up that I found another way to get this working. Have a good weekend!
Bingo! I missed a spot in the hidden
.envfile. After that I’m able to hit it and Caddy is able to generate the cert for me (I am using docker).Thanks again!
Gave it a shot, it’s been working pretty well so far. Only issue is that Firefox seems to want to use https://localhost instead of the IP address when I make it a default search engine.
Are you using the Docker image or the stand alone? Pretty straight forward setup?
Luckily rebooting the host solved it :) the regularly scheduled 3 AM backups went off this morning without issue.
Sorry, I meant I tried shutting down and trying the backup after bringing it back up (also tried when it was shutdown). I replaced the drive hosting these VMs recently so the SMART logs all report healthy. On the NAS side the volume is also healthy. Might need to recreate the VM as you suggested
Yes, just tried that. Failed as before :(
Just tried shutting it down, starting it back up and trying a backup. Failed in the same spot.
Ah, would this be a separate rule, or (as I’m using Ubiquiti) I could check “established” and/or “related” on either the allow or block rule?
Is keeping everything inside of a local “walled garden”, then exposing the minimum amount of services needed to a WireGuard VPN not sufficient?
There would be be no attack surface from WAN other than the port opened to WireGuard
Please do. I took stole it >:D
Reminds me of project Silica. Media historically was more durable (stone/ ink and cloth paper, etc) but had a low data density. As density increased, so did fragility