I don't know, what's more I don't know how to check.Which ever most likely?
ISP plastic box didn't allow custom DNS, I disabled DHCP and IPv6. On pihole I enabled DHCP with IPv6 disabled.
I know, I know enough to be dangerous now, and I'm trying to get the system through my dangerous phase. I don't think I know enough to ask intelligent questions yet...
ISP modem. I have a pi3 running pihole-dhcp-unbound, ufw and log2ram.
My system is a pi4 running *arrs, qBit, fail2ban, portainer in docker and ufw for now. Use case is: via mobile phone access *arrs, let them do their things and manually play files via hdmi or move files via thumbdrive. I was thinking giving up the phone access to put them on their own network, but subnets are beyond my ken for now.
Hoping to increment my security, and then the system as my skills develop.
Edit, qBit and prowlarr are behind gluetun set up for mullvard. I'm in the UK so had to put the indexer behind a VPN. UFW
Just trying to keep outside/malicious actors from entering my stuff while also bring able to use my stuff. More safer is more better, but I'm trying to balance that against my poor technical ability.
My priority list is free>easy>usable>safe. Using UFW seemed to fit, but you're right, punching holes in it defeats the purpose Which is why I wanted to only allow local network and have only the necessary ports open. You have given me lots of terms to Google as a jumping off point so thank you.
Reduce - Reuse - Recycle. In that order.
One day my dumbass will learn to read usernames, but it is not this day!
I take it, with this obvious pivot, that you have conceded that it is indeed trafficking then?
Current obstacle: dockstarter qbittorrent immediately flips torrent to 'errored'. Edit to current progress. Bottom left has "free space: unknown" so I think it's a storage issue. sudo lsblk" has sdb1 mounted to /mnt/hdd correctly I think. The "storage" volume in Portainer is set to /mnt/hdd so I think that's correct. The storage in qbit is set correctly as well I think, /data/torrents. I think I've set permissions to allow things to happen to the HDD "sudo chmod 777 /mnt/hdd" on the Pi's cli. I dont kmow if I was supposed to gove docker those permissions somehow, I haven't been smart enough to find anything in any documents.
Yay learning
Matches my experience. It doesn't matter what guide I'm following, I seem to have to troubleshoot every other step. On the plus side, stumbling over every obstacle possible has been a great learning experience and I am primarily doing this as an exercise... Fuck me would I like something to just work though.
I am sorry, I am but a worm just starting Docker and I have two questions.
Say I set up pihole in a container. Then say I use Pihole's web UI to change a setting, like setting the web UI to the midnight theme.
Do changes persist when the container updates?
I am under the impression that a container updating is the old one being deleted and a fresh install taking its place. So all the changes in settings vanish.
I understand that I am supposed to write files to define parameters of the install. How am I supposed to know what to write to define the changes I want?
Sorry to hijack, the question doesn't seem big enough for its own post.
I use it. Sometimes it can't though, which is my cue to leave.
Both pi's have static IPs.
I asked the *arrs to talk to each other, and when they didn't work (and only when they didnt work) I "ufw allow"ed the relevant port.
I just want to patch up my firewall layer as best I can, and then start building security layers on top/below it as I learn how.
So I told Sonarr that qBit it at 192.168...:port. The test failed, "ufw allow port", then the test passed. Could I instead have told Sonarr qBit is at 172.18...:port(dockers network address) and then close up the firewall. Or can I set them all to "ufw limit". Or set the firewall to only allow local local traffic... You get the idea, I know enough to be dangerous but not enough to ask the right questions.