I’ve only subscribed to the “Free proxies” blocklist. But these are only additional blocklists. The main attraction of CrowdSec is their “CAPI” (Central API) which has all the current malicious actors detected in the network of CrowdSec instances and is used automatically.

It’s an SQLite database. Corruption is very unlikely. So, that’s not something I am worried about.

You have to actually add the middleware into the (default) chain for your https entrypoint (I think in most tutorials it’s called websecure) - in my static conf I have this:

entryPoints:
  https:                                                           
    address: :443                                                  
    http:                                                          
      middlewares:                                                 
        - crowdsec-bouncer@file                                    
        - secure-headers@file 

And in my dynamic conf I have this:

http:
  middlewares:
    crowdsec-bouncer:
      plugin:
        crowdsec-bouncer-traefik-plugin:
          CrowdsecLapiKey: "### Enter your LAPI Key here ###"
          Enabled: true

@get_flomped@lemmy.world

Are there any thoughts of implementing 24/7 GPS tracking support (e.g. being fed by OwnTracks) alongside the activities?

After trying several tools I now ended up with Traccar, but as that’s based on Java and more suited for fleet tracking, it’s not quite ideal.

I’ve recently introduced CrowdSec and crowdsec-bouncer-traefik-plugin into my setup and it’s really great to see it block all those spam bots and brute force attempts.

Some food for thought:

When I was looking to get my photos under control, in the end I decided to go all-in with Apple Photos. As I’m also using a Mac, the convenience can’t be beaten. Also, I can easily pull up any photo using Apple’s smart filters and can easily select photos from within apps without having to “share” them to the photos library first.

But this was only decided after I found out that Apple Photos keeps all photos in separate files in original quality and all metadata in a local SQLite database. Using the osxphotos tool, you can query this database and easily pull out any photo incl. metadata - even when running on other OSes, no need for Apple Photos. This also makes it easy to move everything to another system, if needed.

I’ve set my Mac to always keep original copies on disk and run a backup to my NAS every night. (Using CCC at the moment, but looking to switch to restic.) This way, all my photos are always off-site in iCloud, on my Mac and on my NAS.

You’d just need a tool to upload your Android photos to iCloud. From a quick search it seems Sync for iCloud might do the trick - albeit manually … if I read the reviews correctly.

How did you mount it outside the cluster? Did you have a look at the mtab and used the exact same options in the compose file?

There’s no difference between using a volume in Compose to mount a share or your server’s fstab file. Both do the same kind of mount.

I’d suggest /opt/docker/_compose/ for all the compose files. Or, if you keep all the config files for your containers on your NAS, maybe create a share there and put all yml files in it, then mount it on the host. This way everything is on your NAS and nothing is lost if the host freaks out.

And I’d add the NFS mounts to the compose files as well. When specifying volumes, you can use anything the host OS has a mount.xxx command for. Docker will take care of mounting everything.

Put that mount point into the compose file(s). You can define volumes with type nfs and basically have Docker-Compose manage the mounts.

That probably doesn’t work unless you power-cycle the picture frame after changing the photos.

I had this with some offline Samsung picture frame and a Transcend WiFi SD card. The SD card runs a small Linux and can be unlocked to add own scripts. I had a script that would rsync files from my storage to the SD. However, while the new files were written to the SD just fine, the picture frame never re-read the list of files from the SD. And after power-cycling, my specific model needed to be turned on manually again. So, that wasn’t a satisfactory solution.

I’m using UberSpace for 5€/month for a few small web projects and for emails. Unlimited mailboxes, unlimited aliases. However, you have to configure it using console commands via SSH. But it’s all explained in their documentation.

If it’s the system with the (locked) KeePass database on it, you should be fine. The encryption can be tweaked so that unlocking the database takes a second even on modern systems. Doesn’t affect you much, but someone trying to brute-force the password will have a hard time. It also supports keyfiles for even more security.

If somebody infiltrates your end user device, no password tool will be safe once you unlock it.

After trying them all, I’m back at having a local KeePass database that is synced to all my devices via iCloud and SyncThing. There are various apps to work with KeePass databases and e.g. Strongbox on macOS and iOS integrates deeply into Apple’s autofill API so that it feels and behaves natively instead of needing some browser extension. KeePass DX is available for all other platforms, and there are lots of libraries for various programming languages so that you can even script stuff yourself if you want.

And I have the encrypted database in multiple places should one go tits up.

Yeah, but I didn’t want to fiddle with some custom settings. The same official postgres container works great with other apps.

I didn’t notice any big drops in network or CPU performance. Usually, because other network traffic had priority. But my server’s HDD constantly rattling along got me thinking that it wasn’t worth it. There are several other containers running on that box and I don’t have that much HDD activity with them.

I did this for a while. However, after subscribing to several groups, there was constant disk activity and it ate network bandwidth. After two months I’ve stopped my server and went back to using a public instance.

You might want to read the recent blog post (linked at top) and discussion on Hacker News first.

GitHub supports Jekyll page generation. Or at least did this a few years ago.

And please make sure to also generate an RSS feed for us feed reader users. ;)

You might want to look at Terramaster NASes. E.g. their F4-423 is basically an Intel NUC married to a SATA controller. They have an internal USB port where you can pull the OEM flash drive and insert your own, then install e.g. UnRAID or OpenMediaVault on it.

That will be my next device if my Synology DS415+ finally dies.