It’s an SQLite database. Corruption is very unlikely. So, that’s not something I am worried about.
It’s an SQLite database. Corruption is very unlikely. So, that’s not something I am worried about.
You have to actually add the middleware into the (default) chain for your https
entrypoint (I think in most tutorials it’s called websecure
) - in my static conf I have this:
entryPoints:
https:
address: :443
http:
middlewares:
- crowdsec-bouncer@file
- secure-headers@file
And in my dynamic conf I have this:
http:
middlewares:
crowdsec-bouncer:
plugin:
crowdsec-bouncer-traefik-plugin:
CrowdsecLapiKey: "### Enter your LAPI Key here ###"
Enabled: true
I’ve recently introduced CrowdSec and crowdsec-bouncer-traefik-plugin into my setup and it’s really great to see it block all those spam bots and brute force attempts.
Some food for thought:
When I was looking to get my photos under control, in the end I decided to go all-in with Apple Photos. As I’m also using a Mac, the convenience can’t be beaten. Also, I can easily pull up any photo using Apple’s smart filters and can easily select photos from within apps without having to “share” them to the photos library first.
But this was only decided after I found out that Apple Photos keeps all photos in separate files in original quality and all metadata in a local SQLite database. Using the osxphotos tool, you can query this database and easily pull out any photo incl. metadata - even when running on other OSes, no need for Apple Photos. This also makes it easy to move everything to another system, if needed.
I’ve set my Mac to always keep original copies on disk and run a backup to my NAS every night. (Using CCC at the moment, but looking to switch to restic.) This way, all my photos are always off-site in iCloud, on my Mac and on my NAS.
You’d just need a tool to upload your Android photos to iCloud. From a quick search it seems Sync for iCloud might do the trick - albeit manually … if I read the reviews correctly.
How did you mount it outside the cluster? Did you have a look at the mtab and used the exact same options in the compose file?
There’s no difference between using a volume in Compose to mount a share or your server’s fstab file. Both do the same kind of mount.
I’d suggest /opt/docker/_compose/ for all the compose files. Or, if you keep all the config files for your containers on your NAS, maybe create a share there and put all yml files in it, then mount it on the host. This way everything is on your NAS and nothing is lost if the host freaks out.
And I’d add the NFS mounts to the compose files as well. When specifying volumes, you can use anything the host OS has a mount.xxx command for. Docker will take care of mounting everything.
Put that mount point into the compose file(s). You can define volumes with type nfs and basically have Docker-Compose manage the mounts.
That probably doesn’t work unless you power-cycle the picture frame after changing the photos.
I had this with some offline Samsung picture frame and a Transcend WiFi SD card. The SD card runs a small Linux and can be unlocked to add own scripts. I had a script that would rsync files from my storage to the SD. However, while the new files were written to the SD just fine, the picture frame never re-read the list of files from the SD. And after power-cycling, my specific model needed to be turned on manually again. So, that wasn’t a satisfactory solution.
I’m using UberSpace for 5€/month for a few small web projects and for emails. Unlimited mailboxes, unlimited aliases. However, you have to configure it using console commands via SSH. But it’s all explained in their documentation.
If it’s the system with the (locked) KeePass database on it, you should be fine. The encryption can be tweaked so that unlocking the database takes a second even on modern systems. Doesn’t affect you much, but someone trying to brute-force the password will have a hard time. It also supports keyfiles for even more security.
If somebody infiltrates your end user device, no password tool will be safe once you unlock it.
After trying them all, I’m back at having a local KeePass database that is synced to all my devices via iCloud and SyncThing. There are various apps to work with KeePass databases and e.g. Strongbox on macOS and iOS integrates deeply into Apple’s autofill API so that it feels and behaves natively instead of needing some browser extension. KeePass DX is available for all other platforms, and there are lots of libraries for various programming languages so that you can even script stuff yourself if you want.
And I have the encrypted database in multiple places should one go tits up.
I didn’t notice any big drops in network or CPU performance. Usually, because other network traffic had priority. But my server’s HDD constantly rattling along got me thinking that it wasn’t worth it. There are several other containers running on that box and I don’t have that much HDD activity with them.
I did this for a while. However, after subscribing to several groups, there was constant disk activity and it ate network bandwidth. After two months I’ve stopped my server and went back to using a public instance.
You might want to read the recent blog post (linked at top) and discussion on Hacker News first.
Thing is, DMCA doesn’t apply all over the world. There are countries where whatever electronic device you buy is actually yours and you’re allowed to do whatever you want - including messing with the firmware. Also, I’d argue, the DMCA doesn’t apply if you dump the firmware/keys for yourself only without distributing it.
That being said, it’s unfortunate that these people are mostly in the US where the party with more money decides when a lawsuit is over and not some sane judge that just throws this case back at Nintendo. But after the stuff with Disney+ and the recent one with Uber, I’m not surprised at all anymore.
But nothing is circumvented. People have to provide their own keys, right? It’s like suing GnuPG b/c it can decrypt stuff…
Just serve the code locally from a Gitea or Forgejo instance. Then let’s see how Ninty is going to DMCA that. Also, I’d love for someone to challenge the DMCA’s as copyright should not apply to an emulator that doesn’t use any original code and doesn’t come with ROM files.
I’ve only subscribed to the “Free proxies” blocklist. But these are only additional blocklists. The main attraction of CrowdSec is their “CAPI” (Central API) which has all the current malicious actors detected in the network of CrowdSec instances and is used automatically.