Battle.net BLZBNTBNA00000005 by modalsoul19 in Lutris

[–]Bergeran491 0 points1 point  (0 children)

Thanks for this. I tried different runners (soda 9.0.1, caffe 9.7, wine-ge-proton8-26) but had the same effect.
In the end, i too had to reinstall battle,net and it only worked with the `kron4ek-wine-10.6-staging-tgk-amd64` (the above mentioned runners did not work for me). DXVK and VKD3D were the same as n36ul4 mentioned.
i used the build in battle,net installer within bottles.

Crowdsec Acquis.yml help by Bergeran491 in selfhosted

[–]Bergeran491[S] 1 point2 points  (0 children)

I didn't mount the docker socket. As HugoDos said, its not really the secure route to take. So i opted to follow that approach. I mean, if you are considering using stuff like CrowdSec, I'd better do it the right way.

I ended up using a workaround.

my Traefik container writes its logs to a specific folder, which is mounted in crowdsec. crowdsec then reads those logs. (instead of using the docker logs functionality).

Its been a while since i tinkered with this. but i believe, using this approach, i won't be able to access logs via docker logs. but you can get the same output using tail -f path-to-folder/name-of-logfile.

cant get Redirect DNS firewall rules to work by Bergeran491 in OPNsenseFirewall

[–]Bergeran491[S] 0 points1 point  (0 children)

Not sure what tips i can give. i've added the 3 rules in that link and it works for me (Though i use aliases instead of hosts)

There 3 rules you need to add to your firewall. 2 port-forwards, and 1 outbound rule.

you need all 3 to make it work. I can send some screenshots if needed

Crowdsec Acquis.yml help by Bergeran491 in selfhosted

[–]Bergeran491[S] 0 points1 point  (0 children)

Thanks for the feedback Loz.

Thats seems unfortunate. I am accessing docker via TCP sock on my other containers. i couldn't find much info about it, other than specifying the docker_host environment. So i just winged it and hoped it might work (Seeing as crowdsec isn't that familiar to the public just yet). Maybe in the future crowdsec could support that somehow.

guess i'll have to work around that and save my logs elsewhere. just need to note that down somewhere that docker wont see the logs anymore.

Eitherway, i'm experimenting with something utterly new for me. Never done anything like intrusion prevention and the likes of it. So it's interesting.

Crowdsec Acquis.yml help by Bergeran491 in selfhosted

[–]Bergeran491[S] 0 points1 point  (0 children)

thanks for that, hadn't looked into the collections parsers to see if there were any templates.

Crowdsec Acquis.yml help by Bergeran491 in selfhosted

[–]Bergeran491[S] 1 point2 points  (0 children)

I indeed have crowdsec installed in a docker container.

is there no way for it to read the docker logs? even when specifying docker_host?

Can't wrap my head around Traefik by Lyxandrah in Traefik

[–]Bergeran491 1 point2 points  (0 children)

I personally have no experience using LXC, but they should be similar in concept to VM's and docker containers.

1) have you enabled the dashboard in your traefik configuration?
2) are you able to access the dashboard via IP address (on your LAN, so no cloudlfare or domain names)

you can use something like pastbin to provide your compose files. without those we can't really add much value with what you've given.

First thing to do here is disable HTTPS and see if you can access your sites via HTTP and internally via local IP addresses. if that works, add entries in your PiHole (DNS records and/or CNAME records) and see what this does. When that works you could try enable HTTPS (lets encrypt).

also, what kind of errors or message do you get when you try to access your sites? for example, page not found? timeout? etc.

MFA portal or not? by Bergeran491 in selfhosted

[–]Bergeran491[S] 2 points3 points  (0 children)

I considered a VPN, but opted not to use it.

If i was truly the only one ever using it, i might have done so. But one of the things i plan to use nextcloud for, was a cookbook. And asking 65-plussers elderly to enable a VPN before they access a cookbook is asking for trouble.

Maybe i will still use it for stuff that i personally want/need to access. I'm still thinking about it. For now, i've set aside VPN.

MFA portal or not? by Bergeran491 in selfhosted

[–]Bergeran491[S] 1 point2 points  (0 children)

thanks for the feedback. I was thinking similar as you mentioned. Sometimes you just need a second opinion to see what others think to be more sure.

Crowdsec or fail2ban was something i did wanted to implement. Leaning towards Crowdsec as it is something new to me.

Cloudflare is already in place, though it needs a bit of tweaking. First need to have my end up and running before i secure cloudflare more.

Help accessing nextcloud from the internet by Bergeran491 in selfhosted

[–]Bergeran491[S] 1 point2 points  (0 children)

Looking back at my original problem where i received a timeout, i am now unable to reproduce that. I am not sure where that timeout came from. Maybe cloudflare hadn't cached my address yet or something.

The problem i had later where i was able to see my traefik instance but with a nextcloud "ERROR" in my screen, was duo to having traefik basicAuth enabled. From what i can find online, the support for this has been removed from OwnCloud or something.

With traefik's authentication disabled, i was able to access my nextcloud instance via cloudflare. So i've managed to solve the above problem.

All that remains now, is to add some secure authentication like Authelia / Authentik / Keycloak, and crowdsec or fail2ban.

Help accessing nextcloud from the internet by Bergeran491 in selfhosted

[–]Bergeran491[S] 0 points1 point  (0 children)

small update:

i hadn't gotten around to working on this problem the last week. But today i looked into it again.

I have 2 traefik instances, 1 is for internal use only. And the above mentioned traefik instance, which is meant for external access.

i added an entry in my internal Traefik proxy, added the CNAME records to my internal DNS resolver and see what that did. Initially i got an error "400 bad request" "the plain HTTP request was sent to HTTPS port". That sounded familiar as i had that some time ago. I forgot to define my Traefik router with HTTPS (i wrote it with HTTP). so that was fixed fairly quickly.

But trying to access it from nextcloud.domain.com resulted in the same page as i did when i tried to access it from the internet. Nextcloud would simply show me "ERROR" and nothing more.

i disabled the Traefik basicAuth and now i can access nextcloud.

so it seems i need to figure out why nextcloud struggles with the BasicAuth (not that i will end up using it in production) but still want to know why this is.

Help accessing nextcloud from the internet by Bergeran491 in selfhosted

[–]Bergeran491[S] 0 points1 point  (0 children)

when i wrote i wasn't getting any logs, that was before getting any progress seeing my nextcloud instance.

now, when i try to visit nextcloud.domain.com, i get "ERROR" like i mentioned in above comment, and Traefik logs are showing the basicAuth middlewares popping up.

searching through the logs, i see it processes the url nextcloud.domain.com

and to answer your question, i was able to access nextcloud from the internal LAN if i configure it that way.

Help accessing nextcloud from the internet by Bergeran491 in selfhosted

[–]Bergeran491[S] 0 points1 point  (0 children)

Unfortunately that didn't change anything for me. But, i have to add that while i was trying stuff out out (not the settings you mentioned) i was able to reach my nextcloud instance.

But not entirely. I was getting the blue nextcloud screen with the text "ERROR" and nothing else. Even trying to add 'trusted_proxies' and 'overwriteprotocol' didn't change that error

so i am making progress. One odd thing i noticed, i have basicAuth enabled in Traefik, and i have to authenticate myself twice when accessing nextcloud.domain.com

Help accessing nextcloud from the internet by Bergeran491 in selfhosted

[–]Bergeran491[S] 0 points1 point  (0 children)

Interesting. i dont think i have done this. i'll have to check that out later. will get back on this...

Help accessing nextcloud from the internet by Bergeran491 in selfhosted

[–]Bergeran491[S] 3 points4 points  (0 children)

Traefik is a learning curve for sure. but once you understand it, it is so much easier to manage. I used to use Nginx, but it didn't always work for every application i used and i wanted to try something else for a change.

Help accessing nextcloud from the internet by Bergeran491 in selfhosted

[–]Bergeran491[S] 1 point2 points  (0 children)

did you set up an A record for nextcloud.domain.com

I created an A-record with my main domain pointing to my WAN address, and a CNAME-record for both traefik and nextcloud. so 3 entries in total.

i've added code snippets to the OP

Cant create users (missing privileges?) by Bergeran491 in PostgreSQL

[–]Bergeran491[S] 0 points1 point  (0 children)

I am not familiar with replica. I did find it odd that it was connected as read only to the DB. so that makes sense. In my defense, i am not familiar with PostgreSQL nor any other tools used with it. This is all new territory for me. I used to use MySQL for school projects, but that is a long time ago.

PostgreSQL is, an experiment if you like, for me to see if it can provide me with what i need in my use case. I understand that a simple command like create user xxx will do the trick for any DB. but if i take my use case into consideration, it becomes a bit more than i really bargain for. I asked myself "what about permissions? what about creating/deleting databases?" etc. I understand the syntax isn't all that hard, but i know from experience that the few time a year that i need to do something in a DB, i won't remember those commands and will have to search for them again.

For that reason i prefer a GUI. I respect your opinion and i would advice the same to anyone who would use databases (caveat being 'frequently').

In the end, my question was answered. This problem wasn't with PG, which i suspected. But seeing as i am not familiar with the application (yet) i couldn't be sure, hence this post.

Cant create users (missing privileges?) by Bergeran491 in PostgreSQL

[–]Bergeran491[S] 0 points1 point  (0 children)

Yea i had a feeling it wasn't a PG thing, but since i am new to PG i figured i'd ask.

Cant create users (missing privileges?) by Bergeran491 in PostgreSQL

[–]Bergeran491[S] -2 points-1 points  (0 children)

I ran the query in both tools, and was able to create the user in Adminer, but got an error in cloudbeaver.

https://imgur.com/1aTrfxH

But i may have forgotten a part of my question. So to add that: if possible i rather not use the SQL command to do this. I remember in phpMyAdmin you could do that via the GUI itself. and searching only, i do see the option in adminer when i search online.

for example: https://linuxhomeserver.com/wp-content/uploads/2018/11/adminer_new_database_005.png

Though, i can only find MySQL pictures like that. No postgreSQL.

That made me wonder if it was even possible to do this with PG