I host tt-rss in docker and use Tiny Tiny RSS in GrapheneOS.
I host tt-rss in docker and use Tiny Tiny RSS in GrapheneOS.
When I install qbittorrent via docker, I see this in the docker logs:
qbittorrent-1 | 2024-11-04T15:25:25.201955254Z The WebUI administrator username is: admin
qbittorrent-1 | 2024-11-04T15:25:25.201974066Z The WebUI administrator password was not set. A temporary password is provided for this session: H7ct3xPes
That’s the default admin credentials for the instance. I can then change the login or pw in the UI.
Thanks for sharing about Backrest. I use Restic and Backrest looks like a great addition to it.
~/git/vendor/<gitUser>/<repo>
and
~/git/<myName>/<forge>/<user>/<repo>
Examples:
~/git/vendor/EnigmaCurry/d.rymcg.tech
~/git/mike/forgejo/mikew/myproject
~/git/mike/github/johndoe/otherProject
I should add the d.rymcg.tech includes step-ca if you want to host your own CA server, but I agree with @[email protected] : it’s not necessary for securely hosting services, and ir can be dangerous I’d not done carefully.
I have a similar setup. I use d.rymcg.tech (a configuration manager for Docker, as well as a collection of open source web services and config templates) and have Traefik (reverse proxy) on a Digital Ocean dropet connected to a VM in my home lab through wireguard. This framework allows me to put authentication and authoriation in front of any apps/services I’m hosting (HTTP basic auth, oauth2, mTLS). This setup allows me to control what is allowed access from outside of my home, without opening any ports.
I self-host xBrowserSync. It’s a bookmark sync tool, not a link manager, but it does that very well (set-and-forget - it’s almost invisible). There are browser extensions and mobile apps
I’ve also used Shaarli, which is more of a link sharing tool. Don’t remember much about it, though - sorry.
I just learned about OpenFreeMap. I’ve not done it but it touts itself as a simple way to host your own tile server. I’m assuming that your proxy would work for a self hosted tile server with a few alterations.
I just learned about Waypoint to plan trips. Haven’t looked at it yet but it sounds cool.
I think most of the other suggestions seem like a better solution than WordPress, but there is a plugin for WordPress that exports static websites.
I am self hosting it right now, but mainly for friends, family and acquaintances
In addition to rants, if you post tips, how-tos, explanations, best practices, suggestions, etc., I’d like to read your blog. Can you share the URL?
I run MiniO in Docker. Love it. I’ve never used Garage or Seaweed.
[SOLVED!] That Stack Exchange post was the solution! I had to ask ChatGPT for assistance (e.g., “how do I view the contents of a .crt and a .p12?”, “how do I add a CA to a client cert?”), but it worked. Thanks for your help, @[email protected].
I don’t think I would have ever thought that my client cert didn’t contain the CA, especially because when I clicked on the client cert that was installed in GrapheneOS, it showed me a summary that said it did contain a CA! grrrr
(tagging @[email protected] as he wanted to know the solution)
Wow! That sounds exactly like my issue. I’ll try the workaround tomorrow. Thanks, @[email protected].
Thanks for your research and the suggestion, @[email protected].
I wasn’t able to make that work, but I don’t think it was trying to solve the problem I’m having, anyway. That procedure was to add self signed SSL certificate to Android, but my certificate is neither self-signed nor an SSL cert. At least I think not - I find certs very confusing. The cert I’m trying to work with is an mTLS cert, a client cert. It’s not used to establish a secure SSL connections, it’s used to verify that I (the person with the cert) and authorized to use the app.
Additionally, I’m able to successfully install the cert into Android, but the problem is that it seems to be ignored. The mTLS cert is installed in GrapheneOS’s “VPN & App User Certificate” section, and my CA cert is installed in the “CA Certificate” section. Vanadium, Fennec, and Mull browsers just aren’t using them. :(
Thanks for the reply, @[email protected].
I tried to install my client cert in “CA Certificate” but the certificate manager app in GrapheneOS said that it was the wrong kind of cert to be used in “CA Certificate”. It is, after all, a client cert, not a CA cert.
:(
Can you try killall ssh
on the client, and then try to ssh into the rpi again?
Thanks for the help and suggestions!
It turns out that my template Debian VM doesn’t have a DE in it, and that’s why I couldn’t forward the GUI from the VM to my local machine: there was not GUI. I installed XFCE on the VM and now I can run XPipe on the VM from my local computer, without XPipe being installed on my local computer: ssh -X user@vm_ip_address xpipe open
I look forward to playing with XPipe - it looks cool and very helpful!
Before Linux command line?