iodine0320

joined 1 year ago
sorted by: new top controversial old
Users of PiHole/AdGuard/Blocky, what blocklists are you using? in c/selfhosted@lemmy.world
[–] iodine0320@lemmy.world 6 points 11 months ago* (last edited 11 months ago)

I've been quite happy after recently switching to Hagezi https://github.com/hagezi/dns-blocklists

FYI: OPNsense now has pretty (good) Unbound DNS reporting in c/selfhosted@lemmy.world
[–] iodine0320@lemmy.world 5 points 11 months ago

Alot of useful info in this guide if your new to OPNsense.

50
FYI: OPNsense now has pretty (good) Unbound DNS reporting (docs.opnsense.org)
submitted 11 months ago* (last edited 11 months ago) by iodine0320@lemmy.world to c/selfhosted@lemmy.world
20 comments fedilink
 

Today I decided I would create some way of visualizing my unbound DNS requests/blocks on OPNsense. Adguard does a good job at this but I have issue with added third party repos and plugins, especially at the router level.

Anyway...since the last time I've dug into this OPNsense has built in Unbound DNS reporting (since 23.1) and it's amazing! Arguably just as good as Pihole or Adguard. Graphs, lists of top blocked and allowed domains, query logs, quick buttons to block or whitelist next to each domain. I'm impressed.

Not sure if this is the right community, but just wanted to share if some of you weren't aware of this option.

SHARE WITH THE CLASS: What aliases are you using? in c/linux@lemmy.ml
Certificate management in c/selfhosted@lemmy.world
[–] iodine0320@lemmy.world 3 points 1 year ago (1 children)

If your running behind OPN/PFsense I've found the easiest solution for internal only SSL is to use the router to create the certificate chains. Yes you'll have to import 1 CA cert on each end user device but only the one then you can crank out internal certs without and https warnings or domain constraints/challenges.

Alpine LXCs in Proxmox in c/selfhosted@lemmy.world
[–] iodine0320@lemmy.world 3 points 1 year ago

I've had relatively good luck with docker in containers but eventually decided to run docker in VMs as I only semi trust most docker apps and like the added security I get from having it in a full VM in full isolation. Some of the workarounds for docker in LXCs are far from security best practices.

Alpine LXCs in Proxmox in c/selfhosted@lemmy.world
[–] iodine0320@lemmy.world 1 points 1 year ago* (last edited 1 year ago)

Yes, Alpine maintains Nextcloud in their repos. I mount my NFS share to the Proxmox host (you can mount using the gui and set it to any form of storage you want) then bind mount the share folder to the LXC. I moved from docker in a VM to this LXC with no disruption to my data.

Alpine LXCs in Proxmox in c/selfhosted@lemmy.world
[–] iodine0320@lemmy.world 2 points 1 year ago

Alpine packages services like Gitea and Nextcloud which Debian does not. This makes keeping up to date alot simpler for myself but that's personal preference.

61
Alpine LXCs in Proxmox (lemmy.world)
 

I recently moved Nextcloud and Gitea from Containers on a Debian VM to Alpine LXCs running Alpine's packages. I've never had Nextcloud's web interface so snappy and my resource usage for both is next to 0. If you're running Proxmox I'd highly recommend trying out Alpine LXCs if they package your services.