What’s going on on your servers? Smooth operations or putting out fires?
I got some tinkering time recently and migrated most of my Docker services to Komodo/Forgejo. Already merged some Renovate PRs to update my containers which feels really smooth.
Have to restructure some of the remaining services before migrating them and after that I want to automate config backup for my OpnSense and TrueNAS machines.
I’m hosting foundryvtt on a k8s cluster. I’m using Authelia+lldap to have only authenticated users passed on to that behemoth of a NodeJS app that is undoubtedly full of vulnerabilities.
I have Authelia set up to enforce 2FA for any request outside my users’ home networks. Or so I thought, but one of my players kept getting asked to 2FA.
Turns out I forgot about IPv6. He connects over IPv6 by default.
I’m also running foundryvtt and have the basics of network security down but not much more. Is there anything I should be particularly wary of if I’m hosting it via a cloudflare tunnel for my group?
You probably have your network locked down much better than me. That should work too.
For me, it was easier to set up authelia to limit access. I don’t trust the “authorization” portal in foundry so I set up a real authentication proxy.
As a dev I’ve had experience with the developer culture and norms in different languages, and NodeJS stands out to me for invoking (other NodeJS) dependencies for even the smallest things.
Left-pad is the best illustration of this dependency culture. This also means vulnerabilities spread across the entire npm landscape instantly, since everything depends on almost everything else.