Sorry for the off topic question, but what are the gains / constraints of using an identity / authentication service? Sure, you only are going to need to remember one password/identity. But each webapp must have support for the said protocol, and so does their clients, no? It does seem like a lot of work (and risk exposure) for little gain.

Please enlighten me if I’m missing something.

Is there a decent tutorial on how to get it up and running on standard services such as systemd events, fail2ban etc? There is no quick start guide on their site.

Welcome to the cult!

We all started as beginners, but before you start, take my advice and avoid hosting anything open to the internet until you’ve gained more experience in OS/network hardening and risk assessment.

First off, I think you’re starting on a good footing. Having TCP/IP knowlege is good, but you don’t need it from the beginning - it will be relevant once you get into network segmentation and setting up reverse proxies.

I’d say the first thing is to actually choose a rather simple (but useful) application that you can host on Docker and get some experience from OCI-containers and disaster recovery. A lemmy instance (even non federated) might be too much to begin with. Have you considered paperless-ngx, fresh-rss or even syncthing instead? Or begin with formulating what problem you want solved in your daily life.

I’d say, start by watching this video series to gain a better understanding of Docker (I’ve so far assumed that you won’t do baremetal installs, right?!??). There’s also a pretty good online-lab for you to play around in. Remember, you’ll propably realise that your first deployments could be better, and keep yourself mentally prepared to redo and rebuild eventually.

Feel free to message me if you want guidance going forward!

Me neither, but I’d love to hear those arguments.

Apache license 2.0

I like 3-2-1-1-0 better. Like yours, but:

• the additional 1 is for “offline” (so you have one offsite and offline backup copy).
• 0 for zero errors. Backups must be tested and verified.

This looks really slick! I don’t use ansible though, can I still benefit from running it?

Edit: just realized that your project has a larger scope than this, but still awesome to see how you solved the homepage feature.

A folder with links in your firefox profile works wonders for a single user case, but if you have other people using your applications (and they change from time to time), then a dashboard like this can be quite useful.

Cool, thanks for this! As a user of Caddy through Docker, I suppose I need to find a way to build a docker image to be able to do this?

Sometimes new simple technologies makes things simple - but only as long as one intends to follow how they are used… 🙃

If you do, please consider supporting webhooks or ntfy. Look forward to test this!

I went with Ubuntu server and was pleasantly surprised when it offered to pull my pubkey off my github profile for ssh. A nice touch that I haven’t seen in other servers flavors of various distros.

Thanks for the offer! I might take you up on that :-) If you have a Matrix handle and hang out in certain rooms, please DM me and I’ll harass reach out to you there.

How do you like crowdsec? I’ve used it on a tiny VPS (2 vcpu / 1 GB RAM) and it hogs my poor machine. I also found it to have a bit of learning curve, compared to fail2ban (which is much simpler, but dosen’t play well with Caddy by default).

Would be happy to see your Caddy / Crowdsec configuration.

I see everyone else have already chimed in on whats so great about Caddy (because it is!), one thing that has been a thorn in my side though is the lack of integration of fail2ban since Caddy has moved on from the old common log format and moved on to more modern log formats. So if you want to use a IPS/IDS, you’ll have to either find a creative hack to make it work with fail2ban or rely on more modern (and resource heavier) solutions such as crowdsec.

This is what I use too, but with a disposable phone number and email.

Holy crap! I have a n100 SFF that consumes 5-6 w idle (with WiFi on) and I have an old i5 (gen 6 I think) that consumes 30 at idle. Your rig is defiantly not meant to act as a server (unless you want to mine bitcoons or run boinc…)

All kinds of stuff. I use it when I need a way to structure my data:

• I use it to keep track of software / libs that are of interest, what they are an alternative to. See example here: https://ibb.co/ncsdt0W
• I’ve also tried to recreate the functionality of a personal relational management (a la MonicaHQ, or per this post: https://medium.com/@rklau/my-homegrown-personal-crm-87dffbcf54d7) but found it to be an overengineered solution.
• I also used it to interact and store data through my python apps, to avoid dealing with it directly in python.
• You can also use it as a Kanban board
• Also, I’ve been trying to use it as an excel replacement - which is an overengineered solution but you get impeccable dataquality.

Nocodb is a bit wonky, but it is quite easy to work with (front- and backend) and since everything is in the database format you choose - you’re in control of how you want your data.

I’ve been using it for a while without any noticeable problems. What issues did you run into?

Like you said, “it depends” 😁

I have a huge datablob that I mirror off-site once monthly. I have a few services that provides things for my family, I take a backup of them nightly (and run a “backup-restoration” scenario every six months). For my desktop, none at all - but I have my most critical data synched / documented so they can be restored to a functional state.

I really look forward to spin this up tomorrow. Awesome release as always!