I’ve only subscribed to the “Free proxies” blocklist. But these are only additional blocklists. The main attraction of CrowdSec is their “CAPI” (Central API) which has all the current malicious actors detected in the network of CrowdSec instances and is used automatically.

It’s an SQLite database. Corruption is very unlikely. So, that’s not something I am worried about.

You have to actually add the middleware into the (default) chain for your https entrypoint (I think in most tutorials it’s called websecure) - in my static conf I have this:

entryPoints:
  https:                                                           
    address: :443                                                  
    http:                                                          
      middlewares:                                                 
        - crowdsec-bouncer@file                                    
        - secure-headers@file 

And in my dynamic conf I have this:

http:
  middlewares:
    crowdsec-bouncer:
      plugin:
        crowdsec-bouncer-traefik-plugin:
          CrowdsecLapiKey: "### Enter your LAPI Key here ###"
          Enabled: true

@get_flomped@lemmy.world

Are there any thoughts of implementing 24/7 GPS tracking support (e.g. being fed by OwnTracks) alongside the activities?

After trying several tools I now ended up with Traccar, but as that’s based on Java and more suited for fleet tracking, it’s not quite ideal.

I’ve recently introduced CrowdSec and crowdsec-bouncer-traefik-plugin into my setup and it’s really great to see it block all those spam bots and brute force attempts.

Some food for thought:

When I was looking to get my photos under control, in the end I decided to go all-in with Apple Photos. As I’m also using a Mac, the convenience can’t be beaten. Also, I can easily pull up any photo using Apple’s smart filters and can easily select photos from within apps without having to “share” them to the photos library first.

But this was only decided after I found out that Apple Photos keeps all photos in separate files in original quality and all metadata in a local SQLite database. Using the osxphotos tool, you can query this database and easily pull out any photo incl. metadata - even when running on other OSes, no need for Apple Photos. This also makes it easy to move everything to another system, if needed.

I’ve set my Mac to always keep original copies on disk and run a backup to my NAS every night. (Using CCC at the moment, but looking to switch to restic.) This way, all my photos are always off-site in iCloud, on my Mac and on my NAS.

You’d just need a tool to upload your Android photos to iCloud. From a quick search it seems Sync for iCloud might do the trick - albeit manually … if I read the reviews correctly.

I’d suggest /opt/docker/_compose/ for all the compose files. Or, if you keep all the config files for your containers on your NAS, maybe create a share there and put all yml files in it, then mount it on the host. This way everything is on your NAS and nothing is lost if the host freaks out.

And I’d add the NFS mounts to the compose files as well. When specifying volumes, you can use anything the host OS has a mount.xxx command for. Docker will take care of mounting everything.

Put that mount point into the compose file(s). You can define volumes with type nfs and basically have Docker-Compose manage the mounts.

I’m using UberSpace for 5€/month for a few small web projects and for emails. Unlimited mailboxes, unlimited aliases. However, you have to configure it using console commands via SSH. But it’s all explained in their documentation.

If it’s the system with the (locked) KeePass database on it, you should be fine. The encryption can be tweaked so that unlocking the database takes a second even on modern systems. Doesn’t affect you much, but someone trying to brute-force the password will have a hard time. It also supports keyfiles for even more security.

If somebody infiltrates your end user device, no password tool will be safe once you unlock it.

After trying them all, I’m back at having a local KeePass database that is synced to all my devices via iCloud and SyncThing. There are various apps to work with KeePass databases and e.g. Strongbox on macOS and iOS integrates deeply into Apple’s autofill API so that it feels and behaves natively instead of needing some browser extension. KeePass DX is available for all other platforms, and there are lots of libraries for various programming languages so that you can even script stuff yourself if you want.

And I have the encrypted database in multiple places should one go tits up.

Yeah, but I didn’t want to fiddle with some custom settings. The same official postgres container works great with other apps.

I didn’t notice any big drops in network or CPU performance. Usually, because other network traffic had priority. But my server’s HDD constantly rattling along got me thinking that it wasn’t worth it. There are several other containers running on that box and I don’t have that much HDD activity with them.

I did this for a while. However, after subscribing to several groups, there was constant disk activity and it ate network bandwidth. After two months I’ve stopped my server and went back to using a public instance.

The last time I’ve used glances - to be fair, some years ago - it caused the main CPU usage on my Raspberry Pi 3. However, looks like it’s been fixed recently.

Possibly a bit overkill, but I’m running Zabbix in 3 containers (Core, WebUI, database). Using its agent installed on all my machines, I can monitor basically anything. Of course, you can set limits, alerts, draw graphs, etc.

That’s what happens if you rely on 3rd party services that are very eager to please anyone that spells out DMC without even waiting for the A.

There should still be the rather tame World Digital Brasil… but their Tinfoil server is down at the moment, it seems.

You might want to read the recent blog post (linked at top) and discussion on Hacker News first.

The thing with SearXNG is that it will search in multiple search engines in parallel and then aggregate the results. If the same result appears in all of the queries, it’ll be weighted more than one that appears in only one of the results.

This way you get very neutral overall results compared to the biased ones Google usually delivers.

Also, you can easily define custom search engines, so you could make it search on your favourite website as well.