• 4 Posts
  • 37 Comments
Joined 1 year ago
cake
Cake day: June 12th, 2023

help-circle

  • I can recommend some stuff I’ve been using myself :

    • Dolibarr as an ERP + CRM : requires some work to configure initially. As most (if not all) features are disabled by default, it requires enabling them based on what you need. It also has a marketplace with a bunch of modules you can buy
    • Gitea to manage codebases for customer projects. It can also do CI but I’ve not looked into it yet
    • Prometheus and its ecosystem (mostly promtail and grafana) for monitoring and alerting
    • docker mail server : makes it quite easy to self host a full mail server. The guides in their doc made it painless for me to configure dmarc/SPF/other stuff that make e-mail notoriously hard to host
    • Cal.com as a self hostable alternative to calendly
    • Authentik for single sign-on and centralized permission management
    • plausible for lightweight analytics
    • a mix of wireguard, iptables and nginx to basically achieve the same as cloudflare proxying and tunnels

    I design, deploy and maintain such infrastructures for my own customers, so feel free to DM me with more details about your business if you need help with this












  • They told me about hosting their own tile server earlier today. I’m really impressed by how fast they moved !

    A pull request for a privacy page during the onboarding is in the works, and I’ve been working with them to update the settings page and documentation (with the goal of providing an easy way to switch map providers). They are also working on a privacy policy, and want to ship all of this in a few weeks as part of a single release.

    Once again, I’m really impressed with how well they’re handling this


  • never stopped POSTing, even though I configured nginx to always respond 403 to anything from them for about a year now.

    Lol, there are definitely some stubborn user agents out there. I’ve been serving 418 to a bunch of SEO crawlers - with fail2ban configured to drop all packets from their IPs/CIDR ranges after some attemps - for a few months now. They keep coming at the same rate as soon as they get unbanned. I guess they keep sending requests into the void for the whole ban duration.

    Using 418 for undesirable requests instead of a more common status code (such as 403) lets me easily filter these blocks in fail2ban, which can help weed out a lot of noise in server logs.






  • I’ll probably look into newer fancier options such as Caddy one day, but as far as I remember Nginx has never failed me : it’s stable, battle tested, and extremely mature. I can’t remember a single time when I’ve been affected by a breaking change (I could not even find one by searching changelogs) and the feature set makes it very versatile. Newer alternatives seem really interesting, but it seems to me they have quite frequent breaking changes and are not as feature rich.

    That being said, I’d love to see side-by-side comparison of Nginx and Caddy configs (if anyone wants to translate to Caddy the Nginx caching proxy for OSM I shared earlier this week, that would make a good and useful example), as well as examples of features missing from Nginx. This may give me enough motivation to actually try Caddy :)

    (edit : ad->and)