The nginx config provided in the Docker installation part contains everything needed for nginx. If you are installing lemmy directly on the machine you may need to use different upstreams.
I seem to be having a lot of lag at the moment, and my post was created twice so I’m just going to delete the other one and start from here…
So I have this set up per the instructions. My instance is on a Digital Ocean instance, and I’m using nginx on the host to point to localhost:1235, but that’s about all that conf file is doing. Is there something else I need to do?
Ok, just to understand what you did. You got an Digital Ocean droplet with Docker and used the instructions in the link I posted or different ones?
If you are using the instructions from my link nginx will also run in a docker container, which means that your upstream will not be on localhost, but rather the lemmy and lemmy-ui containers.
If you did install it locally then localhost:1235 could be correct.
I think this is where my lack of experience with Docker is showing.
I spun up a DO droplet and installed nginx, Docker CE, and Docker Compose. Then I went through the instructions on the page you linked to and it set it up just fine but when I went to my droplets IP address it wouldn’t connect. I had to add a config file that pointed traffic coming into the droplet on port 80 to redirect to the Docker container instead. Am I overcomplicating it?
No, you are right. If you are using the nginx container from the docker installation guide then you will also need to add port 80 atleast in order to see anything, as nginx will otherwise not listen on the port 80 of the droplet.
So looking at this again now, am I taking that whole block and adding it to the container’s nginx.conf? If so, does that mean I have to change what port it’s currently listening to (because there’s already a rule in the file for port 80)?
There’s a comment in that server rule that says “this is the port inside docker” and a comment immediately after that says “this is facing the public web”, which confuses me.
I think that /u/spez has his back against the wall. Reddit loses money - a lot of money - and there’s noone left to foot the bill. He’s tried everything: he’s tried advertising, sponsored content, and he’s tried premium memberships (and don’t forget coins!), but all this is simply a drop in the bucket. At this point, if nothing is done, Reddit will likely have to shut down - it probably has 8-14 months left.
Honestly, I think that /u/spez has given up; he sees that Reddit as it was originally envisioned is dead. So, he’s decided to make some superficial changes to polish it up and make it appealing to investors, make an IPO, and then cash out what he can out of it and leave.
I haven't had much time to setup my new server, which is a Dell Poweredge r720, but I will host plenty of stuff once I do get around to it! What I plan to host is pretty similar to what other people host.
I run all my lab servers/services/etc in their own /16 on my home net. Nothing is publicly routed in over my WAN IP- if I want to expose a service, it goes through Nginx Proxy Manager to my local service via a ZeroTier tunnel.
I would strongly encourage you to not expose any of the *arr services (particularly your download node) to your WAN IP. PIA’s desktop app does a pretty good job of forcing a full tunnel with a VPN kill switch, so you never have to worry about your ISP catching onto what you’re doing.
So you’re saying your services run on a separate subnet? 255.255.0.0? How would you connect from your home pc connected to your home WiFi? I assume have the vpn running on the machine on a different subnet and also have it running in front of the service, the vpn would give your home computer an IP on the /16 subnet range? Am I correct in that assumption?
I suppose I need to get OPNsense actually working and providing a different subnet in the first place before worrying about all this, I appreciate your input! I understand about exposing the WAN IP, I’m assuming VPN tunnel for those specific services would protect my WAN IP as it would just send all my traffic to the VPN provider and then out to the actual destination, again correct me if I’m wrong. I don’t think I understand how the actual routing would work, how to hook the services into nginx proxy manager and how to know which ports to close and what not, but I suppose I’m not at that step quite yet
Yes, I’ve got separate subnets & vlans for a few things. My PCs/phone/tablets/etc, homelab, IoT devices (i.e. loads of Govee bulbs/ropes, gaming consoles, oven, etc), Guest (all isolated from everything else internal) and one for my roommate. I’m on a Unifi Dream Machine Pro so setting up traffic rules to allow certain traffic from PC vlan to homelab (and the other way) was pretty straightforward.
As for the VPN, yes a full tunnel would force all traffic over the VPN, but for all but my *arr stuff that’s overkill. I just join all my VMs to Zerotier and force traffic from the public LB in via their VPN IP, but the VMs can still pull yum updates and anything else they want over my WAN link.
I would say that’s still a bad move. There is not “no risk”, as it could still put the owners of the Lemmy instance in danger. So be respectful to those who are hosting this instance and don’t link copyright infringement.
thank you! that’s exactly what I was looking for. Was originally testing and added lemmy.world as an allowed instance and was wondering why federation wasn’t working. TYSM!
Yup, I had the same question and was frustrated I was missing so many comments from instances that were federating. Just leave allowed blank and then block the bad ones unless your really concerned about bad instance actors.
current blocked from lemmy.ml:lostcheese.com,mandacaru.caatinga.digital,melonbread.dev,lemilat.ml,fc.monkee.ch,thu2.closed.social,a.t.roelroscamabbing.nl,kenstroller.fedi.bzh,lemmy.services.coupou.fr,lemmy.glasgow.social,lotide.fbxl.net,masr.social,community.hackliberty.org,legbeard.xyz,collapse.cat,lemmy.subtlefuge.com,b.tide.tk,bbs.9tail.net,remmy.dragonpsi.xyz,elgiebety.pl,lemmy.thebitpros.com,dev.karab.in,wiredentrypoint.xyz,federated.community,verity.fail,lemider.me,lemmygrad.com,exploding-heads.com,sportsfeed.me,delraymisfitsboard.com,dev.narwhal.city,lemmy.burger.rodeo,lemmy.juggler.jp,lemmy.mesh.party,c.tide.tk,narwhal.city,wolfballs.com,burggit.moe,lemmynsfw.com
With Threshold I always was mildly impressed with how they made a point that evolution doesn’t necessarily mean that a species will become super advanced somehow. That they evolved “in-place” instead of over generations is still a pretty bonkers misunderstanding of evolution that they always fall for, but I guess watching them turn into lizards over the next several decades probably wouldn’t make the best TV lol
Another Mac mini that I use for dev work that’s also running sonarr, radarr, bazarr, plex and Hoobs under MacOS
A Dell R170 running a number of VMs (windows and Linux) that host a couple of websites , and a load balancer on proxmox.
Things are a bit spread out where I sometimes just had to use the hardware I had to hand but it all works together somehow.
Edit: I’ve also just spun up a MediaWiki for me and my colleagues to use to store useful snippets of code etc. in a central place. Although I know my colleagues, they’ll use it once and then it’ll be abandoned :D
From what I’ve heard (take this with a huge grain of salt) is that the posts themselves shouldn’t take up much of your storage. The biggest thing that could take up your storage are images, but they are only stored on the instances where the community in which they were posted in is.
It’s likely the Docker images, and maybe the Docker build cache if they built from source instead of using the Docker Hub image.
I’ve been up for about a day longer than OP, and my Lemmy data is still under 800MB. OP either included non Lemmy data in that math, or is subscribed to way more communities than me. My storage usage has been growing much faster today with all the extra activity, but I won’t have to worry about storage space for about a month even at this rate.
And that’s assuming Lemmy doesn’t automatically prune old data. I’m not sure if it does or not. But if it doesn’t, I imagine I’ll see posts in about 2-3 weeks talking about Lemmy’s storage needs and how to manage it as an instance admin.
EDIT: Turns out ~90% of my Lemmy data is just for debugging and not needed:
I used the ansible route to get going. I am subbed to ~150 communities currently. Some of those won’t stay, but for now I am subbing to almost anything to see how that affects disk usage. I am interested to see how, or if, it levels off over time and what a week or two out looks like. I expect by then we will all have many more tips for each other as we trial and error our way through.
Ahhhh, image posts are where your usage is going! Makes sense, my instance is just for my account and I don’t submit anything. Your postgres size is more or less in line with where mine was at your uptime. I’m using Docker Compose so I’m only considering the size of the volumes in my metrics, not the image sizes or anything.
EDIT: Turns out I accidentally firewalled my pictrs service, it couldn’t reach external sites to create thumbnails for external links. That’s why my storage usage was so much lower. Whoops.
Yeah, images are where the main bulk of the storage is going. Interestingly, my instance is also just for my account presently and I have not submitted any images until my screenshot above. So these images are just those that are being pulled from other instances. I was under the impression that images were hosted from their respective instance and not saved locally, so I am curious to see how this plays out long term.
4vcpu (Ryzen), 8GB RAM, 256gb disk (which will be expanded when it gets to like 60% full). Not too worried about storage unless I get a bunch of image-happy users, text all comes in as json and goes straight to Postgres so it’s not a concern.
kbin.life
Oldest