2·
1 month agoYeah that sounds about right.
- 0 Posts
- 32 Comments
Joined 1 year ago
Cake day: June 15th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
There’s no way you need to somehow eat more to lose weight. Are you sure you’re counting your calories correctly? Using an app? Tracking everything, especially drinks like sodas and alcohol?
2·2 months agoUse a Chromium browser to inspect the cert.
If anyone knows how to get Firefox to show a bad cert before loading the page, I’d love to know.
Assuming you’re the one adding HSTS, you’ll have to inspect the cert and/or view the content that is getting returned. On desktop Chromium you can type “thisisunsafe” to load a page even with HSTS. Not sure how to do it on mobile FF.
Would seem weird for it to be intercepting your domain’s traffic but not the rest of the internet.
Edit: just noticed you’re not even loading an SSL page. Are you using https in the URL?
If you’re sure you’ve got a DNS entry for the Pihole FQDN pointing at Traefik, open the dev panel in your browser (F12), switch it to the Network tab, and visit the pihole URL.
See if you get anything back and especially take note of the HTTP status codes.
Can you see the router and service in the Traefik dashboard and do they show any errors there?
I think you’re close.
You need to change
service: pihole-rtrtoservice: pihole-svc.Do I have to redefine all of the same information I did in my Traefik yml but in this separate config.yml?
No, you just need to reference it like you have. Define once, reference many.
No worries for the question. It’s not terribly intuitive.
The configs live on the Traefik server. In my static traefik.yml config I have the following providers section, which adds the
fileprovider in addition to thedockerprovider which you likely already have:providers: docker: endpoint: "unix:///var/run/docker.sock" exposedByDefault: false file: directory: /config watch: trueAnd in the /config folder mapped into the Traefik container I have several files for services external to docker. You can combine them or keep them separate since the
watch: truesetting tells it to read in all files (and it’s near instant when you create them, no need to restart Traefik).Here is my homeassistant.yml in that folder (I have a separate VM running HASS outside of Docker/Traefik):
http: routers: homeassistant-rtr: entryPoints: - https service: homeassistant-svc rule: "Host(`home.example.com`)" tls: certResolver: examplecom-dns services: homeassistant-svc: loadBalancer: servers: - url: "http://hass1.internal.local:8123"Hope this helps!
I use the Traefik file provider for this.
https://doc.traefik.io/traefik/providers/file/
It picks up all my .yml configs in the watched folder which define the routers and services external to Docker.
I know plenty account SNI already, but thanks. You might want to study more yourself, since we’re being condescending.
So now your ISP sees all of your queries instead of CF. (Assuming the cloudflared option is using DoH)
I’ll trust Cloudflare over Comcast/AT&T/etc. any day of the week.
I believe you. I’m just saying their non-firewalls (i.e., switches and APs) don’t have that limitation.
My firewall is a Fortigate 60F.
I would never use their firewalls/gateways, but their switches are pretty good for the price and their APs are decent (although tbh after 3 generations my next AP will likely be an enterprise Aruba).
That said, I still use Unifi in docker, everything is up to date, and nothing is requiring a sign-in to the cloud. Am I missing something? If it’s just the firewalls, then I’m not surprised since I’ve never been remotely tempted to use them, but it sure isn’t all of their devices.
FYI, making you the product is only a tiny part of their stated reasoning:
Most likely it was a password stuffing attack. If they used the same password on multiple sites, there is a good chance one of those other sites was compromised and the attackers took the compromised credentials and tried them on other sites like Instagram. It could have been something more advanced like a stolen cookie, but usually the simplest explanation is most likely.
Always use a different password for each service, enable MFA where possible, and use a password vault like Bitwarden.
112·4 months agoThis feels like an X-Y Problem.
While private prisons are abhorrent and unconscionable, they aren’t even close to the root cause of our prison problem. Hint: it’s systemic racism and our militarized police culture.
https://www.sentencingproject.org/reports/private-prisons-in-the-united-states/
Louisiana, the #1 on the list supposedly had 0 private prison inmates in 2021. Blaming private prisons at this point almost feels like deflecting from the real issues.