as a single user lemmy, no

nice job

Moved from subsonic to jellyfin, never looked back. Jellyfin does music and movies and TV shows, the only bit I miss is jukebox mode

If your DNS host has an API, you can get any certificate you like for the host.

e.g. a cert for server.example.com

Even though that host doesn’t exist in public DNS

yes the web server

apt/yum/dnf install nginx, listen on public IP of VPS, use proxy_pass to forward to your internal IP

server {
    listen [::]:443 ssl;
    http2 on;
    server_name service.example.com;
    root /var/data/websites/holding;
    index index.php index.html index.htm;

    #SSL setting
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    add_header X-Clacks-Overhead "GNU Terry Pratchett";
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

    # access_log /var/log/nginx/service-access.log main;
    access_log off;

    location / {
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "Upgrade";
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $remote_addr;
      proxy_set_header X-Forwarded-Proto "https";
      proxy_set_header X-SECURE-REQUEST "true";
      proxy_set_header Host $http_host;
      proxy_pass http://192.168.1.2/; #IP of the service over the VPN
    }

}

this, nginx config is simple once you know how

Not seen this on the list https://kanboard.org/

It’s a php app and very good

I would recommend nextcloud, there is a deck mobile app too

I did think that, what a mess of @ and # things

Ssh-ca is amazing, built my own with small step ca

Maybe also talk to nextcloud and see if the vjournel could be improved?

You can only order more kit, if you share it out. With every member of this community!

My god man, I need to add that site to my list. I don’t need it as I’ve been homelabing for many years, also support a SaaS app to keep me sharp.

But that site should be everywhere

If your looking for a great DNS provider, OVH is rock solid. They also register domains, I have all my domains and zones with them.

Also a dedi and a VPS, also they have an API for DNS updates that can be used to get certificates for internal domains

You could go HTTP only if your happy that anything on the network could see your traffic, I don’t trust anything on my networks so HTTPS everything.

Depending on if you have a proxy in front of vaultwarden will depend on what you need setup, I have nginx and traefik in front of my instance.

Yes and no, there have been issues with the android app for a long time. Some of it was Google and some the way it would detect files, it just happens that I posted the GitHub issue.

your in luck, as I couldnt find the issue when I posted.

But there is an update to this 👉 https://github.com/nextcloud/android/issues/15822

sure, you can see below that port 53 is only on a secondary IP I have on my docker host.

---
services:
  pihole01:
    image: pihole/pihole:latest
    container_name: pihole01
    ports:
      - "8180:80/tcp"
      - "9443:443/tcp"
      - "192.168.1.156:53:53/tcp" # this will only bind to that IP
      - "192.168.1.156:53:53/udp" # this will only bind to that IP
      - "192.168.1.156:67:67/udp" # this will only bind to that IP
    environment:
      TZ: 'Europe/London'
      FTLCONF_webserver_api_password: 'mysecurepassword'
      FTLCONF_dns_listeningMode: 'all'
    dns:
      - '127.0.0.1'
      - '192.168.1.1'
    restart: unless-stopped
    labels:
        - "traefik.http.routers.pihole_primary.rule=Host(`dns01.example.com`)"
        - "traefik.http.routers.pihole_primary.service=pihole_primary"
        - "traefik.http.services.pihole_primary.loadbalancer.server.port=80"

Docker by default will bind exposed ports to all IPs, but you can override this by setting an IP on the port exposed so thet a local only server is only accessable on 127.0.0.1

I do this with things that should go down my VPN only

https://docs.docker.com/reference/compose-file/services/#ports