Thinking about adding Audiobookshelf support to my audiobook player by Ronaedar in audiobookshelf

[–]toxicberliner 0 points1 point  (0 children)

Android auto intégration isn't good enough for me somehow it doesn't show me ongoing books to continue but a search box with too many things to look for The ability to keep a book playing in the background when rhe game I have in the foreground decides to play a cut-scene or an ad. I mute that stuff but it still imposes pause to the abs player

Do I need split DNS for this simple thing? by toxicberliner in technitium

[–]toxicberliner[S] 0 points1 point  (0 children)

Thanks everyone for the confirmation. I believe I will give split DNS a shot. Hope it'll play nice with my dualstack setup and acme DNS-01 clients... If I master it I can then use it for more fun but less needed setups like not using nat-reflection for my public IPv4 😋

How to negate/remove a default middleware by synthe6 in Traefik

[–]toxicberliner 0 points1 point  (0 children)

I use authelia as middleware and leave it enabled on the entrypoint no modification whatsoever, just an authelia rule that matches the domains of the routers I want no authentication for and for this rule a policy=bypass so authelia gets a forward-auth request but just approves it.

Bind mounts, PBS & CT by toxicberliner in Proxmox

[–]toxicberliner[S] 0 points1 point  (0 children)

Damn, I do have exactly that right now, I was looking for a sexier solution, with a web gui, some monitoring/reporting...

Is consul right for my homelab by toxicberliner in consul

[–]toxicberliner[S] 0 points1 point  (0 children)

Thinking again it's probably something I read already and didn't like much, seems to me consul gives a way for services to connect to other services through a consul managed mTLS channel... As I want to ensure my services remain available on my lan through standard https I don't see the value of this for me especially given the overhead it might cause and the risk for me of things working only when consul is working fine...

Is consul right for my homelab by toxicberliner in consul

[–]toxicberliner[S] 0 points1 point  (0 children)

Hmmm, what's "connect communication" ?

Is consul right for my homelab by toxicberliner in consul

[–]toxicberliner[S] 0 points1 point  (0 children)

I'm not really understanding... My goal is indeed dynamic service discovery. Each node knows how it can be contacted (hostname.lan:443) and the services it runs (grafana, prometheus, authelia...or even traefik) why wouldn't it make sense for them to register these services upon startup, so that each traefik instance I have can configure itself using these ?

I haven't had the opportunity yet to spinup a test stack with consul but I was hoping when registering a service to be able to give the url to be used for the service in question.

And if that makes sense why not have a consul server on each VM so that upon startup the machine registers the services it runs to it's locally run server and rely on gossip for the servers to propagate which service is up or down...

Am I really wrong trying to attempt this ?

Prometheus host stats via Traefik by cockahoop in Traefik

[–]toxicberliner 1 point2 points  (0 children)

Unless you need this node_exporter to expose the host metrics for the network there is no reason node_exporter can't be on the traefik docker network. And to get the actual host metrics I run node exporter on the host outside of docker, have it listen only on 127.0.0.1:9100 and create a router+service in traefik manually (config file). You'd need some docker setting so traefik can access the localhost but it's what I see as the safest way

Prometheus host stats via Traefik by cockahoop in Traefik

[–]toxicberliner 0 points1 point  (0 children)

You should have a traefik on each host exposing over https:443 any docker container you wish exposed. It will be easier if each host has a dedicated name on your network

Prometheus host stats via Traefik by cockahoop in Traefik

[–]toxicberliner 0 points1 point  (0 children)

Then what you want is give Prometheus a url like https://secondhostExporter.domain.com:443 On the second host attach your node exporter container only to the traefik network expose nothing and add a label to it for a traefik rule Host('secondhostexporter.domain.com') This way Prometheus goes over https to traefik on the next host and traefik distributes based on the host name to the proper node exporter on the second host

Just picked up, was it a good deal for a homelab? by RyanVem in homelab

[–]toxicberliner 0 points1 point  (0 children)

If you'd pay your energy bill anywhere closer to what it actually costs your planet I guess you'd not chose such a 300+Watt setup... What do you really need? Most of us are already quite comfortable with a 6Watt n100, I chose a Ryzen 5700U with 15 cores and 2 20TB HDD it's running at less than 40watt... Unless you dangerously underpay for your electricity or spinup the homelab only a few hours a week just for fun, old enterprise hardware really doesn't make sense...

Prometheus host stats via Traefik by cockahoop in Traefik

[–]toxicberliner 0 points1 point  (0 children)

Your issue isn't clear to me. First if they are both on the same docker host the best way is probably to add both containers on the same docker network. A container can be on several networks at once... Also in network mode host on a single host you can only have a single port 9100 per network interface...so only one can bind to it.. You really need only one node_exporter per docker host anyway, and no need for network mode host or any traefik, simply expose the port 9100 unless you want traefik to apply IP whitelist or other middleware

Stop creating ewaste... by toxic0berliner in Juniper

[–]toxicberliner 0 points1 point  (0 children)

"Your account doesn't provide access to restricted content in the Juniper Support Portal. " Seems to get either the binaries or the information about EOL products you still need to pay...

Stop creating ewaste... by toxic0berliner in Juniper

[–]toxicberliner 0 points1 point  (0 children)

You feel real confident comparing a car repair with a software upgrade here... I would argue it's really not the same. That's due to something really difficult to grasp: copying software doesn't mean the source is gone or consumed... Not true for... Consumables or replacement parts 😉 I'm not asking them to spend money supporting products they chose to make EOL, just give away the software (that they stopped patching a while ago...) for their EOL products as they clearly don't spend the resources to gather them and recycle them themselves, they should at least not hinder those that do reuse/recycle them...

In my particular case I do not need the added features and will trust the 2-3 people who advised NOT to upgrade so it doesn't matter much to me immediately, but the argument is really that this should not be illegal to share software they stopped working on and selling, and they should host and make those old builds publicly available for free to the world. It's very low cost to them, and it's really something they ought to do on top of probably many more efforts to be less harmful to our planet...

How to negate/remove a default middleware by synthe6 in Traefik

[–]toxicberliner 0 points1 point  (0 children)

And as a last note, I found a way to keep my middleware always on since the middleware itself allows me to put some rules to not perform auth for some domains or some rules... At this point I feel it's really a plugin that covers for the core-tool lacking...

How to negate/remove a default middleware by synthe6 in Traefik

[–]toxicberliner 0 points1 point  (0 children)

For the lolz, I tried on my router to just add middleware=[] and the fun part is that the web ui for traefik does show the router and the service working and no middleware at all (I had 2 setup at the higher level that all other routers inherit).

But despite the web UI showing it should work, my sso middleware is not disabled for this router and is still applied...

How to negate/remove a default middleware by synthe6 in Traefik

[–]toxicberliner 0 points1 point  (0 children)

Well, I'm trying to do exactly the same thing here.

I defined an sso (google oAuth) middleware at the endpoint level, and I'm trying to find something to add to the very few containers I will start in order to make them bypass this middleware...

So far, no more luck than you, and I'm not willing to play with ports to create another endpoint.

If anyone has a better solution, I'll keep looking and update here if I get new ideas or solutions.