

How do you enforce consistent backups of the database? Do you dump the data periodically? Copying the data on the docker volume won’t give you consistent ( and possibly corrupted ) backups IIRC if the database itself isn’t stopped.


How do you enforce consistent backups of the database? Do you dump the data periodically? Copying the data on the docker volume won’t give you consistent ( and possibly corrupted ) backups IIRC if the database itself isn’t stopped.
Email notification and the like usually don’t work out of the box and require SMTP configuration. This is usually available in the app admin consoles or configurable through Environment variables in the console.
I’m not running it ( and I haven’t checked it for Monica HQ ), but those would be the first things I’d look for.
The .env.example file shows SMTP settings. The example file notifies to a logfile rather than an email.
https://github.com/monicahq/monica/blob/main/.env.example
# Mailing
# Set the MAIL_MAILER to 'smtp' if you want to send emails.
MAIL_MAILER=log
MAIL_HOST=smtp.mailtrap.io
MAIL_PORT=2525
MAIL_USERNAME=null
MAIL_PASSWORD=null
MAIL_ENCRYPTION=null
MAIL_FROM_ADDRESS=hello@example.com
MAIL_FROM_NAME="${APP_NAME}"
MAIL_REPLY_TO_ADDRESS=hello@example.com
MAIL_REPLY_TO_NAME="${APP_NAME}"
I have no clue as I’ve not set this up myself unfortunately. :(
There are also certain Linux distros have SElinux enabled ( like red hat or fedora ). This could also block docker from accessing the file if it is enabled.
You’d have to search online how to set a policy in selinux to allow it.
SElinux does not appear in Ubuntu/Debian based distros.
Easiest check would be to run getenforce. If it works and it returns 1 it’s enabled and possibly the culprit.
You can try running your docker after running setenforce 0. This will temporarily disable it until a restart IIRC. You can enable it again by setting it to 1.
I wouldn’t recommend disablint it permanently
I think if the source path doesn’t exist, docker will mount a directory ( IIRC, but not 100% sure ).
Can you triple check if the path to your wg0.conf file on your host actually exists and that the path is definitely correct?
stat /home/docker/test/Wireguard/wg0.conf


That’s cool. I’ll look into that


Here’s an alternative: https://www.opendesk.eu/en No guarantees though. But it looks nice.
I’m not affiliated with opendesk in any of way
deleted by creator
So the Flemish part of Belgium has “tenen”, which is not toefinger. The french have “orteils”, which is also not fingers of the foot( finger is doigt ).
So the map is at least wrong for those two countries.
Great. Now I need to binge that show again. Not that I don’t want to. But still.


Interesting. Thanks for that insight :)


Personally? No I’ve never bought a cert before. Given there’s free alternatives and it’s a homelab it doesn’t make sense. Otherwise I’ve used them on AWS, where ACM also just provides them for free.
What you’re saying is that certificate providers will still charge you and provide certificates for a year, but just provide you with N certificates to span that year?
E.g. if the duration is 45 days then they will give you 365/45 certificates ?


Don’t worry they’ll reduce the cost of certificates proportionally to the longevity of the certificate.
Right? Anybody?
<< Cricket noises >>
Edit: obviously not LE, but other certificate vendors.
And once the sub stops you lose access to the games.
Hetzner has been solid for me ( and eu based if that is relevant for you ).


Connections timing out have always been a firewall issue for me.
Client sends packet, firewall drops packet, client waits for a reply that’ll never come. Client times out.
I would check firewall logs or temporarily disable it to see if it works without it.
so yeah check the firewall on the server, the client and in between ( if any ). That’s what I would do.
Wait. Doesn’t that mean If you slot it in a lvl 9 slot you will animate
9 + ( 2 additional per level slot over 4 = 10 ) = 19 skeletons?
Edit: Never mind. It’s 1 skeleton and 12 extra for being level 9. I assumed every level would also increase the number of skellies raised. My bad


I’m trying to wrap my head around your comment to understand. What exactly do you mean by supply chain sploit risk?
The tool is using 3rd party libraries and those libraries could be used to introduce vulnerabilities in the app?
Step 1: Get chickens
Step 2: add oats ( oat flakes ) to the pan with grease
Step 3: stir until they’ve absorbed the fat
Step 4: treat the chickens
Step 5: ???
Step 6: Profit!
Edit: formatting
I think it’s MAC based, but I’m not sure
Specifically talking about the FireTV, 99% sure the app doesn’t have a Killswitch, I’ve checked. I use it all the time on PC and Mobile though :)
Ah! I can’t get a fire stick here so no experience with that.
Setting up the VPN on the router sounds great, but can home routers (I have Cox) flash VPN software on them (thought they couldn’t)?
The asus router I have has a feature called VPN fusion. I specifically bought a set of routers for my home that are in front of my ISP router because I wanted a single SSID and wanted to set my own DNS servers without having to specify them per device . They (ISP) keep restricting features on their router ( can barely do anything on them nowadays ). Also switching ISPs became easier as any config is done in my devices rather than theirs.
Also is it MAC or IP filtering (would I have to set a device to static IP) for deciding which devices use the VPN tunnel? How good is it about switching servers (like if a server I’m connected to is on maintenance or is overloaded)? Not too worried about the web issues, can always hop back on the regular Wi-Fi and use the app.
I THINK it’s Mac based, but I really can’t say. I named the devices on my router and they keep reconnecting as the same device. Either that or it uses some combination of info from the device to identify it.
E.g.: my work MacBook should switch MAC addresses every time it connects to a WiFi, but it’s consistently identified by my router.
Additionally, they have some routers that are supported by custom firmware ( asuswrt-merlin ). Mine don’t support it unfortunately. https://www.asuswrt-merlin.net/
There is also this: https://github.com/alangrainger/immich-public-proxy
I think your immich gallery can even be private ( though the public proxy would need to be able access it ).
I have no experience with it though.