Not sure if I completely understand but I think you want public service 1 accessible on subdomains s1.domain.com and internal service 2 on s2.domain.com?
Just point the A record for s2 to an internal ip address (or a tailscale ip). The only thing dns does is translate a (sub)domain to an ip address. So outside of your network s2.domain.com wouldn't resolve but inside your network it would.
A domain is like 10 bucks a year. This is just ego
How I understand it is that database/io calls are heavy and network calls are relatively light. A user on the instance itself equals Database/io and a federated server means just 1 database call and a bunch of network calls. Since it's a push model the instance only has to retrieve the data from the database itself once and then just pushes it to all subscribed instances.
Uhh apparently posted on ur other thread https://ymmel.nl/comment/128500
Can you reach file browser regularly? Attach it to a bridge network and expose the correct port to see if the container is running properly. Or check the docker logs for it. Could be that the reverse proxying isn’t working but I’d check the actual container first and go from there.
Can you reach file browser regularly? Attach it to a bridge network and expose the correct port to see if the container is running properly. Or check the docker logs for it. Could be that the reverse proxying isn't working but I'd check the actual container first and go from there.
You're a legend!
Guess I'll be skipping Twitter links entirely now.
Haven't seen one specifically for DSM but the docker-compose example on the Lemmy site worked for me on a regular Ubuntu server.
Great stuff!
First you've got to determine where threats can come from, then which surfaces are vulnerable and eventually the reach. In short what I mean:
SSH port (default 22) is high on the threat encounter level. Lots of bots try to scan every host they can find for an open SSH port. The risk is high because this is a doorway to your network. There's honestly no good reason to have port 22 open to your home. Get tailscale vpn. There are alternatives, I use tailscale, it's great.
When youre hosting apps, they can also be vulnerable. Keep them updated and you'll mostly be fine. There are levels of security. Super super secure is creating seperate networks for these apps so they can't access others. Bit much imo. Use non-rooted docker, enough of a sandbox.
In the end you're a small fish in a big pond, not saying you should be a cowboy but with a few decent measures you should be OK.
Tl;dr
It's great software but for me it's missing at least 1 must-have feature, being intro detection & skipping.
If you want to get into them you can run them both on the same library and just compare which you like best
Edit: dupe