Just installed arch with chroot on my old rooted phone a week ago.
Seeing this is great because it means there's no need for complicated workarounds or even root access! Plus the distro runs natively and not with difficulties like with chroot :D
Selfhoster1728
joined 11 months ago
yep
In my opinion it's the best solution because there's a really low attack surface plus it makes it easy to control which device has access to which services.
Not any in particular but mTLS is essentially just a reverse proxy (like nginx) asking a client for a certificate to be able to access the service behind it.
There are quite a few guides out there, so choose one for your reverse proxy of choice!
Tailscale is simpler but when you're accessing from devices behind VPNs like I do mTLS is a lifesaver.
I use DAVxโต for caldav (supports mTLS)
I find mTLS cool too :P
In terms of being a pain it's not that bad with nginx in my opinion. I can just build my own certificate for each service I expose or you use a common one, giving read only access to the key for my nginx containers and in two lines in the .conf it's sorted.
mTLS with a reverse proxy!
How exactly does stuff get broken? Never rly had a problem bumping up the version in docker. The only issue has been the playstore version taking longer to push updates sometimes for the mobile apps.
I have a project on Forgejo and I've needed to set up a runner for compilation but I've been very confused so far on how everything works.
All I've been able to do is make a runner and connect it to my Forgejo instance, but I didn't really know what to do from there.
Where are you located? If in the UK, BargainHardware has pretty good deals when they get a bunch of the same HDD model in stock.
I was having a lot of trouble keeping port forwarding stable before this change with protonvpn too. Probably the best change I've seen with gluetun so far!
Yes, if a port is set in the port forwarding section for the qbittorrent preferences in the webui (once one is set it stays until changed), the green globe means it's working.
To enable port forwarding with gluetun see the port forwarding section in the gluetun wiki on their github page. It's pretty clear what you need to do there.
For port forwarding with qbit, gluetun's v3.40.0 release introduced an environment variable that allows the running of a script whenever the VPN changes port (see PR https://github.com/qdm12/gluetun/pull/2399). If you take a look at the PR some people shared commands to put under the env variable VPN_PORT_FORWARDING_UP_COMMAND.
So all you need to do is put that new environment variable in the environment section, take one of the example commands that uses the qbitorrent API to change the port when needed, and it should be all.
To test if port forwarding works qbittorrent will display a little green planet in the bottom bar, and if port forwarding is not working, a fire (to say it's firewalled).
You're right actually it's not native I don't know what I'm on about ๐ Still it's much easier to have a baked in terminal app than having to install proot on top of termux, hopefully it will have less of a performance impact than proot as well.