I might have to switch, as much as I like the simplicity of Caddy, I keep running into issues like this unfortunately.
I might have to switch, as much as I like the simplicity of Caddy, I keep running into issues like this unfortunately.
Do you know of a way to have a global caddy setting to only allow Cloudflare IPs, but “exempt” Jellyfin?
(I posted my caddy cloudflare section down below which only works as a global setting)
I have followed that guide which let me to a few GitHub issues.
Here is what I have put in my config:
servers {
trusted_proxies cloudflare {
interval 12h
timeout 15s
}
trusted_proxies static private_ranges
client_ip_headers Cf-Connecting-Ip X-Forwarded-For
}
}
I have also added all Cloudflare IPs in Jellyfin’s known proxies:
103.21.244.0/22, 103.22.200.0/22, 103.31.4.0/22, 104.16.0.0/13, 104.24.0.0/14, 108.162.192.0/18, 131.0.72.0/22, 141.101.64.0/18, 162.158.0.0/15, 172.64.0.0/13, 173.245.48.0/20, 188.114.96.0/20, 190.93.240.0/20, 197.234.240.0/22, 198.41.128.0/17
Yet, I’m still not seeing the real IPs.
That led me in the right direction!
Fixed it with:
pvresize /dev/sda3
lvresize --extents +100%FREE --resizefs /dev/pve/data
Thank you!
Would you know how I would go about doing that?
I’ll give that a shot with gparted on the weekend if all else fails. Thanks!
They had a server breach and didn’t tell anyone until a few years after the fact.
Anyone know how to get a self-hosted synapse server updated to support all this?
Yah if all you want is for your server to get internet and have it accessible on your LAN, one port is all you need.
Unless you’re planning on virtualizing your router on the server (think OPNsense VM or something) then really only one ethernet port is required. Otherwise the sky is the limit. For example, mine has a 1 Gbps port, a 2.5gbps port, and two 10 Gbps ports.
Depends on what you want/need and whether you want to future proof I guess.
I would love a torrent leech account! I’m a power user with great upload ratios on public trackers and have yet to be able to get into a private one!
PiHole can’t specify specific ports for each cname, which is what you need a reverse proxy for.
Typically, you create all of your cnames in pihole and direct them to your reverse proxy server IP. From your reverse proxy of choice, you specify each url to the specific ip:port of your service.
Thanks for the suggestion. I followed that and it didn’t solve the problem sadly.