Everything posted by local.bin
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
It should point to the IP address of the visitor.
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Thanks for this, although I'd understood letsencrypt fail2ban would stop all abusive IP's at source itself without then having to forward them to the server beyond the proxy? Does forwarding the real IP mean that the letsencrypt fail2ban could not do its work and that would then be left to the destination server to block?
-
[Support] Linuxserver.io - Nextcloud
Thats a fair point and not one that I have really tested, as I only really use it for plex when away, so usually have it plugged in on some local wifi. True enough and who knows if nextcloud has a backdoor, as its all getting a bit silly at the moment with security. I use encfs for my private files which get synced to nextcloud, but I may try putting it though openvpn. My issue with openvpn is the bandwidth it can provide to stream a movie, with my current router, but nextcloud likely would not have heavy bandwidth requirements, depending on what you intend using it for I guess. I use this android openvpn client -> https://play.google.com/store/apps/details?id=it.colucciweb.openvpn I find it works very well and has a responsive dev.
-
[Support] Linuxserver.io - Nextcloud
Some android clients allow connection when required, so when an IP is being requested on your internal network it automatically connects the VPN and drops on app closure. I went through the same thought process as you, but needed a website up, so port 443 was going to be open anyway. With letsencrypt and https the risks are reduced, but certainly understand your thought process.
-
[Support] Linuxserver.io - Nextcloud
Same here what about your ssl rating? They're not bullet proof of course, these tests, but help to get things setup right.
-
[Support] Data-Monkey - netdata
Can't seem to get the update method to work; edit and apply but nothing gets downloaded, when netdata still says there is an update? Does the container get updated automatically when there is an update available? Thanks in advance
-
[Support] Linuxserver.io - Nextcloud
For your information nextcloud have created a nice new security checker to check the security on your nextcloud server. Nice tool -> https://scan.nextcloud.com/
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Can anyone help me answer a question please. If I want to harden php7 specifically running on an nginx docker running behind this docker reverse proxy style, should I be adding hardening to the php7 on this docker or the target docker, or both? I am assuming the target docker but have not fully convinced myself Same goes for the nginx config for that reverse proxied application, do I add php7 restrictions to its vhost nginx config on this docker? Thank in advance
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Did anyone manage to get emails out for fail2ban working at all. Posted in the other letsencrypt request thread by mistake. Thanks
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Thats great, thanks and what a saving, 176M to 46M I hope to get piwik going on it today, so thanks for the base to try and mess up Edit: Piwik running lovely with letsencrypt docker too, thanks
-
[Support] Linuxserver.io - Nextcloud
I tried to update yesterday and it got to the point of deleting the old version and stopped while leaving me just the web page of 'system updating' webpage. Left it for a good while with no progress. Had to pick up the manual copy of the config and download the new version to recover the situation. Running 11.0.2 fine now.
-
[Support] Linuxserver.io - Nextcloud
Its in the first post
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Apologies aptalca with my delayed response; I had to get my website going again asap for something else, so got delayed. I also deleted the piwik setup from the letsencrypt container as I was unclear if it could be accessed externally with nothing setup yet, so deleted it, so I cannot quickly test adding iconv back in. I did try adding it myself at the time but forgot you had updated to php7 so tried to add the wrong file, which was not found. Also, I am not clear whether adding piwik directly to this container with my reverse proxy would be the best setup, or whether I should use your nginx container to host piwik in a similar way to how you have done nextcloud. To add further complication I see your nginx container is ubuntu and not alpine (which I love) so was thinking again at the best approach to take. Ideally you would create a piwik container like nextcloud using your existing nginx containers but I know you have enough to do already!
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
I am having the same problem and my hair has gone I've been pulling it out so much! Did this redirect work and how does it look in your config if you don't mind sharing Thanks in advance
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Hi there I am trying to install piwix analytics to my nginx webserver using your docker, but am missing iconv support. I don't suppose it would be possible to add the --with-iconv option into your build scripts for php, if that is how it works Please ...
-
[Support] Linuxserver.io - Nextcloud
I wondered if anyone had successfully converted a sqlite to a mariadb? I have nextcloud setup nicely but used sqlite to try it and I have now setup the linuxserver.io mariadb db following the chbmb guide. When I use the command to convert db's it wont connect to the mariadb db for some reason? Anyone tried this at all? sudo -u abc php occ db:convert-type --port 3305 --password="password" --clear-schema --all-apps mysql root 192.168.1.99 nextcloud
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Exec into the container and use fail2ban-client to unban Great, thanks
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
for me? No error message just times out but doesn't give a 404 or anything.
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Been all morning trying to figure out why I cannot access my website after a memory stick crash and rebuild. I have a backup of the configs and reinstated them but could not connect. I just thought of trying to connect via my mobile 4g and it connected first time. Is there any way I could have banned myself with fail2ban or the like, as to the reason me not being able to access my site from my own broadband connection? Thanks in advance Edit: Just tried via a vpn and connected straight away too, so it seems I have banned myself? How do I go about unbanning myself
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Oops, got it, thanks
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
I have enabled http2 on my server as well as removing tls1.0 as I have read it is not seen as secure while also trying to create a strong dh pem named dhparams-4096.pem I changed my default file to point to the new file, but noted in the log that a new dhparams was created using the lesser 2048 on restart. Is there a place to edit the dh file that gets created that I can edit to get 4096? Thanks in advance
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Ok thanks. I obviously need some more reading to understand what I am doing here; but thanks for the pointers
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Ok thanks. Am I ok copying the default file and editing as sojo just for the reverse proxy part?
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Going back to basics, can I create a separate sub-domain, such as 'sojo' or 'cms', so cms.domain.co.uk and use that as my entrance to my sojo https page? by adding 'cms' to the subdomains config for the docker -> www,cms ? I presume I add that sub domain to my dns setup for my domain, so that it points to the the same ip address as the www address? Then I setup 'site-confs/default' for my reverse proxy Thanks in advance
-
[Support] Linuxserver.io - SWAG - Secure Web Application Gateway (Nginx/PHP/Certbot/Fail2ban)
Yes, thanks for that Edit: is this a reverse proxy setup for nginx, so I could point another docker to this instance of nginx and use an email sub domain to access it? have i undersood that correctly? I had seen that while googling for links between the two, but I am struggling to find any packages within alpine linux, which the docker image is built from, to be able to attempt an install. Edit: Ok found this https://github.com/JensErat/docker-sogo/issues/5 so it seems not possible. Will need to google a bit more to see if I can use this docker or need to duplicate. Cheers