I use Caddy for this. I’ll leave links to the documentation as well as a few examples.

Here’s the documentation for wildcard certs. https://caddyserver.com/docs/automatic-https#wildcard-certificates

Here’s how you add DNS providers to Caddy without Docker. https://caddy.community/t/how-to-use-dns-provider-modules-in-caddy-2/8148

Here’s how you do it with Docker. https://github.com/docker-library/docs/tree/master/caddy#adding-custom-caddy-modules

Look for the DNS provider in this repository first. https://github.com/caddy-dns

Here’s documentation about using environment variables. https://caddyserver.com/docs/caddyfile/concepts#environment-variables

Docker

A few examples of Dockerfiles. These will build Caddy with DNS support.

DuckDNS

FROM caddy:2-builder AS builder
RUN xcaddy build --with github.com/caddy-dns/duckdns

FROM caddy:2
COPY --from=builder /usr/bin/caddy /usr/bin/caddy

Cloudflare

FROM caddy:2-builder AS builder
RUN xcaddy build --with github.com/caddy-dns/cloudflare

FROM caddy:2
COPY --from=builder /usr/bin/caddy /usr/bin/caddy

Porkbun

FROM caddy:2-builder AS builder
RUN xcaddy build --with github.com/caddy-dns/porkbun

FROM caddy:2
COPY --from=builder /usr/bin/caddy /usr/bin/caddy

Configure DNS provider

This is what to add the the Caddyfile, I’ve used these in the examples that follow this section. You can look at the repository for the DNS provider to see how to configure it for example.

DuckDNS

https://github.com/caddy-dns/cloudflare?tab=readme-ov-file#caddyfile-examples

tls {
	dns duckdns {env.DUCKDNS_API_TOKEN}
}

CloudFlare

https://github.com/caddy-dns/cloudflare?tab=readme-ov-file#caddyfile-examples Dual-key

tls {
	dns cloudflare {
		zone_token {env.CF_ZONE_TOKEN}
		api_token {env.CF_API_TOKEN}
	}
}

Single-key

tls {
	dns cloudflare {env.CF_API_TOKEN}
}

PorkBun

https://github.com/caddy-dns/porkbun?tab=readme-ov-file#config-examples Global

{
        acme_dns porkbun {
                api_key {env.PORKBUN_API_KEY}
                api_secret_key {env.PORKBUN_API_SECRET_KEY}
        }
}

or per site

tls {
	dns porkbun {
			api_key {env.PORKBUN_API_KEY}
			api_secret_key {env.PORKBUN_API_SECRET_KEY}
	}
}

Caddyfile

And finally the Caddyfile examples.

DuckDNS

Here’s how you do it with DuckDNS.

*.example.org {
        tls {
                dns duckdns {$DUCKDNS_TOKEN}
        }

        @hass host home-assistant.example.org
        handle @hass {
                reverse_proxy home-assistant:8123
        }
}

Also you can use environment variables like this.

*.{$DOMAIN} {
        tls {
                dns duckdns {$DUCKDNS_TOKEN}
        }

        @hass host home-assistant.{$DOMAIN}
        handle @hass {
                reverse_proxy home-assistant:8123
        }
}

CloudFlare

*.{$DOMAIN} {
        tls {
	        dns cloudflare {env.CF_API_TOKEN}
        }

        @hass host home-assistant.{$DOMAIN}
        handle @hass {
                reverse_proxy home-assistant:8123
        }
}

Porkbun

*.{$DOMAIN} {
        tls {
	        dns porkbun {
			api_key {env.PORKBUN_API_KEY}
			api_secret_key {env.PORKBUN_API_SECRET_KEY}
	        }
        }

        @hass host home-assistant.{$DOMAIN}
        handle @hass {
                reverse_proxy home-assistant:8123
        }
}

I believe it’s cat /sys/class/drm/card0/device/pp_power_profile_mode.

There’s also the power_dpm_force_performance_level.

I agree with this. I understand that the majority of users also don’t read release notes and some don’t even install add-ons, with this being enabled by default this would provide them with a more anonymous ad experience.

As a small homelabber I agree with this. I started with a baremetal and using Docker, and switched to Proxmox, and now over to Incus, actually currently I am using Debian with cockpit + cockpit-machines. I do like Incus, I keep hopping back and forth between cockpit, I need to settle on one.

Yeah, Debian has older firmware found in the firmware-amd-graphics package which doesn’t include the firmware. You’ll need to download it from https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/ I believe anything from linux-firmware-20231030 and newer should work.

20231030 tag: https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tree/amdgpu?h=20231030 or newest(20240410) tag: https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tree/amdgpu?h=20240410

These files need to be placed in /lib/firmware/amdgpu/

It’s a relatively low performance hit and it benefits me when having to replace a failing/old disk. I can just toss the drive without having to erase the data first, that is as long as the key is a secure length.

Quickly skimming the readme, it states:

• OAuth token spoofing: To circumvent rate limits imposed by Reddit, OAuth token spoofing is used to mimick the most common iOS and Android clients. While spoofing both iOS and Android clients was explored, only the Android client was chosen due to content restrictions when using an anonymous iOS client.
• Token refreshing: The authentication token is refreshed every 24 hours, emulating the behavior of the official Android app.
• HTTP header mimicking: Efforts are made to send along as many of the official app’s headers as possible to reduce the likelihood of Reddit’s crackdown on Redlib’s requests.

Quad9 doesn’t report it as being blocked. https://quad9.net/result?url=catbox.moe

You can block instances. Go to settings, blocks, in block instance section search for the instance that you want to block.

It is very useful! It’s also slightly customizable in that you can have it not save duplicate commands.

More information can be found on the Arch Wiki or the man page

grass is on the AUR… https://aur.archlinux.org/packages/grass

~53 W

• Server:

  • AMD Ryzen 5 5600G
  • 4x16 GB DDR4 3200 Mhz
  • 256 GB NVMe as boot-disk
  • 2x256 GB Samsung SSDs for VMs
  • 2x2 TB WD Red Plus HDDs

• Mini PC: Beelink S12 N95

  • 16 GB DDR4
  • 256 GB NVMe

• 8 port unmanaged TP Link switch

I would like to expand my storage, however I don’t have any available SATA ports and I believe adding an HBA would increase the idle draw about 8 W. I might just upgrade the SSDs and split the storage between the HDDs and SSDs.

I recently switched from Proxmox to Debian Bookworm with Incus(LXD fork) as my primary setup, it’s been a pleasant experience. I also like the idea of using something like Cockpit to manage VMs though haven’t come to a need yet for a VM over a container. I’ll also point out that Incus can handle VMs as well.

Stéphane Graber, Project leader of Linux Containers is also on the fediverse and responds to questions often.

That’s a good recommendation, thanks!

There’s even an RSS feed for that page: https://openwrt.org/feed.php?mode=list&ns=advisory

You’re welcome! Also thanks for asking this question, I hadn’t seen ShotShare before, it looks useful.

No, since you are using the bind mount, you do not need to use the volume.

I just did another test.

You should be able to create the directories manually. I cheated by simply cloning the repo and copying them to the bind mount location like so. You can use the bind mount method like you wanted.

git clone https://github.com/mdshack/shotshare
cp -r shotshare/storage/* /srv/dev-disk-by-uuid-7fe66601-5ca0-4c09-bc13-a015025fe53a/Files/Shotshare/shotshare_data/
chown 82:82 -R /srv/dev-disk-by-uuid-7fe66601-5ca0-4c09-bc13-a015025fe53a/Files/Shotshare/shotshare_data

It will be stored in /var/lib/docker/volumes, you can find the exact location by inspecting the volume. Use docker volume ls to list the volumes, and do docker volume inspect replacing with the one from the list. Look for “Mountpoint”, that is the exact location. You could try copying that to bind mount location, though I can’t be sure if it will continue to work.

This appears to be the exact same problem as https://github.com/mdshack/shotshare/issues/31

For testing I just spun up a VM with Docker, I tried the same compose file as you. I found I had to use the volume instead of a bind mount for /app/storage.

This compose file should work.

version: "3.3"
services:
  shotshare:
    ports:
      - 2000:80
    environment:
      - HOST=:80
      - ALLOW_REGISTRATION=false
    volumes:
      - shotshare_data:/app/storage
      - /srv/dev-disk-by-uuid-7fe66601-5ca0-4c09-bc13-a015025fe53a/Files/Shotshare/database.sqlite:/app/database/database.sqlite
      - /srv/dev-disk-by-uuid-7fe66601-5ca0-4c09-bc13-a015025fe53a/Files/Shotshare/.env:/app/.env
    restart: unless-stopped
    container_name: shotshare
    image: mdshack/shotshare:latest
volumes:
    shotshare_data:
networks: {}

That error message says it the permissions of the /home/user/Documents/Docker/LinguaCafe/logs directory. You can try changing it full r/w temporarily to test.