Notes from the last release mentions that the docker repo is unmaintained.

Ohhhhh, I’d forgotten about this. Good one.

Incus and ansible

Unbound is just an alternative to bind. Pihole does not handle full-fledged DNS functions like zone transfers and start of authority records.

Fascinating. How does this help op?

It unfortunately means that if you misconfigure a key then your packets get silently ignored by the other party

After ipsec troubleshooting phase 1 & 2, WG is still a blessing.

No worries. But you’re talking about zone transfers?

What do you mean by “recognition”?

We would need more info to help confirm, but watching ids traffic will show you lots of misconfigurations as well as actually suspicious traffic, so this might be a POS device doing stupid stuff.

Is suricata listening on an internal subnet interface? If you are listening on a public interface, your job sorting through the trash traffic will be difficult because determining source is nearly pointless and your external interface should not know anything about the internal subnet.

I think wallabag is the self-hosted go-to for this, but I’m not sure of the extensions for it.

I used to use pocket because it allowed me to sync to my Kobo reader. Kobo have struck a deal with Instapaper and it works in a similar way.

The official instapaper plugin doesn’t do what In My Pocket does, unfortunately.

Yes. Proxmox isn’t doing anything magic another Linux machine (or windows for that matter ) can’t do. A router, for instance, is a good example of this.

Sorry, that was presumptuous of me. ‘TCP stack’ just means each container can have its own IP and services. Each docker, and in fact each Linux host can have as many interfaces as you like.

I imagine you would get a conflict when you try to go to 192.168.1.2:8000 or even localhost:8000.

You’re free to run a service on port 8000 on one IP and still run the same port 8000 on another ip on the same subnet. However, two services can’t listen on the port at the same ip address.

mkvmake pulls the Forced flag from its source, so it’s likely that your DVDs have a set flag for certain subs. You can use mediainfo to check this on your mkv files.

Mkv is simply a container format, which means you can probably unset the forced flag with mkvmake directly without having to unpack all the streams and remux them.

Handbrake is amazing, but it does have a LOT of controls, so there’s only so much hand-holding it can do when you start looking behind the curtain of how av files work.

You will still have to make sure that port numbers don’t conflict

I’m sure I read you’re comment wrong, but you are aware that each docker container has its own tcp stack, right?

Thank you!

Thanks.

For severe incidents like this, please post the most appropriate link, in this case https://github.com/umami-software/umami/issues/3852

Admins in self hosted usually don’t have that much experience with real, active compromise and may panic, let’s help them as much as possible.

I will add that Umami itself is not compromised, but vulnerable. That is a somewhat misleading title.

What was the vector? Did you have umami exposed publicly?

Link? Did you discover this yourself? There is no actual info here.

Wow, armv7 is definitely back there in terms of support. One of the more known v7 devices was the nexus 7, released in 2012.

Makes sense. Your 2nd definition is what I take from the term scaling. Let’s see if op comes back with any notes.

For video encoding, I run an 8th gen Intel i5 8500t. The quicksync is good enough for nearly anything 1080p.

Not sure what you mean by the “scaling”.