@Reborn2966

Reborn2966@feddit.it · edit-2 1 year ago

a lot of stuff:

owncloud
paperless
immich
jellyfin
jellyseerr
traefik

than i have stuff only accessible from local, like the *arr stack.

i’m not using cloudflare or anything, should I?

the only exposed ports i have are http / https and a random port for ssh.

i also don’t use any sso… maybe i should set one up.

Reborn2966@feddit.it · 1 year ago

this is the way.

also fail2ban to ensure that nobody bruteforce it’s way in.

Reborn2966@feddit.it · 1 year ago

i got one from GoDaddy, but i regret the choice…

Reborn2966@feddit.it · 1 year ago

i think they added the ability to force upload a photo in one of the latest releases, see it that helps.

otherwise yes, you have to delete that record from the db…

Reborn2966@feddit.it · 1 year ago

i generally junk my telegram saved messages

Reborn2966@feddit.it · 1 year ago

add fail2ban, so they cannot brute force the web interface.

Reborn2966@feddit.it · 1 year ago

interesting, even if they got access to the plex service, how they could have escaped the plex docker container?

i run pretty much the same stack as OP, but also run immich and paperless. i very much care if someone else have a way to access those…

Reborn2966@feddit.it · 1 year ago

ugreen is Chinese, but one of the good ones.

Reborn2966@feddit.it · 1 year ago

i think is reversed… but it’s ok

Reborn2966@feddit.it · 1 year ago

are you using kube? or docker-compose?

of you are using docker compose, and in the compose file there is restart: always the container will be restarted if it disappears.

to remove it do docker compose down

Reborn2966@feddit.it · 1 year ago

mhh, if 2 flatpacks use the same dependency, will it be downloaded / stored 2 times?

Reborn2966@feddit.it · 1 year ago

https://github.com/simone-viozzi/my-server

those are my configs. you have both immich and owncloud.

Reborn2966@feddit.it · 1 year ago

use immich for photos.

owncloud ocis works but is very young. is literally just file hosting with something to open office files online.

Reborn2966@feddit.it · 1 year ago

here it is: https://github.com/simone-viozzi/my-server

Reborn2966@feddit.it · 1 year ago

i’ve added my server config as edit so you can go check it out.

i heve owncloud instead of nextcloud.

Reborn2966@feddit.it · edit-2 1 year ago

i have a lot of stuff exposed to the web. i got a domain from godaddy, attached my public ip and created a subdomain for each service. than i have traefik that manage the tls and route each subdomain to each of the docker containers.

in total i have exposed 80, 443, and a random port i use for ssh. of course ssh is only by public key.

now i’m trying to set up fail2ban on the exposed services since someone could bruteforce them.

Reborn2966@feddit.it · 1 year ago

sorry i tough it worked like rsync.net

Reborn2966@feddit.it · 1 year ago

if you are using rsync, try rclone. it support parallel file transfer.

Reborn2966@feddit.it · 1 year ago

immich, is on active development and new features are being added continuously.