Skip to content

Google confirms more ads on your paid YouTube Premium Lite soon

Technology
268 191 0
  • What was Radiant AI, anyway?

    Technology technology
    6
    1
    14 Stimmen
    6 Beiträge
    0 Aufrufe
    T
    In fact Daggerfall was almost nothing but quests and other content like that.
  • Building a slow web

    Technology technology
    29
    1
    124 Stimmen
    29 Beiträge
    0 Aufrufe
    ohshit604@sh.itjust.worksO
    While i appreciate the detailed response here i did make another comment letting OP know i'm in a similiar situation as them, i use Docker Engine & Docker Compose for my self-hosting needs on a 13th Gen Asus Nuc (i7 model) running Proxmox with a Debian 12 VM. My reverse proxy is traefik and i am able to receive SSL certificates on port :80/:443 (also have Fail2Ban setup) however, i can't for the life of me figure out how to expose my containers to the internet. On my iPhone over LTE/5G trying my domain leads to an "NSURLErrorDomain" and my research of this error doesn't give me much clarity. ::: spoiler This is a snippet of my docker-compose.yml services: homepage: image: ghcr.io/gethomepage/homepage hostname: homepage container_name: homepage networks: - main environment: PUID: 0 # optional, your user id PGID: 0 # optional, your group id HOMEPAGE_ALLOWED_HOSTS: my.domain,* ports: - '127.0.0.1:3000:3000' volumes: - ./config/homepage:/app/config # Make sure your local config directory exists - /var/run/docker.sock:/var/run/docker.sock #:ro # optional, for docker integrations - /home/user/Pictures:/app/public/icons restart: unless-stopped labels: - "traefik.enable=true" - "traefik.http.routers.homepage.rule=Host(`my.domain`)" - "traefik.http.routers.homepage.entrypoints=https" - "traefik.http.routers.homepage.tls=true" - "traefik.http.services.homepage.loadbalancer.server.port=3000" - "traefik.http.routers.homepage.middlewares=fail2ban@file" # - "traefik.http.routers.homepage.tls.certresolver=cloudflare" #- "traefik.http.services.homepage.loadbalancer.server.port=3000" #- "traefik.http.middlewares.homepage.ipwhitelist.sourcerange=127.0.0.1/32, 192.168.1.0/24, 172.18.0.0/16, 208.118.140.130" #- "traefik.http.middlewares.homepage.ipwhitelist.ipstrategy.depth=2" traefik: image: traefik:v3.2 container_name: traefik hostname: traefik restart: unless-stopped security_opt: - no-new-privileges:true networks: - main ports: # Listen on port 80, default for HTTP, necessary to redirect to HTTPS - target: 80 published: 55262 mode: host # Listen on port 443, default for HTTPS - target: 443 published: 57442 mode: host environment: CF_DNS_API_TOKEN_FILE: /run/secrets/cf_api_token # note using _FILE for docker secrets # CF_DNS_API_TOKEN: ${CF_DNS_API_TOKEN} # if using .env TRAEFIK_DASHBOARD_CREDENTIALS: ${TRAEFIK_DASHBOARD_CREDENTIALS} secrets: - cf_api_token env_file: .env # use .env volumes: - /etc/localtime:/etc/localtime:ro - /var/run/docker.sock:/var/run/docker.sock:ro - ./config/traefik/traefik.yml:/traefik.yml:ro - ./config/traefik/acme.json:/acme.json #- ./config/traefik/config.yml:/config.yml:ro - ./config/traefik/custom-yml:/custom # - ./config/traefik/homebridge.yml:/homebridge.yml:ro labels: - "traefik.enable=true" - "traefik.http.routers.traefik.entrypoints=http" - "traefik.http.routers.traefik.rule=Host(`traefik.my.domain`)" #- "traefik.http.middlewares.traefik-ipallowlist.ipallowlist.sourcerange=127.0.0.1/32, 192.168.1.0/24, 208.118.140.130, 172.18.0.0/16" #- "traefik.http.middlewares.traefik-auth.basicauth.users=${TRAEFIK_DASHBOARD_CREDENTIALS}" - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https" - "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https" - "traefik.http.routers.traefik.middlewares=traefik-https-redirect" - "traefik.http.routers.traefik-secure.entrypoints=https" - "traefik.http.routers.traefik-secure.rule=Host(`my.domain`)" #- "traefik.http.routers.traefik-secure.middlewares=traefik-auth" - "traefik.http.routers.traefik-secure.tls=true" - "traefik.http.routers.traefik-secure.tls.certresolver=cloudflare" - "traefik.http.routers.traefik-secure.tls.domains[0].main=my.domain" - "traefik.http.routers.traefik-secure.tls.domains[0].sans=*.my.domain" - "traefik.http.routers.traefik-secure.service=api@internal" - "traefik.http.routers.traefik.middlewares=fail2ban@file" ::: Image of my port-forwarding rules (note; the 3000 internal/external port was me "testing") ![](https://sh.itjust.works/pictrs/image/fa56898b-d183-4fca-99ed-db4a2b3aaf2f.png) ___ **Edit:** I should note the [Asus Documentation for Port-forwarding](https://www.asus.com/support/faq/1037906/) mentions this: > 2. Port Forwarding only works within the internal network/intranet(LAN) but cannot be accessed from Internet(WAN). > (1) First, make sure that Port Forwarding function is set up properly. You can try not to fill in the [ Internal Port ] and [ Source IP ], please refer to the Step 3. > (2) Please check that the device you need to port forward on the LAN has opened the port. For example, if you want to set up a HTTP server for a device (PC) on your LAN, make sure you have opened HTTP port 80 on that device. > (3) Please note that if the router is using a private WAN IP address (such as connected behind another router/switch/modem with built-in router/Wi-Fi feature), could potentially place the router under a multi-layer NAT network. Port Forwarding will not function properly under such environment. > Private IPv4 network ranges: > Class A: 10.0.0.0 – 10.255.255.255 > Class B: 172.16.0.0 – 172.31.255.255 > Class C: 192.168.0.0 – 192.168.255.255 > CGNAT IP network ranges: > The allocated address block is 100.64.0.0/10, i.e. IP addresses from 100.64.0.0 to 100.127.255.255. I want to highlight the fact that i may be under a multi-layered NAT, the folks in my household demand the ISP router given that i have PiHole running DNS blocking and my Asus Router routes all outbound connections through a VPN tunnel, besides DDNS obviously which my router also handles, i have to run these routers in bridged-mode so that they share the same WAN IP **but**, if I am able to receive SSL/TLS certificates from LetsEncrypt on port :80/:443 that means port-forwarding is working as intended right?
  • We Should Immediately Nationalize SpaceX and Starlink

    Technology technology
    319
    1
    959 Stimmen
    319 Beiträge
    0 Aufrufe
    mojofrododojo@lemmy.worldM
    By your logic spaceX should stop taking gov $ then. Just because something is private doesn't mean they should get public funding.
  • You probably don't remember these but I have a question

    Technology technology
    52
    2
    96 Stimmen
    52 Beiträge
    0 Aufrufe
    lordwiggle@lemmy.worldL
    Priorities man, priorities
  • X/Twitter Pause Encrypted DMs.

    Technology technology
    52
    2
    259 Stimmen
    52 Beiträge
    2 Aufrufe
    L
    There may be several reasons for this. If I had to guess, they found a critical flaw and had to shut it down for security reasons.
  • 17 Stimmen
    1 Beiträge
    0 Aufrufe
    Niemand hat geantwortet
  • 6 Stimmen
    9 Beiträge
    3 Aufrufe
    V
    Ah yeah, that doesn't look like my cup of tea.
  • 27 Stimmen
    4 Beiträge
    2 Aufrufe
    C
    I really wish their whole lap-dock concept had succeeded. Or at least ran a few more generations, so I could get an upgraded model with USBc