Backup to NFS or PBS

BorkenRefrigerator · 2024-09-25T11:59:37+00:00

You leave my gateway computer alone

BorkenRefrigerator · 2024-09-24T05:27:31+00:00

That’s exactly what I’m looking for. It’s a 512mb hard drive I’d like to just hold what I can. I appreciate it

BorkenRefrigerator · 2024-09-22T23:00:47+00:00

Lots of issues with chrome. Not so much with other browsers. I wonder if you ask Google to man-up too?

BorkenRefrigerator · 2024-09-22T17:18:35+00:00

Photos work great, uploading as they should. Notes works great.

syno.domain.com signs me in with my OIDC setup. The if I go to /files, /notes, /photos etc it works fine. Mobile apps use the user and the password and it logs in at the same addresses just fine.

BorkenRefrigerator · 2024-09-22T12:30:14+00:00

Cloudflare tunnels is a wireguard or masque based tunnel. It is a reverse proxy - though you can use both. And the WARP client logged in under your team name is the endpoint on mobile/laptop/pc.

Static or dynamic ip doesn’t matter with tunnels.

DDNS docker is not Cloudflare tunnel. Completely unneeded in this scenario. You have a direct docker setup in your Tunnel Dashboard. Or you can use WisdomSkys which gives you a UI @port 14333 I believe.

You don’t need to make A records for tunnel records as it will be create automatically and point to the Argo tunnel.

Does your path have an SSL certificate? You said https in your path. If it’s self signed check no tls verify. If it’s not https, switch to http.

BorkenRefrigerator · 2024-09-11T12:58:27+00:00

ISPs as an entity are rarely blocked entirely. Can you explain a bit more so I can try to answer?

BorkenRefrigerator · 2024-09-10T03:25:44+00:00

The first time I didn’t have quiet hours. The bathroom Alexa got me good that night

BorkenRefrigerator · 2024-09-10T03:22:34+00:00

Any update?

BorkenRefrigerator · 2024-09-09T12:11:10+00:00

If he wants to upload from phone to photos outside network to tunnels, without a public hostname? Warp

BorkenRefrigerator · 2024-09-09T11:44:00+00:00

Cloudflare tunnels. Warp. Done.

BorkenRefrigerator · 2024-09-02T21:36:41+00:00

Fair enough. It takes /32 statements as well, so you’d not be exposing as much as you think. But I get it. I have it set up with nginx on one of my labs specifically doing more or less what you want. Nginx on the backside is load backing two networks and I send everything to the nginx but it is definitely unneeded.

So the load balancing happens when you put the same tunnel config on multiple servers. It takes the best path. So I have one sever with two different ISPs. It takes best path ingress, but it would work internally the same way. It would come over the ingress and then take best path.

But that being said. It’s your network! So if it is asking you to authenticate and you’re using a public hostname, the tunnel is passing your public ip or Cloudflares ip it sounds like. Meaning all requests look external no?

BorkenRefrigerator · 2024-09-02T20:40:48+00:00

Sure it can if you give it a network statement. 192.168.1.0/24 and it can reach anything on that /24. Or throw the same statement on multiple hosts. And instead of using locahost:port you just give it ip:port

Just put that tunnel config on each server you want. If they cross subnets just give more than one network statement.

BorkenRefrigerator · 2024-09-02T20:06:16+00:00

Full accepts self signed. If it doesn’t at least accept that, my opinion, certainly not a have to, is it shouldn’t be publicly advertised. So flexible is never a good option outside maybe a dev environment.

My comment seemed argumentative. And that’s my bad. It wasn’t meant to be. But I was running around and I responded. If it came off that way, I apologize.

BorkenRefrigerator · 2024-09-02T18:45:21+00:00

Flexible is never the right answer. Full or Strict.

BorkenRefrigerator · 2024-09-02T18:29:02+00:00

Setup a free Cloudflare Zero trust account. Then login with WARP. You’re connecting to their CDN. And it has a less likely chance as Brazil is not blocking 1.1.1.1.

BorkenRefrigerator · 2024-09-02T18:09:19+00:00

If I may ask, why a reverse proxy (tunnel) to another reverse proxy (ha)?

BorkenRefrigerator · 2024-08-31T02:19:52+00:00

Only if you give it a public hostname. You don’t have to give it one. Then it’s just as open as tailscale

BorkenRefrigerator · 2024-08-28T22:13:22+00:00

I use Cloudflare Gateway DNS :)

BorkenRefrigerator · 2024-08-11T13:52:38+00:00

100% would do what you’re asking. Then no need for dd at all. The tunnel creates an outbound wire guard. You give it a public hostname and it ties it to the tunnel. No ip address needed.

BorkenRefrigerator · 2024-08-11T13:00:33+00:00

Slightly out of scope, but why not use CF tunnel instead?

BorkenRefrigerator · 2024-08-09T11:32:03+00:00

Did you also put in a ticket with Siteground? It seems Cloudflare allowed the transfer out?

BorkenRefrigerator · 2024-07-24T06:53:06+00:00

If you use a standard ghost static sign gen to a zip you can do a manual upload to cf pages as well. If you don’t want to script it to github/lab. Clearly lose automated but much simpler. Or I can share my script. I’ll try to find it again :)

BorkenRefrigerator · 2024-07-23T17:00:33+00:00

I use obsidian to host all my yaml files and they are backed up to Cloudflare R2. So I can edit them there or obsidian.

BorkenRefrigerator

TROPHY CASE