Lanie Carmelo

@ RareBird15 @caneandable.social

Posts

7
Comments

14
Joined

2 yr. ago

#Christian woman. #Aroace. Totally #blind and #autistic with multiple #chronicIllnesses. #UsabilityTester, aspiring #AccessibilityConsultant. #Disabilityrights advocate. Interests: #technology, #reading, #gaming, #food, #OpenSource. Human to Squeaker (MinPin). Creating a nonprofit for multiply disabledpeople.#tfr, [#Fedi22](https://caneandable.social/

Self Hosted - Self-hosting your services. @lemmy.ml
Lanie Carmelo @caneandable.social
1y ago

🌟 Self-Hosting Journey Update! 🌟

0
Selfhosted @lemmy.world
Lanie Carmelo @caneandable.social
1y ago

Help Needed: Homepage Configuration – Missing Widgets & API Errors

0
Self Hosted - Self-hosting your services. @lemmy.ml
Lanie Carmelo @caneandable.social
1y ago

I'm new to self-hosting and struggling to get my services accessible externally. I'm using Traefik as a reverse proxy on a Raspberry Pi 500 running Stormux (Arch Linux ARM-based). My public IP

0
1y ago

Hi #SelfHosted community. I've figured out a lot of my setup. I now have a new domain, laniesplace.us, just for #HomeServer stuff. It's set up through Porkbun with Dynu for #DDNS. I've now got
Jump

Lanie Carmelo @caneandable.social 1y ago

@selfhost @selfhosting @selfhosted @linux Authelia configuration.yml:

    
theme: light

server:  
 address: 0.0.0.0:9091

log:  
 level: debug  
 format: text  
 file\_path: /var/log/authelia/authelia.log

totp:  
 issuer: laniesplace.us  
 period: 30  
 skew: 1

authentication\_backend:  
 file:  
 path: /config/users\_database.yml  
 password:  
 algorithm: argon2id  
 iterations: 3  
 memory: 65536  
 parallelism: 4  
 salt\_length: 16  
 key\_length: 32

access\_control:  
 default\_policy: deny  
 rules:  
 \# Public Access  
 \- domain:   
 \- "pihole.laniesplace.us"  
 \- "homer.laniesplace.us"  
 policy: bypass

 \# High Security (Two Factor)  
 \- domain:   
 \- "portainer.laniesplace.us"  
 \- "netdata.laniesplace.us"  
 \- "cockpit.laniesplace.us"  
 \- "glances.laniesplace.us"  
 \- "code.laniesplace.us"  
 policy: two\_factor  
 subject:  
 \- "group:admins"

 \# Medium Security (One Factor Admin)  
 \- domain:  
 \- "forgejo.laniesplace.us"  
 \- "files.laniesplace.us"  
 \- "uptime.laniesplace.us"  
 policy: one\_factor  
 subject:  
 \- "group:admins"

 \# Standard Auth (One Factor)  
 \- domain:  
 \- "thelounge.laniesplace.us"  
 \- "miniflux.laniesplace.us"  
 \- "linkding.laniesplace.us"  
 \- "wiki.laniesplace.us"  
 policy: one\_factor

 \# Catch-all rule  
 \- domain: "\*.laniesplace.us"  
 policy: one\_factor

session:  
 name: authelia\_session  
 domain: laniesplace.us  
 same\_site: lax  
 expiration: 3600  
 inactivity: 300  
 remember\_me: 1M

regulation:  
 max\_retries: 3  
 find\_time: 120  
 ban\_time: 300

storage:  
 local:  
 path: /config/db.sqlite3

notifier:  
 disable\_startup\_check: false  
 smtp:  
 address: submission://smtp.gmail.com:587  
 username: laniegcarmelo@gmail.com  
 password: rcig lqpk cbsg aqcm  
 sender: "Authelia \<laniegcarmelo@gmail.com\>"  
 identifier: auth.laniesplace.us  
 subject: "[Authelia] {title}"  
 startup\_check\_address: laniegcarmelo@gmail.com  
 timeout: 5s

identity\_validation:  
 reset\_password:  
 jwt\_secret: ${AUTHELIA\_JWT\_SECRET\_FILE}

1y ago

Hi #SelfHosted community. I've figured out a lot of my setup. I now have a new domain, laniesplace.us, just for #HomeServer stuff. It's set up through Porkbun with Dynu for #DDNS. I've now got

Jump

Lanie Carmelo @caneandable.social 1y ago

@selfhost @selfhosting @selfhosted @linux Authelia docker-compose.yml:

    
services:  
 authelia:  
 image: authelia/authelia:latest  
 container\_name: authelia  
 volumes:  
 \- ./config:/config  
 \- ./logs:/var/log/authelia  
 networks:  
 \- web  
 \- authelia\_internal  
 environment:  
 \- TZ=America/Chicago  
 \- AUTHELIA\_JWT\_SECRET\_FILE=/config/secrets/jwt\_secret  
 \- AUTHELIA\_SESSION\_SECRET\_FILE=/config/secrets/session\_secret  
 \- AUTHELIA\_STORAGE\_ENCRYPTION\_KEY\_FILE=/config/secrets/storage\_encryption\_key  
 labels:  
 \- "traefik.enable=true"  
 \- "traefik.http.routers.authelia.rule=Host(`auth.laniesplace.us`)"  
 \- "traefik.http.routers.authelia.entrypoints=websecure"  
 \- "traefik.http.routers.authelia.tls.certresolver=le"  
 \- "traefik.http.middlewares.authelia.forwardauth.authRequestHeaders=X-Forwarded-Proto,X-Forwarded-Host"  
 \- "traefik.http.middlewares.authelia-basic.forwardauth.authResponseHeaders=Remote-User,Remote-Name,Remote-Email"  
 \- "traefik.http.middlewares.authelia.forwardauth.tls.insecureSkipVerify=true"  
 \- "traefik.http.services.authelia.loadbalancer.server.port=9091"  
 \- "traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9091/api/verify?rd=%5Bhttps%3A%2F%2Fauth.laniesplace.us%5D%28https%3A%2F%2Fauth.laniesplace.us%29"  
 \- "traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true"  
 \- "traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email"

 restart: unless-stopped  
 security\_opt:  
 \- no-new-privileges:true  
 depends\_on:  
 \- redis  
 healthcheck:  
 test: ["CMD", "wget", "--no-check-certificate", "--quiet", "--tries=1", "--spider", "http://localhost:9091/api/health"]  
 interval: 30s  
 timeout: 10s  
 retries: 3  
 start\_period: 60s

 redis:  
 image: redis:alpine  
 container\_name: authelia\_redis  
 networks:  
 \- authelia\_internal  
 restart: unless-stopped  
 volumes:  
 \- ./redis:/data  
 command: redis-server --save 60 1 --loglevel warning  
 healthcheck:  
 test: ["CMD", "redis-cli", "ping"]  
 interval: 30s  
 timeout: 10s  
 retries: 3  
 security\_opt:  
 \- no-new-privileges:true

networks:  
 web:  
 external: true  
 authelia\_internal:  
 internal: true

http: services: \# Docker Services homer: loadBalancer: servers: \- url: "http://homer:8080/" glances: loadBalancer: servers: \- url: "http://glances:61208/" uptime-kuma: loadBalancer: servers: \- url: "http://uptime-kuma:3001/" miniflux: loadBalancer: servers: \- url: "http://miniflux:8080/" pihole: loadBalancer: servers: \- url: "http://pihole:8088/" portainer: loadBalancer: servers: \- url: "http://portainer:9000/" linkding: loadBalancer: servers: \- url: "http://linkding:9090/" \# Non-Docker Services filebrowser: loadBalancer: servers: \- url: "http://127.0.0.1:8085/" netdata: loadBalancer: servers: \- url: "http://127.0.0.1:19999/" forgejo: loadBalancer: servers: \- url: "http://127.0.0.1:3000/" dokuwiki: loadBalancer: servers: \- url: "http://127.0.0.1:81/" cockpit: loadBalancer: servers: \- url: "http://127.0.0.1:9090/"

http: routers: dashboard: rule: "Host(`traefik.laniesplace.us`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))" service: api@internal entryPoints: \- websecure tls: certResolver: le middlewares: \- dashboard-auth homer: rule: "Host(`laniesplace.us`)" service: homer entryPoints: \- websecure tls: certResolver: le middlewares: \- authelia@docker headers: customRequestHeaders: X-Forwarded-Proto: "https" X-Forwarded-Host: "laniesplace.us" X-Forwarded-Uri: "/" X-Forwarded-For: "true" glances: rule: "Host(`glances.laniesplace.us`)" service: glances entryPoints: \- websecure tls: certResolver: le middlewares: \- authelia@docker headers: customRequestHeaders: X-Forwarded-Proto: "https" X-Forwarded-Host: "glances.laniesplace.us" X-Forwarded-Uri: "/" X-Forwarded-For: "true" uptime-kuma: rule: "Host(`uptime.laniesplace.us`)" service: uptime-kuma entryPoints: \- websecure tls: certResolver: le middlewares: \- authelia@docker headers: customRequestHeaders: X-Forwarded-Proto: "https" X-Forwarded-Host: "uptime.laniesplace.us" X-Forwarded-Uri: "/" X-Forwarded-For: "true" miniflux: rule: "Host(`rss.laniesplace.us`)" service: miniflux entryPoints: \- websecure tls: certResolver: le middlewares: \- authelia@docker headers: customRequestHeaders: X-Forwarded-Proto: "https" X-Forwarded-Host: "rss.laniesplace.us" X-Forwarded-Uri: "/" X-Forwarded-For: "true" pihole: rule: "Host(`pihole.laniesplace.us`)" service: pihole entryPoints: \- websecure tls: certResolver: le middlewares: \- authelia@docker \- pihole-redirect headers: customRequestHeaders: X-Forwarded-Proto: "https" X-Forwarded-Host: "pihole.laniesplace.us" X-Forwarded-Uri: "/" X-Forwarded-For: "true" portainer: rule: "Host(`portainer.laniesplace.us`)" service: portainer entryPoints: \- websecure tls: certResolver: le middlewares: \- authelia@docker headers: customRequestHeaders: X-Forwarded-Proto: "https" X-Forwarded-Host: "portainer.laniesplace.us" X-Forwarded-Uri: "/" X-Forwarded-For: "true" linkding: rule: "Host(`bookmarks.laniesplace.us`)" service: linkding entryPoints: \- websecure tls: certResolver: le middlewares: \- authelia@docker headers: customRequestHeaders: X-Forwarded-Proto: "https" X-Forwarded-Host: "bookmarks.laniesplace.us" X-Forwarded-Uri: "/" X-Forwarded-For: "true" Remote-User: "{{ .Request.Headers.Remote-User }}" filebrowser: rule: "Host(`files.laniesplace.us`)" service: filebrowser entryPoints: \- websecure tls: certResolver: le middlewares: \- authelia@docker headers: customRequestHeaders: X-Forwarded-Proto: "https" X-Forwarded-Host: "files.laniesplace.us" X-Forwarded-Uri: "/" X-Forwarded-For: "true" netdata: rule: "Host(`netdata.laniesplace.us`)" service: netdata entryPoints: \- websecure tls: certResolver: le middlewares: \- authelia@docker headers: customRequestHeaders: X-Forwarded-Proto: "https" X-Forwarded-Host: "netdata.laniesplace.us" X-Forwarded-Uri: "/" X-Forwarded-For: "true" forgejo: rule: "Host(`git.laniesplace.us`)" service: forgejo entryPoints: \- websecure tls: certResolver: le middlewares: \- authelia@docker headers: customRequestHeaders: X-Forwarded-Proto: "https" X-Forwarded-Host: "git.laniesplace.us" X-Forwarded-Uri: "/" X-Forwarded-For: "true" dokuwiki: rule: "Host(`wiki.laniesplace.us`)" service: dokuwiki entryPoints: \- websecure tls: certResolver: le middlewares: \- authelia@docker headers: customRequestHeaders: X-Forwarded-Proto: "https" X-Forwarded-Host: "wiki.laniesplace.us" X-Forwarded-Uri: "/" X-Forwarded-For: "true" cockpit: rule: "Host(`cockpit.laniesplace.us`)" service: cockpit entryPoints: \- websecure tls: certResolver: le middlewares: \- authelia@docker headers: customRequestHeaders: X-Forwarded-Proto: "https" X-Forwarded-Host: "cockpit.laniesplace.us" X-Forwarded-Uri: "/" X-Forwarded-For: "true"

global: checkNewVersion: true sendAnonymousUsage: false log: level: DEBUG filePath: /etc/traefik/logs/traefik.log accessLog: filePath: /etc/traefik/logs/access.log entryPoints: web: address: :80 http: redirections: entryPoint: to: websecure scheme: https websecure: address: :443 http: tls: certResolver: le api: dashboard: true insecure: false providers: file: directory: /etc/traefik/dynamic watch: true docker: endpoint: unix:///var/run/docker.sock watch: true exposedByDefault: false network: web certificatesResolvers: le: acme: email: laniegcarmelo@gmail.com storage: /etc/traefik/acme.json tlsChallenge: {}

services: linkding: image: sissbruecker/linkding:latest-plus container\_name: linkding environment: LD\_ENABLE\_AUTH\_PROXY: "true" LD\_AUTH\_PROXY\_HEADER: "Remote-User" LD\_AUTH\_PROXY\_AUTO\_LOGIN: "true" LD\_AUTH\_PROXY\_LOGOUT\_URL: "[https://auth.laniesplace.us/logout](https://auth.laniesplace.us/logout)" volumes: \- linkding\_data:/etc/linkding/data healthcheck: test: ["CMD", "node", "-e", "const http = require('http'); const options = {host: 'localhost', port: 9090, path: '/', timeout: 2000}; const request = http.request(options, (res) =\> { process.exit([200, 302].includes(res.statusCode) ? 0 : 1)}); request.on('error', () =\> process.exit(1)); request.end()"] interval: 30s timeout: 10s retries: 3 networks: \- web labels: \- "traefik.enable=true" \- "traefik.http.routers.linkding.rule=Host(`bookmarks.laniesplace.us`)" \- "traefik.http.routers.linkding.entrypoints=websecure" \- "traefik.http.routers.linkding.tls.certresolver=le" \- "traefik.http.services.linkding.loadbalancer.server.port=9090" \- "traefik.http.routers.linkding.middlewares=authelia@docker" volumes: linkding\_data: networks: web: external: true

Lanie Carmelo

🌟 Self-Hosting Journey Update! 🌟

Help Needed: Homepage Configuration – Missing Widgets & API Errors

I'm new to self-hosting and struggling to get my services accessible externally. I'm using Traefik as a reverse proxy on a Raspberry Pi 500 running Stormux (Arch Linux ARM-based). My public IP

Hi #SelfHosted community. I've figured out a lot of my setup. I now have a new domain, laniesplace.us, just for #HomeServer stuff. It's set up through Porkbun with Dynu for #DDNS. I've now got

Hi #SelfHosted community. I've figured out a lot of my setup. I now have a new domain, laniesplace.us, just for #HomeServer stuff. It's set up through Porkbun with Dynu for #DDNS. I've now got

Hi #SelfHosted community. I've figured out a lot of my setup. I now have a new domain, laniesplace.us, just for #HomeServer stuff. It's set up through Porkbun with Dynu for #DDNS. I've now got

Hi #SelfHosted community. I've figured out a lot of my setup. I now have a new domain, laniesplace.us, just for #HomeServer stuff. It's set up through Porkbun with Dynu for #DDNS. I've now got

Hi #SelfHosted community. I've figured out a lot of my setup. I now have a new domain, laniesplace.us, just for #HomeServer stuff. It's set up through Porkbun with Dynu for #DDNS. I've now got

Hi #SelfHosted community. I've figured out a lot of my setup. I now have a new domain, laniesplace.us, just for #HomeServer stuff. It's set up through Porkbun with Dynu for #DDNS. I've now got

Hi #SelfHosted community. I've figured out a lot of my setup. I now have a new domain, laniesplace.us, just for #HomeServer stuff. It's set up through Porkbun with Dynu for #DDNS. I've now got

Hi #SelfHosted community. I've figured out a lot of my setup. I now have a new domain, laniesplace.us, just for #HomeServer stuff. It's set up through Porkbun with Dynu for #DDNS. I've now got

Hi #SelfHosted community. I've figured out a lot of my setup. I now have a new domain, laniesplace.us, just for #HomeServer stuff. It's set up through Porkbun with Dynu for #DDNS. I've now got

Hi everyone! How are you all doing tonight? I just had a frustrating experience trying to set up a free #domain or #subdomain for my #SelfHosted services. Unfortunately, I can't use my

Hi everyone! How are you all doing tonight? I just had a frustrating experience trying to set up a free #domain or #subdomain for my #SelfHosted services. Unfortunately, I can't use my

Would anyone who knows #Traefik and #YAML or #TOML be willing to help me out? I'm trying to get Traefik set up with my new domain but running into trouble, and I'm not sure what I'm doing wrong. I can

Hi everyone! How are you all doing tonight? I just had a frustrating experience trying to set up a free #domain or #subdomain for my #SelfHosted services. Unfortunately, I can't use my

Hi everyone! How are you all doing tonight? I just had a frustrating experience trying to set up a free #domain or #subdomain for my #SelfHosted services. Unfortunately, I can't use my

Hi everyone! How are you all doing tonight? I just had a frustrating experience trying to set up a free #domain or #subdomain for my #SelfHosted services. Unfortunately, I can't use my

#SelfHosting community, how do you get notifications about your projects?

#SelfHosting community, how do you get notifications about your projects?

#SelfHosting community, how do you get notifications about your projects?