🇨🇦
Do you perhaps have a non-English system language?
Radarr has settings in each quality profile to select a release language, but Sonarr does not… Wondering if it’s tied to system language instead.
I do not see this issue: titles search in English only. (including the example series ‘The Penguin’)
If you selfhost paperless-ngx, there are option to add email accounts and regularly import emails+their attachments like any other document. You can then have it delete imported mail from the mail server, or just move/mark it so you can deal with that manually.
It doesn’t currently support OAuth2 for providers like Microsoft, so you’ve gotta use App Passwords with Gmail for now, but there is a fix in the pipeline to add OAuth2 support soon. (there’s also other methods you can use to get that part working right now)
The web/browser app really really sucks on console and JF doesn’t have clients for consoles :/
It’s one of the biggest things keeping me away. Xbone is my primary streaming device, and several of my users use xbone as well.
Plus Foldersync is way harder on battery, I’ve experimented a lot.
This is very configuration dependant. With an aggressive schedule checking a large number of files, it certainly can use a lot of battery; but I’ve had it setup to sync my entire device to my server a couple times a day, while also monitoring/syncing images immediately on creation/change. It doesn’t even register on androids battery usage monitor as it uses so little power.
Anyway; just listing an option for people to look at
I’ve always just used Folder Sync + an ssh server, if people are looking for alternatives.
They’re telling Israel to slow down with the attacks
Purely to help placate the public. There’s no influence/true intent behind these words. It’s the actions, not the words, that tell the true story.
More than any other piece of self-hosted software: backups are important if you’re going to host a password manager.
I have Borg automatically backing up most of the data on my server, but around once every 3 months or so, I take a backup of Vaultwardens data and put it on an external drive.
As long as you can keep up with that, or a similar process; there’s little concern to me about screwing things up. I’m constantly making tweaks and changes to my server setup, but, should I royally fuck up and say, corrupt all my data somehow: I’ve got a separate backup of the absolutely critical stuff and can easily rebuild.
But, even with the server destroyed and all backups lost, as long as you still have a device that’s previously logged into your password manager; you can unlock it and export the passwords to manually recover.
@bobslaede@feddit.dk I could kiss you. You’ve been invaluable my friend, thank you!
Just gave this a test: CNAME ombi.domain -> local.domain with cloudflares proxy re-enabled.
Now the HTTPS, A, and AAAA requests all receive the CNAME response and browsers are happy. I didn’t even have to modify ngnix to recognize local.domain like I thought I might.
I think I’ve found the problem:
It seems my issue is pihole being unable to block/modify dns requests for HTTPS records, which don’t match the LAN IPs pihole handed out in A/AAAA records.
I’ve disabled cloudflare proxying so they don’t have HTTPS records to serve, but I’ll have to replace pihole with a better lan DNS solution if I want to turn that back on.
Thanks. That seems to be a similar, but slightly different error. I think the below may apply though.
I believe I’ve tracked down more of my issue, but fixing it is going to be a hassle:
When cloudflare proxying is enabled, there are 3 DNS records involved; A record with cloudflares ipv4, AAAA record with cloudflares IPV6, and the key to this puzzle: an HTTPS record with cloudflares ech/https config.
With pihole I can set DNS records for A/AAAA, but I have no way of blocking/setting the HTTPS record so it gets through from cloudflare.
The LAN A/AAAA records don’t match the HTTPS record from cloudflare, so browsers freak out.
Once I disabled cloudflares proxying, I no longer get HTTPS records returned and all works as intended.
I’ll either have to keep cloudflare proxying disabled, or switch pihole out for a more comprehensive DNS solution so I can set/block HTTPS records :(
Thank you @bobslaede@feddit.dk for pointing me in the right direction.
That unfortunately did not work. I am only getting the ipv4 address now, but I still get the same ECH error in chrome 1/5 tries.
Firefox now changed errors from ‘invalid certificate’ to ‘connection is insecure but this site has HSTS’ (true). Still wont show the cert or provide any further info. (forgot to grab a screenshot before the below ‘solution’)
I’m really annoyed at this point and have just disabled cloudflare proxying for this service. That seems to have sorted it for all browsers. I may look further later, I may just say fuck it and leave it like this. Gotta walk away for a bit.
I’ll look into that next if what I’ve done doesn’t work. (see other comments)
Added an AAAA record to pihole:
ombi.mydomain.example 0000:0000::0000:0000
Now nslookup returns the correct ipv4 address, and ‘::’ as the ipv6.
We’ll see if that works.
Crap, looks like that’s exactly what it is.
Now how to fix that…
I do have external acces to Ombi via cloudflare; but the device I’m seeing this problem on is permanently connected to a VPN hosted from the same server machine as ombi/nginx with ‘block all connections without VPN’ enabled. And this testing has been done from within the same LAN.
It should never see/reach cloudflare for this service.
/edit; I’ve also disabled ‘use secure DNS’ in chrome. I host a local DNS within that lan/vpn network.
You’ve done enough, keeping it behind your routers firewall.
You could block LAN access and require a VPN connection to that specific machine if you really wanted more, but I’m not that concerned about it.
Yup. Point is; if you’re not depending on just its login page to keep it secure, there’s not a whole lot needing ‘security patches’, so I wouldn’t be all that concerned about slow updates. As long as it remains bug free, I’m happy.
And security patches
Something with the power of dockge should be behind a seprate form of authentication imo.
I only access it via VPN, it’s not exposed to WAN.
I tend to just use FolderSync myself. To avoid battery issues, I have a schedule for most folders; but my DCIM/Pictures folders sync immediately upon changes. I then have a widget on my homepage that triggers a ‘sync all’. Anytime I need files synced immediately, it’s easy enough to click that button.
That and most accounts that use TOTP auth apps, let you bypass/disable them via email 2fa, while also letting you reset your password the same way…
Got access to your marks email? You’ve got both factors.