Fail2ban is a Free/Open-Source program to parse logs and take action based on the content of these logs. The most common use case is to detect authentication failures in logs and issue a firewall level ban based on that. It uses regex filters to parse the logs and policies called jails to determine which action to take (wait for more failures, run command xyz…). It’s old, basic, customizable, does its job.

crowdsec is a commercial service [1] with a free offering, and some Free/Open-Source components. The architecture is quite different [2], it connects to Crowdec’s (the company) servers to crowd-source detections, their service establishes a “threat score” for each IP based on detections they receive, and in exchange they provide [3] some of these threat feeds/blocklists back to their users. A separate crowdsec-bouncer process takes action based on your configuration.

If you want to build your own private shared/global blocklist based on crowdsec detections, you’ll need to setup a crowdsec API server and configure all your crowdsec instances to use it. If you want to do this with fail2ban you’ll need to setup your own sync mechanism (there are multiple options, I use a cron job+script that pulls IPs from all fail2ban instances using fail2ban-client status, builds an ipset, and pushes it to all my servers). If you need crowdsourced blocklists, there are multiple free options ([4] can be used directly by ipset).

Both can be used for roughly the same purpose, but are very different in how they work and the commercial model (or lack of) behind the scenes.

Fail2ban unless you need the features that crowdsec provides. They are different tools with different purposes and different features.

There is a pinned post for this https://lemmy.world/post/60585

RTFM https://join-lemmy.org/docs/administration/administration.html

• step 1: use named volumes
• step 2: stop your containers or just wait for them to crash/stop unnoticed for some reason
• step 3: run docker system prune --all as one should do periodically to clean up the garbage docker leaves on your system. Lose all your data (this will delete even named volumes if they are not in use by a running container)
• step 4: never use named or anonymous volumes again, use bind mounts

The fact that you absolutely need to run docker system prune --all regularly to get rid of GBs of unused layers, test containers, etc, combined with the fact that it deletes explicitely named volumes makes them too unsafe for my taste. Just use bind mounts.

• How should I do backups? - Lemmy.World
• What backup service do you use? - Lemmy.world
• What are your backup solutions? - Lemmy.world
• How do you guys back up your server? - Lemmy.world
• How do you backup things to your server? - Lemmy.world
• How to store backups? - Lemmy.world
• How do you backup your data? - Lemmy.world
• Need help with a backup solution - Lemmy.World

https://goaccess.io/

https://lemmy.world/comment/10776389

I do this with https://www.sphinx-doc.org/ + a basic Makefile and config file to make it a bit nicer. I will publish my template a bit later and report back.

I wrote this ansible role to setup dovecot IMAP server. Once a year I move all mail from the previous year from various mailboxes to my dovecot server (using thunderbird).

I use the Netdata agent (with cloud features disabled). Easy installation, FOSS, 0 configuration required, tons of metrics.

I wrote my own ansible role to deploy/maintain a matrix server and a few goodies (element/synapse-admin). If you’re not using ansible you should still be able to understand the deployment logic by starting at tasks/main.yml and following includes/tasks from there.

host maps

It does require a beefy server (rendering tiles is CPU/RAM-intensive, storing pre-rendered tiles is expensive on storage) It should be doable on limited hardware if only a small area.

I think the better move would be keeping/distributing a local copy of the OsmAnd android APK and a few maps for the app. Because you’ll not be able to provide map access to people from your server if the Internet/local fiber/phone network is down - this way everyone can have their own full copy of the map.

I’m not sure about the method to extract map data from the app storage directory though.

Just download a copy of a recent wikipedia dump. You can open it in the Kiwix desktop application (work fine even on an old laptop), the android app (though I’ve never tried opening a full 100GB dump with a phone, not sure if it would work well), or install the kiwix-tool package and serve the .zim file with kiwix-serve (https://wiki.kiwix.org/wiki/Kiwix-serve). You’d also probably want a reverse proxy/usual basic web server/security setup around that.

Second this, always have a device preloaded with Kiwix and one of the wikipedia dumps. A new vesrion is uploaded every few (~6 months). The full English wikipedia dump with images (low-res versions only though) is only 103GB.

libvirt/virt-manager is a nice VM management tool.

Their cheap 1-6€/month VPS offers are actually fine. Not much to say about it, it just works.

https://awesome-selfhosted.net/ is hosted on a Ionos VPS.

• ansible playbook for automated/self-documenting setup
• for one-off bugs or ongoing/long-term problems, open an issue on my gitea instnce and track the investigations and solutions there.

allows my mail clients to connect via IMAP to view and search emails

dovecot will be able to handle this part. This is what I use as a mail archive (once a year, archive all mail from the previous year from various mailboxes to my self-hosted dovecot instance). I wrote this ansible role for it.

downloads new emails via IMAP

As others recommended, imapsync should be able to handle that part.

docker solution

These tools are simple enough to install and manage (one package, one config file), Docker is not needed. If you really need it to fit into your docker-based setup, build and maintain your own images.

What’s your existing setup? For such a simple task, check if any of the tools you use currently can be adapted (simple text files on a web server? File sharing like Nextcloud and text files? Pastebin-like? Wiki? …). Otherwise a simple Shaarli instance could do the trick (just post “notes” aka. bookmarks without an URL). I use this theme to make it nicer. Or maybe a static site generator/blog.