whysofurious

joined 2 months ago
[–] whysofurious@lemmy.dbzer0.com 2 points 1 week ago (1 children)

Thanks for the thorough reply! I didn't know about Inav, but it looks very interesting. I agree on the Grafana stack, it's not something I really need now, and if I have to inspect single containers I can go for something like Dozzle.

About crowdsec free plan, looking at the pricing page, I see that the community plan has unlimited remediation components and 3 blocklist + unlimited scenarios, or am I looking in the wrong place? (honestly that page is pretty confusing)

Thanks for the input, yes I was mostly thinking about hedgedoc, that doesn't have parsers or anything. I need to delve more into crowdsec logic and rules before trying to do my own thing, for sure. Thanks a lot tough, I followed your advice and I got Crowdsec working on both Authentik and Forgejo :)

[–] whysofurious@lemmy.dbzer0.com 2 points 1 week ago (2 children)

Thanks for the answer :) make sense, I will go through with the plugins for the services I have exposed, although not all of them have crowdsec collections.

 

Hi all!

I'll try to be quick but I apologise first as I am pretty new to security stuff and my questions might be obvious to the more experts.

I have a VPS (hetzner) set up with docker, caddy for the reverse proxy, and authentik as the only login method for a couple of services (hedgedoc and forgejo). Since most of these has to be available and accessible on the internet, I also setup crowdsec and built caddy with the relevant bouncer. This allows crowdsec to inspect the caddy logs for all the services I am serving through it and act accordingly. Edit: all the services are in docker containers.

So far, so good. However, I also saw that crowdsec can directly monitor container logs with the docker integration or through container labels. Also, I saw a couple of collections on crowdsec hub specifically for Authentik and Gitea.

I feel I am missing something so my question are:

  1. Would it be useful to monitor container logs given my setup or would it be redundant?
  2. Should I add the app-specific collections, or would docker logs monitoring be enough?

My current crowdsec collections


  • crowdsecurity/linux
  • crowdsecurity/appsec-generic-rules
  • crowdsecurity/caddy
  • crowdsecurity/whitelist-good-actors
  • crowdsecurity/http-cve
  • crowdsecurity/iptables

Edit: bonus question, does someone know if the Gitea collection would be useful for Forgejo after it being a hard-fork now?

I agree with LibreCalc and CSV, in some internationalclasses we always had issues with excel saving CSV in actually different formats depending on the machine locale. LibreCalc never had this problem.

[–] whysofurious@lemmy.dbzer0.com 2 points 2 months ago

Same, every time I read avatar I'm super hyped about some last airbender stuff, and then....

[–] whysofurious@lemmy.dbzer0.com 1 points 2 months ago

In the city I am currently living some independent movie theaters are showing 4k versions of more or less old movies (recently Le Haine, Captain Harlock, Paprika), most of them in original language with subtitles and I am having a blast. I am happily going back to movie theaters and I whish they'd do it more often (also supporting local businesses is a plus).

[–] whysofurious@lemmy.dbzer0.com 5 points 2 months ago

Same process here, started with yunojost and now using docker directly. Still Yunohost got me into self-hosting when I didn't know anything about it, definitely recommended for starting out.

[–] whysofurious@lemmy.dbzer0.com 3 points 2 months ago

Had identical experience, went with immich and never looked back

[–] whysofurious@lemmy.dbzer0.com 7 points 2 months ago (1 children)

Family or rally any retired person who doesn't understand that you are working and trying to survive in this fucked-up word, and get upset when you can't take days off whenever they please, trying to guilty-trapping you or just being condescending about you being busy.

[–] whysofurious@lemmy.dbzer0.com 1 points 2 months ago* (last edited 2 months ago)

I still remember years ago one time windows fucked itself and god knows why I couldn't fix it even with USB recovery or stuff like that (long time ago, I don't remember).

Since I couldn't boot into recovery mode the easiest way to backup my stuff to a connected external drive was "open notepad from the command line -> use the GUI send to.. command to send the files to the external drive -> wait and profit" lol.

[–] whysofurious@lemmy.dbzer0.com 70 points 2 months ago* (last edited 2 months ago) (2 children)

As an academic, yes, please pirate stuff.

Fuck parasites publishers that make profit on our unpaid job and gatekeep knowledge.

A nice read about publishers profits: Against Parasite Publishers: Making Journals Free or if someone prefer the newspaper format

[–] whysofurious@lemmy.dbzer0.com 2 points 2 months ago

Yep this is what I meant, thanks for saying it in a proper way :)

view more: next ›