Just a couple of friends use it. But I’d like to use this as a learning opportunity and do it the proper way. It seems that if I turn of masquerade in general, and use firewalld fine-grained rules to enable it when I actually need it, I might be able to achieve what I want. I’ll post an update to the original post if I can get it to work.
This is interesting. I need to figure out how it works for podman and it’ll be the perfect setup.
I think it’s the masquerade that’s causing problems for me. I have to keep it enabled since I’m running a tailscale exit node. But maybe I can selectively disable it here.
But that just makes most ports unprivileged. That is a solution, but less preferred than my current one.
I mentioned in the post that it seems to make the client IP opaque to caddy.
শুনে ভালো লাগলো যে এটা কারো চোখে পড়েছে। নয়তো সবাইকে বোঝাতে হয় কি নাম, কেন নাম। আসলে বাঙালী প্রোগ্রামার খুব বেশি চিনি না।
I’m happy that you like it. Any kind of analytics or logging is decidedly against my stated policy for this project, so I won’t be adding it. But I understand that some might need it, and in that case, one should look at more comprehensive solutions like YOURLS.
It’s just a way to advertise, I think. I’ve found myself putting more trust in projects written in Rust or Go, than say, JavaScript.
Hmm, so that might be out of scope here. But I can try to do some kind of 2FA, shouldn’t be much of an issue, really. It’s just that I never thought a link shortener needed 2FA protection since the links will be publicly shared anyway.
I don’t understand much about OIDC either. But I’ll keep it in mind. Thanks.
Unnecessary to me, I guess.
Thank you for the kind words.
Won’t lie, the main reason that I stuck to a vanilla frontend approach is because I didn’t know what else to do. I’ve never been a frontend dev, and never wish to be one. So I looked at an older project, and started by trying to replicate it. In hindsight, it was probably a good decision. The backend is more intentional though, and I do try to keep things simple and clean.
I’m already aware of a few small UI oddities. There were quite a few changes in the frontend, so I kind of expect these. Please let me know if you see anything weird. You can comment here, or open a bug report. I expect to do a patch release by tomorrow.
deleted by creator
It was just a matter of setting the correct user. In most cases, user: 1000:1000 should fix it.
Hey, that looks awesome. I’ll try it out when I get back from work.
Edit: This is awesome! It satisfies my requirements and goes beyond. Great app!
That’s a pretty good idea, actually. I’ll try that out. Thanks.
Thanks, I took a look. It’s very close to what I want, but it still doesn’t support uploads in shared directories. It seems to be a pretty highly requested feature though. So maybe it’ll happen at some point.
Storage, RAM, CPU usage. I prefer not to have such a large piece of software running for no reason. It might seem silly, but I hate using resources for no reason. I’ll rather have 5 lightweight apps running instead of a huge one, of which I’ll only use a few parts.
It seems that I’d still need to modify
net.ipv4.ip_unprivileged_port_start=80in sysctl, which I don’t want to do. If I do it, the socket isn’t even strictly necessary.