This week I learned to deploy #Crowdsec in my #homelab:

- CrowdSec LAPI on an LXC in my private VLAN
- Caddy-bouncer to protect my public servives
- CrowdSec-firewall-bouncer-iptables on my 2 #Proxmox nodes
- CrowdSec agent for all my public VMs and important VMs/LXCs

Of course, I created an #Ansible role to deploy the agent on my multiple hosts/VMs/LXCs using a certificate and a custom port, 8080 is a busy port :-)

Yes, it’s overkill :-)
#infosec #selfhosting #cybersecurity #caddy

I love the new zone management of the Unifi firewall. I feel more comfortable now being more granular in my rules. Before, I was using Cloudflare DNS proxy to only allow three countries to connect to my public services.

Now, I’m no longer using the DNS proxy, and my rule is done with Unifi. Other improvement, my public services are in an isolated VLAN and are available on IPv4 and IPv6.

#unifi #homelab #selfhosted #selfhosting #ipv6 #firewall #alttext #devops #vlan #infoSec #networkSecurity

Kudos to the Pocket-ID team for the excellent version 1.0.0 🏆! The bare-metal installation is now incredibly simple, with no dependencies or compilation required ❤️. Future updates will also be easier!

P.S. Thanks to Proxmox's snapshots for saving me from my many mistakes :-)

https://pocket-id.org

#pocketid #oidc #selfhosted #selfhosting #selfhost
#homelab #proxmox #passkey

The internet provider Ebox have a major outage in Quebec. It’s crazy how a computer can be unusable without internet!

Time do to some storage cleaning 🧹 😀

PS: Bell is affected too. They bought EBOX few years ago.

#ebox #nointernet #homelab #quebec #bell #internet

Commute to a medical appointment close to an area it did not explore yet. So let's do squadrating ! :-)

- 6 up to #6619 in Squadrats Standings
- 2361 up to #18063 in Übersquadrat Standings
- 245 up to #19120 in Yard Standings
- 17 up to #7803 in Squadratinhos Standings
- 66 up to #3646 in Yardinho Standings

On the left of the map, it's the airport; it will not be fun to get these Squadrats.

#Squadrats #velomtl #BikeTooter #bike #montreal #quebec #canada #velo #bikecommute

My transition from #nginxProxyManager to #caddy is complete. I created 2 LXC Caddy instances: one for public services (with #UFW) and another for my private ones. This setup limits exposure to potential unwanted visitors.

Now, my #Proxmox cluster is available with load balancing for both IPv4 & IPv6.

Globally, the transition is easy. I only have some trouble blocking the outside traffic on Headscale Admin, with the reverse proxy of Pi-hole Admi/API, and of course, IPv6.

#homelab #selfthosting

My laser saver for yesterday, May 4. :-)

Building an ESPHome multi-sensor: Bluetooth proxy (mainly for Bermuda BLE trilateration), temperature, humidity, and motion sensors.. I used an D1 Mini ESP32 AM313 + BME280. Currently testing the HC-SR501. It is larger, but the sensitivity and delay time can be adjusted.

#4May #ESPHome #homeAssistant #homeAutomation #diy