Linuxoid
Matrix - @saint:group.lt
first you should check logs of cloudflare tunnel - most likely it cannot access your docker network. if you are using cloudflare container - it should use same network as a Immich instance.
in short: find the tunnel log and see what is happening there.
usually i add more than 1 ip and also vultr firewall can be managed to change ip. tailscale can be used as well. there are options!
if you configure ssh access only from your home ip - then fail2ban is not needed.
sorry, this is kinda like a firewall, but protecting websites, so many vulnerabilities are filtered out. it does not protect you 100% percent (nothing does). it might be hard to setup, in that case there is an option to use waf as a service, i.e. - cloudflare has such offering, maybe there are others as well. i have looked into vultr - they seem to offer only a “usual” type of firewall, not http/application based.
Get some WAF for the public facing app, maybe at least https://github.com/nbs-system/naxsi .
lemmy ;)
this is very simple solution i have used to clip entries in: https://github.com/blinkinglight/go-journal2
probably could fit into fly.io free tier. also as others have mentioned - oracle oci provides a nice free vm, which can be shut off if usage of resources is low, but you can workaround it by increasing a volume a bit more than free tier allows and pay something like a 1-2$ for it monthly.
Ages ago there was such a tool - Webalizer and everybody was using it :) not anymore…
using mostly operator from percona for kubernetes, sometimes just a simple deployment. Running postgresql for Lemmy from docker-compose as a container.
I use https://www.talkwalker.com/alerts to setup notifications via RSS on keywords that are interesting to me.
hi,
i am using this
root@instance-20211112-2005:/opt/lemmy/lemmy/docker# cat Dockerfile.arm64
FROM rust:1.70.0 as builder
WORKDIR /app
COPY . .
# This can be set to release using --build-arg
ARG RUST_RELEASE_MODE="debug"
COPY . .
# Build the project
# Debug mode build
RUN --mount=type=cache,target=/app/target \
if [ "$RUST_RELEASE_MODE" = "debug" ] ; then \
echo "pub const VERSION: &str = \"$(git describe --tag)\";" > "crates/utils/src/version.rs" \
&& cargo build \
&& cp ./target/$RUST_RELEASE_MODE/lemmy_server /app/lemmy_server; \
fi
# Release mode build
RUN \
if [ "$RUST_RELEASE_MODE" = "release" ] ; then \
echo "pub const VERSION: &str = \"$(git describe --tag)\";" > "crates/utils/src/version.rs" \
&& cargo build --release \
&& cp ./target/$RUST_RELEASE_MODE/lemmy_server /app/lemmy_server; \
fi
FROM debian:bullseye-slim
RUN apt-get update && apt-get install -y libpq5 ca-certificates && rm -rf /var/lib/apt/lists/*
COPY --from=builder /app/lemmy_server /app/lemmy
CMD ["/app/lemmy"]
Also Lemmy developers are working on cross build - so it should be available in the future I hope :)
it works fine, depending on popularity of your instance - you might have to add more resources in the future.
as for aarch64 - there are docker images available for lemmy and lemmy-ui
a source code of a game ;))