Symfony Profiler

null

App\Entity\Entry {#2419
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +magazine: App\Entity\Magazine {#265
    +icon: Proxies\__CG__\App\Entity\Image {#246 …}
    +name: "selfhosted@lemmy.world"
    +title: "selfhosted"
    +description: """
      A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
      \n
      Rules:\n
      \n
      - Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
      - No spam posting.\n
      - Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
      - Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
      - No trolling.\n
      \n
      Resources:\n
      \n
      - [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
      - [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
      - [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
      \n
      > Any issues on the community? Report it using the report flag.\n
      \n
      > Questions? DM the mods!
      """
    +rules: null
    +subscriptionsCount: 1
    +entryCount: 222
    +entryCommentCount: 3916
    +postCount: 0
    +postCommentCount: 0
    +isAdult: false
    +customCss: null
    +lastActive: DateTime @1729582735 {#275
      date: 2024-10-22 09:38:55.0 +02:00
    }
    +markedForDeletionAt: null
    +tags: null
    +moderators: Doctrine\ORM\PersistentCollection {#237 …}
    +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
    +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
    +entries: Doctrine\ORM\PersistentCollection {#180 …}
    +posts: Doctrine\ORM\PersistentCollection {#138 …}
    +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
    +bans: Doctrine\ORM\PersistentCollection {#117 …}
    +reports: Doctrine\ORM\PersistentCollection {#103 …}
    +badges: Doctrine\ORM\PersistentCollection {#81 …}
    +logs: Doctrine\ORM\PersistentCollection {#71 …}
    +awards: Doctrine\ORM\PersistentCollection {#1346 …}
    +categories: Doctrine\ORM\PersistentCollection {#1823 …}
    -id: 120
    +apId: "selfhosted@lemmy.world"
    +apProfileId: "https://lemmy.world/c/selfhosted"
    +apPublicUrl: "https://lemmy.world/c/selfhosted"
    +apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
    +apInboxUrl: "https://lemmy.world/inbox"
    +apDomain: "lemmy.world"
    +apPreferredUsername: "selfhosted"
    +apDiscoverable: true
    +apManuallyApprovesFollowers: null
    +privateKey: null
    +publicKey: null
    +apFetchedAt: DateTime @1703473826 {#269
      date: 2023-12-25 04:10:26.0 +01:00
    }
    +apDeletedAt: null
    +apTimeoutAt: null
    +visibility: "visible             "
    +createdAt: DateTimeImmutable @1703473826 {#271
      date: 2023-12-25 04:10:26.0 +01:00
    }
  }
  +image: null
  +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
  +slug: "Help-needed-setting-up-NGINX-reverse-Proxy-HA-Vaultwarden-using"
  +title: "Help needed setting up NGINX reverse Proxy / HA / Vaultwarden using Duckdns"
  +url: null
  +body: """
    Hey Guys,\n
    \n
    so I still have no clue about most of the stuff im doing hence why I am doing it :)\n
    \n
    I have a ubuntu system running all kinds of docker containers and I want to expose homeassistant and vaultwarden to the internet.\n
    \n
    Now I have set up a Duckdns account, I have setup my Router (fritzbox) to update the dyndns settings, I have set up my homeassistant the following:\n
    \n
    ```\n
    \n
    <span style="color:#323232;">homeassistant:\n
    </span><span style="color:#323232;">  internal_url: http://192.168.178.214:8123\n
    </span><span style="color:#323232;">  external_url: https://ha.xxxxx.duckdns.org\n
    </span><span style="color:#323232;">\n
    </span><span style="color:#323232;">http:\n
    </span><span style="color:#323232;">  use_x_forwarded_for: true\n
    </span><span style="color:#323232;">  trusted_proxies:\n
    </span><span style="color:#323232;">    - 172.22.0.0/24\n
    </span>\n
    ```\n
    \n
    Following is my Homeassistant Configuration:\n
    \n
    ```\n
    \n
    <span style="color:#323232;">  homeassistant:\n
    </span><span style="color:#323232;">    container_name: homeassistant\n
    </span><span style="color:#323232;">    image: "ghcr.io/home-assistant/home-assistant:stable"\n
    </span><span style="color:#323232;">    volumes:\n
    </span><span style="color:#323232;">      - /homeassistant/:/config\n
    </span><span style="color:#323232;">      - /etc/localtime:/etc/localtime:ro\n
    </span><span style="color:#323232;">    restart: unless-stopped\n
    </span><span style="color:#323232;">    network_mode: host\n
    </span><span style="color:#323232;">    privileged: true\n
    </span><span style="color:#323232;">    ports:\n
    </span><span style="color:#323232;">      - 8123:8123\n
    </span><span style="color:#323232;">      - 5683:5683\n
    </span><span style="color:#323232;">\n
    </span><span style="color:#323232;">  nginx-proxy-manager:\n
    </span><span style="color:#323232;">    container_name: nginx\n
    </span><span style="color:#323232;">    privileged: true\n
    </span><span style="color:#323232;">    image: 'jc21/nginx-proxy-manager:latest'\n
    </span><span style="color:#323232;">    ports:\n
    </span><span style="color:#323232;">      - '80:80'\n
    </span><span style="color:#323232;">      - '81:81'\n
    </span><span style="color:#323232;">      - '443:443'\n
    </span><span style="color:#323232;">    environment:\n
    </span><span style="color:#323232;">      DB_MYSQL_HOST: "nginx-db"\n
    </span><span style="color:#323232;">      DB_MYSQL_PORT: 3306\n
    </span><span style="color:#323232;">    volumes:\n
    </span><span style="color:#323232;">      - /nginx/data:/data\n
    </span><span style="color:#323232;">      - /nginx/letsencrypt:/etc/letsencrypt\n
    </span><span style="color:#323232;">\n
    </span><span style="color:#323232;">  nginx-db:\n
    </span><span style="color:#323232;">    container_name: nginx-db\n
    </span><span style="color:#323232;">    image: 'jc21/mariadb-aria:latest'\n
    </span><span style="color:#323232;">    environment:\n
    </span><span style="color:#323232;">    volumes:\n
    </span><span style="color:#323232;">      - /nginx/mysql:/var/lib/mysql\n
    </span><span style="color:#323232;">\n
    </span><span style="color:#323232;">  vaultwarden:\n
    </span><span style="color:#323232;">    container_name: vaultwarden\n
    </span><span style="color:#323232;">    image: vaultwarden/server:latest\n
    </span><span style="color:#323232;">    restart: unless-stopped\n
    </span><span style="color:#323232;">    volumes:\n
    </span><span style="color:#323232;">      - /vaultwarden:/data/\n
    </span><span style="color:#323232;">    ports:\n
    </span><span style="color:#323232;">      - 8125:3012\n
    </span><span style="color:#323232;">      - 8124:80\n
    </span><span style="color:#323232;">    environment:\n
    </span><span style="color:#323232;">      - DOMAIN=https://vw.xxxxx.duckdns.org\n
    </span><span style="color:#323232;">      - LOGIN_RATELIMIT_MAX_BURST=10\n
    </span><span style="color:#323232;">      - LOGIN_RATELIMIT_SECONDS=60\n
    </span><span style="color:#323232;">      - ADMIN_RATELIMIT_MAX_BURST=10\n
    </span><span style="color:#323232;">      - ADMIN_RATELIMIT_SECONDS=60\n
    </span><span style="color:#323232;">      - ADMIN_TOKEN=\n
    </span><span style="color:#323232;">      - SENDS_ALLOWED=true\n
    </span><span style="color:#323232;">      - EMERGENCY_ACCESS_ALLOWED=true\n
    </span><span style="color:#323232;">      - WEB_VAULT_ENABLED=true\n
    </span><span style="color:#323232;">      - SIGNUPS_ALLOWED=true\n
    </span>\n
    ```\n
    \n
    I have forwarded the ports in the router.\n
    \n
    I have set up nginx the following:\n
    \n
    ![](https://lemmy.world/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)\n
    \n
    Issue is when I open the website, it will give me the error that hsts is enabled, even though I definitely did not check this option ( and I never did (today!).\n
    \n
    What is the reason for this?\n
    \n
    Do I have to set some sort of header?\n
    \n
    Same thing with vaultwarden, basically I set this up 1:1 except for the url whichi is vw.xxxxx.duckdns .org.
    """
  +type: "article"
  +lang: "en"
  +isOc: false
  +hasEmbed: false
  +commentCount: 15
  +favouriteCount: 30
  +score: 0
  +isAdult: false
  +sticky: false
  +lastActive: DateTime @1709146727 {#2414
    date: 2024-02-28 19:58:47.0 +01:00
  }
  +ip: null
  +adaAmount: 0
  +tags: null
  +mentions: null
  +comments: Doctrine\ORM\PersistentCollection {#1884 …}
  +votes: Doctrine\ORM\PersistentCollection {#1973 …}
  +reports: Doctrine\ORM\PersistentCollection {#1959 …}
  +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
  +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
  +badges: Doctrine\ORM\PersistentCollection {#2440 …}
  +children: []
  -id: 25290
  -titleTs: "'duckdn':11 'ha':8 'help':1 'need':2 'nginx':5 'proxi':7 'revers':6 'set':3 'use':10 'vaultwarden':9"
  -bodyTs: "'/24':88 '/config':104 '/data':154,185 '/etc/letsencrypt':156 '/etc/localtime':105,106 '/home-assistant/home-assistant:stable':101 '/homeassistant':103 '/nginx/data':153 '/nginx/letsencrypt':155 '/nginx/mysql':170 '/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)':245 '/var/lib/mysql':171 '/vaultwarden':184 '1':301,302 '10':198,207 '172.22.0.0':87 '192.168.178.214':74 '3012':188 '3306':151 '443':139,140 '5683':120,121 '60':202,211 '80':135,136,190 '81':137,138 '8123':75,118,119 '8124':189 '8125':187 'access':218 'account':51 'admin':203,208,212 'allow':215,219,226 'basic':296 'burst':197,206 'check':269 'clue':8 'configur':93 'contain':32,95,126,160,173 'db':142,147,148,159,164 'definit':266 'docker':31 'domain':192 'duckdn':50 'dyndn':61 'emerg':217 'enabl':223,262 'environ':141,168,191 'error':258 'even':263 'except':303 'expos':37 'extern':76 'follow':70,89,242 'forward':82,230 'fritzbox':57 'ghcr.io':100 'ghcr.io/home-assistant/home-assistant:stable':99 'give':255 'guy':2 'ha.xxxxx.duckdns.org':78 'header':291 'henc':16 'hey':1 'homeassist':38,68,71,92,94,97 'host':114,144 'hsts':260 'http':79 'im':14 'imag':98,131,165,176 'intern':72 'internet':43 'issu':246 'jc21/mariadb-aria':166 'jc21/nginx-proxy-manager':132 'kind':29 'latest':133,167,178 'lemmy.world':244 'lemmy.world/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)':243 'login':194,199 'manag':125 'max':196,205 'mode':113 'mysql':143,149 'name':96,127,161,174 'network':112 'never':274 'nginx':123,128,146,158,163,240 'nginx-db':145,157,162 'nginx-proxy-manag':122 'open':250 'option':271 'org':310 'port':117,134,150,186,232 'privileg':115,129 'proxi':86,124 'ratelimit':195,200,204,209 'reason':280 'restart':108,179 'ro':107 'router':56,235 'run':27 'second':201,210 'send':214 'set':47,62,65,238,287,298 'setup':54 'signup':225 'sort':289 'still':5 'stop':111,182 'stuff':13 'system':26 'thing':293 'though':264 'today':276 'token':213 'true':84,116,130,216,220,224,227 'trust':85 'ubuntu':25 'unless':110,181 'unless-stop':109,180 'updat':59 'url':73,77,306 'use':80 'vault':222 'vaultwarden':40,172,175,295 'vaultwarden/server':177 'volum':102,152,169,183 'vw.xxxxx.duckdns':309 'vw.xxxxx.duckdns.org':193 'want':35 'web':221 'websit':252 'whichi':307 'x':81"
  +cross: false
  +upVotes: 0
  +downVotes: 0
  +ranking: 1703803540
  +visibility: "visible             "
  +apId: "https://lemmy.world/post/10039683"
  +editedAt: null
  +createdAt: DateTimeImmutable @1703717140 {#1793
    date: 2023-12-27 23:45:40.0 +01:00
  }
}

App\Entity\Entry {#2419
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +magazine: App\Entity\Magazine {#265
    +icon: Proxies\__CG__\App\Entity\Image {#246 …}
    +name: "selfhosted@lemmy.world"
    +title: "selfhosted"
    +description: """
      A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
      \n
      Rules:\n
      \n
      - Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
      - No spam posting.\n
      - Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
      - Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
      - No trolling.\n
      \n
      Resources:\n
      \n
      - [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
      - [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
      - [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
      \n
      > Any issues on the community? Report it using the report flag.\n
      \n
      > Questions? DM the mods!
      """
    +rules: null
    +subscriptionsCount: 1
    +entryCount: 222
    +entryCommentCount: 3916
    +postCount: 0
    +postCommentCount: 0
    +isAdult: false
    +customCss: null
    +lastActive: DateTime @1729582735 {#275
      date: 2024-10-22 09:38:55.0 +02:00
    }
    +markedForDeletionAt: null
    +tags: null
    +moderators: Doctrine\ORM\PersistentCollection {#237 …}
    +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
    +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
    +entries: Doctrine\ORM\PersistentCollection {#180 …}
    +posts: Doctrine\ORM\PersistentCollection {#138 …}
    +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
    +bans: Doctrine\ORM\PersistentCollection {#117 …}
    +reports: Doctrine\ORM\PersistentCollection {#103 …}
    +badges: Doctrine\ORM\PersistentCollection {#81 …}
    +logs: Doctrine\ORM\PersistentCollection {#71 …}
    +awards: Doctrine\ORM\PersistentCollection {#1346 …}
    +categories: Doctrine\ORM\PersistentCollection {#1823 …}
    -id: 120
    +apId: "selfhosted@lemmy.world"
    +apProfileId: "https://lemmy.world/c/selfhosted"
    +apPublicUrl: "https://lemmy.world/c/selfhosted"
    +apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
    +apInboxUrl: "https://lemmy.world/inbox"
    +apDomain: "lemmy.world"
    +apPreferredUsername: "selfhosted"
    +apDiscoverable: true
    +apManuallyApprovesFollowers: null
    +privateKey: null
    +publicKey: null
    +apFetchedAt: DateTime @1703473826 {#269
      date: 2023-12-25 04:10:26.0 +01:00
    }
    +apDeletedAt: null
    +apTimeoutAt: null
    +visibility: "visible             "
    +createdAt: DateTimeImmutable @1703473826 {#271
      date: 2023-12-25 04:10:26.0 +01:00
    }
  }
  +image: null
  +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
  +slug: "Help-needed-setting-up-NGINX-reverse-Proxy-HA-Vaultwarden-using"
  +title: "Help needed setting up NGINX reverse Proxy / HA / Vaultwarden using Duckdns"
  +url: null
  +body: """
    Hey Guys,\n
    \n
    so I still have no clue about most of the stuff im doing hence why I am doing it :)\n
    \n
    I have a ubuntu system running all kinds of docker containers and I want to expose homeassistant and vaultwarden to the internet.\n
    \n
    Now I have set up a Duckdns account, I have setup my Router (fritzbox) to update the dyndns settings, I have set up my homeassistant the following:\n
    \n
    ```\n
    \n
    <span style="color:#323232;">homeassistant:\n
    </span><span style="color:#323232;">  internal_url: http://192.168.178.214:8123\n
    </span><span style="color:#323232;">  external_url: https://ha.xxxxx.duckdns.org\n
    </span><span style="color:#323232;">\n
    </span><span style="color:#323232;">http:\n
    </span><span style="color:#323232;">  use_x_forwarded_for: true\n
    </span><span style="color:#323232;">  trusted_proxies:\n
    </span><span style="color:#323232;">    - 172.22.0.0/24\n
    </span>\n
    ```\n
    \n
    Following is my Homeassistant Configuration:\n
    \n
    ```\n
    \n
    <span style="color:#323232;">  homeassistant:\n
    </span><span style="color:#323232;">    container_name: homeassistant\n
    </span><span style="color:#323232;">    image: "ghcr.io/home-assistant/home-assistant:stable"\n
    </span><span style="color:#323232;">    volumes:\n
    </span><span style="color:#323232;">      - /homeassistant/:/config\n
    </span><span style="color:#323232;">      - /etc/localtime:/etc/localtime:ro\n
    </span><span style="color:#323232;">    restart: unless-stopped\n
    </span><span style="color:#323232;">    network_mode: host\n
    </span><span style="color:#323232;">    privileged: true\n
    </span><span style="color:#323232;">    ports:\n
    </span><span style="color:#323232;">      - 8123:8123\n
    </span><span style="color:#323232;">      - 5683:5683\n
    </span><span style="color:#323232;">\n
    </span><span style="color:#323232;">  nginx-proxy-manager:\n
    </span><span style="color:#323232;">    container_name: nginx\n
    </span><span style="color:#323232;">    privileged: true\n
    </span><span style="color:#323232;">    image: 'jc21/nginx-proxy-manager:latest'\n
    </span><span style="color:#323232;">    ports:\n
    </span><span style="color:#323232;">      - '80:80'\n
    </span><span style="color:#323232;">      - '81:81'\n
    </span><span style="color:#323232;">      - '443:443'\n
    </span><span style="color:#323232;">    environment:\n
    </span><span style="color:#323232;">      DB_MYSQL_HOST: "nginx-db"\n
    </span><span style="color:#323232;">      DB_MYSQL_PORT: 3306\n
    </span><span style="color:#323232;">    volumes:\n
    </span><span style="color:#323232;">      - /nginx/data:/data\n
    </span><span style="color:#323232;">      - /nginx/letsencrypt:/etc/letsencrypt\n
    </span><span style="color:#323232;">\n
    </span><span style="color:#323232;">  nginx-db:\n
    </span><span style="color:#323232;">    container_name: nginx-db\n
    </span><span style="color:#323232;">    image: 'jc21/mariadb-aria:latest'\n
    </span><span style="color:#323232;">    environment:\n
    </span><span style="color:#323232;">    volumes:\n
    </span><span style="color:#323232;">      - /nginx/mysql:/var/lib/mysql\n
    </span><span style="color:#323232;">\n
    </span><span style="color:#323232;">  vaultwarden:\n
    </span><span style="color:#323232;">    container_name: vaultwarden\n
    </span><span style="color:#323232;">    image: vaultwarden/server:latest\n
    </span><span style="color:#323232;">    restart: unless-stopped\n
    </span><span style="color:#323232;">    volumes:\n
    </span><span style="color:#323232;">      - /vaultwarden:/data/\n
    </span><span style="color:#323232;">    ports:\n
    </span><span style="color:#323232;">      - 8125:3012\n
    </span><span style="color:#323232;">      - 8124:80\n
    </span><span style="color:#323232;">    environment:\n
    </span><span style="color:#323232;">      - DOMAIN=https://vw.xxxxx.duckdns.org\n
    </span><span style="color:#323232;">      - LOGIN_RATELIMIT_MAX_BURST=10\n
    </span><span style="color:#323232;">      - LOGIN_RATELIMIT_SECONDS=60\n
    </span><span style="color:#323232;">      - ADMIN_RATELIMIT_MAX_BURST=10\n
    </span><span style="color:#323232;">      - ADMIN_RATELIMIT_SECONDS=60\n
    </span><span style="color:#323232;">      - ADMIN_TOKEN=\n
    </span><span style="color:#323232;">      - SENDS_ALLOWED=true\n
    </span><span style="color:#323232;">      - EMERGENCY_ACCESS_ALLOWED=true\n
    </span><span style="color:#323232;">      - WEB_VAULT_ENABLED=true\n
    </span><span style="color:#323232;">      - SIGNUPS_ALLOWED=true\n
    </span>\n
    ```\n
    \n
    I have forwarded the ports in the router.\n
    \n
    I have set up nginx the following:\n
    \n
    ![](https://lemmy.world/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)\n
    \n
    Issue is when I open the website, it will give me the error that hsts is enabled, even though I definitely did not check this option ( and I never did (today!).\n
    \n
    What is the reason for this?\n
    \n
    Do I have to set some sort of header?\n
    \n
    Same thing with vaultwarden, basically I set this up 1:1 except for the url whichi is vw.xxxxx.duckdns .org.
    """
  +type: "article"
  +lang: "en"
  +isOc: false
  +hasEmbed: false
  +commentCount: 15
  +favouriteCount: 30
  +score: 0
  +isAdult: false
  +sticky: false
  +lastActive: DateTime @1709146727 {#2414
    date: 2024-02-28 19:58:47.0 +01:00
  }
  +ip: null
  +adaAmount: 0
  +tags: null
  +mentions: null
  +comments: Doctrine\ORM\PersistentCollection {#1884 …}
  +votes: Doctrine\ORM\PersistentCollection {#1973 …}
  +reports: Doctrine\ORM\PersistentCollection {#1959 …}
  +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
  +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
  +badges: Doctrine\ORM\PersistentCollection {#2440 …}
  +children: []
  -id: 25290
  -titleTs: "'duckdn':11 'ha':8 'help':1 'need':2 'nginx':5 'proxi':7 'revers':6 'set':3 'use':10 'vaultwarden':9"
  -bodyTs: "'/24':88 '/config':104 '/data':154,185 '/etc/letsencrypt':156 '/etc/localtime':105,106 '/home-assistant/home-assistant:stable':101 '/homeassistant':103 '/nginx/data':153 '/nginx/letsencrypt':155 '/nginx/mysql':170 '/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)':245 '/var/lib/mysql':171 '/vaultwarden':184 '1':301,302 '10':198,207 '172.22.0.0':87 '192.168.178.214':74 '3012':188 '3306':151 '443':139,140 '5683':120,121 '60':202,211 '80':135,136,190 '81':137,138 '8123':75,118,119 '8124':189 '8125':187 'access':218 'account':51 'admin':203,208,212 'allow':215,219,226 'basic':296 'burst':197,206 'check':269 'clue':8 'configur':93 'contain':32,95,126,160,173 'db':142,147,148,159,164 'definit':266 'docker':31 'domain':192 'duckdn':50 'dyndn':61 'emerg':217 'enabl':223,262 'environ':141,168,191 'error':258 'even':263 'except':303 'expos':37 'extern':76 'follow':70,89,242 'forward':82,230 'fritzbox':57 'ghcr.io':100 'ghcr.io/home-assistant/home-assistant:stable':99 'give':255 'guy':2 'ha.xxxxx.duckdns.org':78 'header':291 'henc':16 'hey':1 'homeassist':38,68,71,92,94,97 'host':114,144 'hsts':260 'http':79 'im':14 'imag':98,131,165,176 'intern':72 'internet':43 'issu':246 'jc21/mariadb-aria':166 'jc21/nginx-proxy-manager':132 'kind':29 'latest':133,167,178 'lemmy.world':244 'lemmy.world/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)':243 'login':194,199 'manag':125 'max':196,205 'mode':113 'mysql':143,149 'name':96,127,161,174 'network':112 'never':274 'nginx':123,128,146,158,163,240 'nginx-db':145,157,162 'nginx-proxy-manag':122 'open':250 'option':271 'org':310 'port':117,134,150,186,232 'privileg':115,129 'proxi':86,124 'ratelimit':195,200,204,209 'reason':280 'restart':108,179 'ro':107 'router':56,235 'run':27 'second':201,210 'send':214 'set':47,62,65,238,287,298 'setup':54 'signup':225 'sort':289 'still':5 'stop':111,182 'stuff':13 'system':26 'thing':293 'though':264 'today':276 'token':213 'true':84,116,130,216,220,224,227 'trust':85 'ubuntu':25 'unless':110,181 'unless-stop':109,180 'updat':59 'url':73,77,306 'use':80 'vault':222 'vaultwarden':40,172,175,295 'vaultwarden/server':177 'volum':102,152,169,183 'vw.xxxxx.duckdns':309 'vw.xxxxx.duckdns.org':193 'want':35 'web':221 'websit':252 'whichi':307 'x':81"
  +cross: false
  +upVotes: 0
  +downVotes: 0
  +ranking: 1703803540
  +visibility: "visible             "
  +apId: "https://lemmy.world/post/10039683"
  +editedAt: null
  +createdAt: DateTimeImmutable @1703717140 {#1793
    date: 2023-12-27 23:45:40.0 +01:00
  }
}

App\Entity\Entry {#2419
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +magazine: App\Entity\Magazine {#265
    +icon: Proxies\__CG__\App\Entity\Image {#246 …}
    +name: "selfhosted@lemmy.world"
    +title: "selfhosted"
    +description: """
      A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
      \n
      Rules:\n
      \n
      - Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
      - No spam posting.\n
      - Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
      - Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
      - No trolling.\n
      \n
      Resources:\n
      \n
      - [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
      - [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
      - [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
      \n
      > Any issues on the community? Report it using the report flag.\n
      \n
      > Questions? DM the mods!
      """
    +rules: null
    +subscriptionsCount: 1
    +entryCount: 222
    +entryCommentCount: 3916
    +postCount: 0
    +postCommentCount: 0
    +isAdult: false
    +customCss: null
    +lastActive: DateTime @1729582735 {#275
      date: 2024-10-22 09:38:55.0 +02:00
    }
    +markedForDeletionAt: null
    +tags: null
    +moderators: Doctrine\ORM\PersistentCollection {#237 …}
    +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
    +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
    +entries: Doctrine\ORM\PersistentCollection {#180 …}
    +posts: Doctrine\ORM\PersistentCollection {#138 …}
    +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
    +bans: Doctrine\ORM\PersistentCollection {#117 …}
    +reports: Doctrine\ORM\PersistentCollection {#103 …}
    +badges: Doctrine\ORM\PersistentCollection {#81 …}
    +logs: Doctrine\ORM\PersistentCollection {#71 …}
    +awards: Doctrine\ORM\PersistentCollection {#1346 …}
    +categories: Doctrine\ORM\PersistentCollection {#1823 …}
    -id: 120
    +apId: "selfhosted@lemmy.world"
    +apProfileId: "https://lemmy.world/c/selfhosted"
    +apPublicUrl: "https://lemmy.world/c/selfhosted"
    +apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
    +apInboxUrl: "https://lemmy.world/inbox"
    +apDomain: "lemmy.world"
    +apPreferredUsername: "selfhosted"
    +apDiscoverable: true
    +apManuallyApprovesFollowers: null
    +privateKey: null
    +publicKey: null
    +apFetchedAt: DateTime @1703473826 {#269
      date: 2023-12-25 04:10:26.0 +01:00
    }
    +apDeletedAt: null
    +apTimeoutAt: null
    +visibility: "visible             "
    +createdAt: DateTimeImmutable @1703473826 {#271
      date: 2023-12-25 04:10:26.0 +01:00
    }
  }
  +image: null
  +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
  +slug: "Help-needed-setting-up-NGINX-reverse-Proxy-HA-Vaultwarden-using"
  +title: "Help needed setting up NGINX reverse Proxy / HA / Vaultwarden using Duckdns"
  +url: null
  +body: """
    Hey Guys,\n
    \n
    so I still have no clue about most of the stuff im doing hence why I am doing it :)\n
    \n
    I have a ubuntu system running all kinds of docker containers and I want to expose homeassistant and vaultwarden to the internet.\n
    \n
    Now I have set up a Duckdns account, I have setup my Router (fritzbox) to update the dyndns settings, I have set up my homeassistant the following:\n
    \n
    ```\n
    \n
    <span style="color:#323232;">homeassistant:\n
    </span><span style="color:#323232;">  internal_url: http://192.168.178.214:8123\n
    </span><span style="color:#323232;">  external_url: https://ha.xxxxx.duckdns.org\n
    </span><span style="color:#323232;">\n
    </span><span style="color:#323232;">http:\n
    </span><span style="color:#323232;">  use_x_forwarded_for: true\n
    </span><span style="color:#323232;">  trusted_proxies:\n
    </span><span style="color:#323232;">    - 172.22.0.0/24\n
    </span>\n
    ```\n
    \n
    Following is my Homeassistant Configuration:\n
    \n
    ```\n
    \n
    <span style="color:#323232;">  homeassistant:\n
    </span><span style="color:#323232;">    container_name: homeassistant\n
    </span><span style="color:#323232;">    image: "ghcr.io/home-assistant/home-assistant:stable"\n
    </span><span style="color:#323232;">    volumes:\n
    </span><span style="color:#323232;">      - /homeassistant/:/config\n
    </span><span style="color:#323232;">      - /etc/localtime:/etc/localtime:ro\n
    </span><span style="color:#323232;">    restart: unless-stopped\n
    </span><span style="color:#323232;">    network_mode: host\n
    </span><span style="color:#323232;">    privileged: true\n
    </span><span style="color:#323232;">    ports:\n
    </span><span style="color:#323232;">      - 8123:8123\n
    </span><span style="color:#323232;">      - 5683:5683\n
    </span><span style="color:#323232;">\n
    </span><span style="color:#323232;">  nginx-proxy-manager:\n
    </span><span style="color:#323232;">    container_name: nginx\n
    </span><span style="color:#323232;">    privileged: true\n
    </span><span style="color:#323232;">    image: 'jc21/nginx-proxy-manager:latest'\n
    </span><span style="color:#323232;">    ports:\n
    </span><span style="color:#323232;">      - '80:80'\n
    </span><span style="color:#323232;">      - '81:81'\n
    </span><span style="color:#323232;">      - '443:443'\n
    </span><span style="color:#323232;">    environment:\n
    </span><span style="color:#323232;">      DB_MYSQL_HOST: "nginx-db"\n
    </span><span style="color:#323232;">      DB_MYSQL_PORT: 3306\n
    </span><span style="color:#323232;">    volumes:\n
    </span><span style="color:#323232;">      - /nginx/data:/data\n
    </span><span style="color:#323232;">      - /nginx/letsencrypt:/etc/letsencrypt\n
    </span><span style="color:#323232;">\n
    </span><span style="color:#323232;">  nginx-db:\n
    </span><span style="color:#323232;">    container_name: nginx-db\n
    </span><span style="color:#323232;">    image: 'jc21/mariadb-aria:latest'\n
    </span><span style="color:#323232;">    environment:\n
    </span><span style="color:#323232;">    volumes:\n
    </span><span style="color:#323232;">      - /nginx/mysql:/var/lib/mysql\n
    </span><span style="color:#323232;">\n
    </span><span style="color:#323232;">  vaultwarden:\n
    </span><span style="color:#323232;">    container_name: vaultwarden\n
    </span><span style="color:#323232;">    image: vaultwarden/server:latest\n
    </span><span style="color:#323232;">    restart: unless-stopped\n
    </span><span style="color:#323232;">    volumes:\n
    </span><span style="color:#323232;">      - /vaultwarden:/data/\n
    </span><span style="color:#323232;">    ports:\n
    </span><span style="color:#323232;">      - 8125:3012\n
    </span><span style="color:#323232;">      - 8124:80\n
    </span><span style="color:#323232;">    environment:\n
    </span><span style="color:#323232;">      - DOMAIN=https://vw.xxxxx.duckdns.org\n
    </span><span style="color:#323232;">      - LOGIN_RATELIMIT_MAX_BURST=10\n
    </span><span style="color:#323232;">      - LOGIN_RATELIMIT_SECONDS=60\n
    </span><span style="color:#323232;">      - ADMIN_RATELIMIT_MAX_BURST=10\n
    </span><span style="color:#323232;">      - ADMIN_RATELIMIT_SECONDS=60\n
    </span><span style="color:#323232;">      - ADMIN_TOKEN=\n
    </span><span style="color:#323232;">      - SENDS_ALLOWED=true\n
    </span><span style="color:#323232;">      - EMERGENCY_ACCESS_ALLOWED=true\n
    </span><span style="color:#323232;">      - WEB_VAULT_ENABLED=true\n
    </span><span style="color:#323232;">      - SIGNUPS_ALLOWED=true\n
    </span>\n
    ```\n
    \n
    I have forwarded the ports in the router.\n
    \n
    I have set up nginx the following:\n
    \n
    ![](https://lemmy.world/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)\n
    \n
    Issue is when I open the website, it will give me the error that hsts is enabled, even though I definitely did not check this option ( and I never did (today!).\n
    \n
    What is the reason for this?\n
    \n
    Do I have to set some sort of header?\n
    \n
    Same thing with vaultwarden, basically I set this up 1:1 except for the url whichi is vw.xxxxx.duckdns .org.
    """
  +type: "article"
  +lang: "en"
  +isOc: false
  +hasEmbed: false
  +commentCount: 15
  +favouriteCount: 30
  +score: 0
  +isAdult: false
  +sticky: false
  +lastActive: DateTime @1709146727 {#2414
    date: 2024-02-28 19:58:47.0 +01:00
  }
  +ip: null
  +adaAmount: 0
  +tags: null
  +mentions: null
  +comments: Doctrine\ORM\PersistentCollection {#1884 …}
  +votes: Doctrine\ORM\PersistentCollection {#1973 …}
  +reports: Doctrine\ORM\PersistentCollection {#1959 …}
  +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
  +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
  +badges: Doctrine\ORM\PersistentCollection {#2440 …}
  +children: []
  -id: 25290
  -titleTs: "'duckdn':11 'ha':8 'help':1 'need':2 'nginx':5 'proxi':7 'revers':6 'set':3 'use':10 'vaultwarden':9"
  -bodyTs: "'/24':88 '/config':104 '/data':154,185 '/etc/letsencrypt':156 '/etc/localtime':105,106 '/home-assistant/home-assistant:stable':101 '/homeassistant':103 '/nginx/data':153 '/nginx/letsencrypt':155 '/nginx/mysql':170 '/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)':245 '/var/lib/mysql':171 '/vaultwarden':184 '1':301,302 '10':198,207 '172.22.0.0':87 '192.168.178.214':74 '3012':188 '3306':151 '443':139,140 '5683':120,121 '60':202,211 '80':135,136,190 '81':137,138 '8123':75,118,119 '8124':189 '8125':187 'access':218 'account':51 'admin':203,208,212 'allow':215,219,226 'basic':296 'burst':197,206 'check':269 'clue':8 'configur':93 'contain':32,95,126,160,173 'db':142,147,148,159,164 'definit':266 'docker':31 'domain':192 'duckdn':50 'dyndn':61 'emerg':217 'enabl':223,262 'environ':141,168,191 'error':258 'even':263 'except':303 'expos':37 'extern':76 'follow':70,89,242 'forward':82,230 'fritzbox':57 'ghcr.io':100 'ghcr.io/home-assistant/home-assistant:stable':99 'give':255 'guy':2 'ha.xxxxx.duckdns.org':78 'header':291 'henc':16 'hey':1 'homeassist':38,68,71,92,94,97 'host':114,144 'hsts':260 'http':79 'im':14 'imag':98,131,165,176 'intern':72 'internet':43 'issu':246 'jc21/mariadb-aria':166 'jc21/nginx-proxy-manager':132 'kind':29 'latest':133,167,178 'lemmy.world':244 'lemmy.world/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)':243 'login':194,199 'manag':125 'max':196,205 'mode':113 'mysql':143,149 'name':96,127,161,174 'network':112 'never':274 'nginx':123,128,146,158,163,240 'nginx-db':145,157,162 'nginx-proxy-manag':122 'open':250 'option':271 'org':310 'port':117,134,150,186,232 'privileg':115,129 'proxi':86,124 'ratelimit':195,200,204,209 'reason':280 'restart':108,179 'ro':107 'router':56,235 'run':27 'second':201,210 'send':214 'set':47,62,65,238,287,298 'setup':54 'signup':225 'sort':289 'still':5 'stop':111,182 'stuff':13 'system':26 'thing':293 'though':264 'today':276 'token':213 'true':84,116,130,216,220,224,227 'trust':85 'ubuntu':25 'unless':110,181 'unless-stop':109,180 'updat':59 'url':73,77,306 'use':80 'vault':222 'vaultwarden':40,172,175,295 'vaultwarden/server':177 'volum':102,152,169,183 'vw.xxxxx.duckdns':309 'vw.xxxxx.duckdns.org':193 'want':35 'web':221 'websit':252 'whichi':307 'x':81"
  +cross: false
  +upVotes: 0
  +downVotes: 0
  +ranking: 1703803540
  +visibility: "visible             "
  +apId: "https://lemmy.world/post/10039683"
  +editedAt: null
  +createdAt: DateTimeImmutable @1703717140 {#1793
    date: 2023-12-27 23:45:40.0 +01:00
  }
}

null

App\Entity\EntryComment {#4041
  +user: App\Entity\User {#3989 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "selfhosted@lemmy.world"
      +title: "selfhosted"
      +description: """
        A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
        \n
        Rules:\n
        \n
        - Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
        - No spam posting.\n
        - Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
        - Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
        - No trolling.\n
        \n
        Resources:\n
        \n
        - [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
        - [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
        - [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
        \n
        > Any issues on the community? Report it using the report flag.\n
        \n
        > Questions? DM the mods!
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 222
      +entryCommentCount: 3916
      +postCount: 0
      +postCommentCount: 0
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729582735 {#275
        date: 2024-10-22 09:38:55.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 120
      +apId: "selfhosted@lemmy.world"
      +apProfileId: "https://lemmy.world/c/selfhosted"
      +apPublicUrl: "https://lemmy.world/c/selfhosted"
      +apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
      +apInboxUrl: "https://lemmy.world/inbox"
      +apDomain: "lemmy.world"
      +apPreferredUsername: "selfhosted"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1703473826 {#269
        date: 2023-12-25 04:10:26.0 +01:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1703473826 {#271
        date: 2023-12-25 04:10:26.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Help-needed-setting-up-NGINX-reverse-Proxy-HA-Vaultwarden-using"
    +title: "Help needed setting up NGINX reverse Proxy / HA / Vaultwarden using Duckdns"
    +url: null
    +body: """
      Hey Guys,\n
      \n
      so I still have no clue about most of the stuff im doing hence why I am doing it :)\n
      \n
      I have a ubuntu system running all kinds of docker containers and I want to expose homeassistant and vaultwarden to the internet.\n
      \n
      Now I have set up a Duckdns account, I have setup my Router (fritzbox) to update the dyndns settings, I have set up my homeassistant the following:\n
      \n
      ```\n
      \n
      <span style="color:#323232;">homeassistant:\n
      </span><span style="color:#323232;">  internal_url: http://192.168.178.214:8123\n
      </span><span style="color:#323232;">  external_url: https://ha.xxxxx.duckdns.org\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">http:\n
      </span><span style="color:#323232;">  use_x_forwarded_for: true\n
      </span><span style="color:#323232;">  trusted_proxies:\n
      </span><span style="color:#323232;">    - 172.22.0.0/24\n
      </span>\n
      ```\n
      \n
      Following is my Homeassistant Configuration:\n
      \n
      ```\n
      \n
      <span style="color:#323232;">  homeassistant:\n
      </span><span style="color:#323232;">    container_name: homeassistant\n
      </span><span style="color:#323232;">    image: "ghcr.io/home-assistant/home-assistant:stable"\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /homeassistant/:/config\n
      </span><span style="color:#323232;">      - /etc/localtime:/etc/localtime:ro\n
      </span><span style="color:#323232;">    restart: unless-stopped\n
      </span><span style="color:#323232;">    network_mode: host\n
      </span><span style="color:#323232;">    privileged: true\n
      </span><span style="color:#323232;">    ports:\n
      </span><span style="color:#323232;">      - 8123:8123\n
      </span><span style="color:#323232;">      - 5683:5683\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">  nginx-proxy-manager:\n
      </span><span style="color:#323232;">    container_name: nginx\n
      </span><span style="color:#323232;">    privileged: true\n
      </span><span style="color:#323232;">    image: 'jc21/nginx-proxy-manager:latest'\n
      </span><span style="color:#323232;">    ports:\n
      </span><span style="color:#323232;">      - '80:80'\n
      </span><span style="color:#323232;">      - '81:81'\n
      </span><span style="color:#323232;">      - '443:443'\n
      </span><span style="color:#323232;">    environment:\n
      </span><span style="color:#323232;">      DB_MYSQL_HOST: "nginx-db"\n
      </span><span style="color:#323232;">      DB_MYSQL_PORT: 3306\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /nginx/data:/data\n
      </span><span style="color:#323232;">      - /nginx/letsencrypt:/etc/letsencrypt\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">  nginx-db:\n
      </span><span style="color:#323232;">    container_name: nginx-db\n
      </span><span style="color:#323232;">    image: 'jc21/mariadb-aria:latest'\n
      </span><span style="color:#323232;">    environment:\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /nginx/mysql:/var/lib/mysql\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">  vaultwarden:\n
      </span><span style="color:#323232;">    container_name: vaultwarden\n
      </span><span style="color:#323232;">    image: vaultwarden/server:latest\n
      </span><span style="color:#323232;">    restart: unless-stopped\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /vaultwarden:/data/\n
      </span><span style="color:#323232;">    ports:\n
      </span><span style="color:#323232;">      - 8125:3012\n
      </span><span style="color:#323232;">      - 8124:80\n
      </span><span style="color:#323232;">    environment:\n
      </span><span style="color:#323232;">      - DOMAIN=https://vw.xxxxx.duckdns.org\n
      </span><span style="color:#323232;">      - LOGIN_RATELIMIT_MAX_BURST=10\n
      </span><span style="color:#323232;">      - LOGIN_RATELIMIT_SECONDS=60\n
      </span><span style="color:#323232;">      - ADMIN_RATELIMIT_MAX_BURST=10\n
      </span><span style="color:#323232;">      - ADMIN_RATELIMIT_SECONDS=60\n
      </span><span style="color:#323232;">      - ADMIN_TOKEN=\n
      </span><span style="color:#323232;">      - SENDS_ALLOWED=true\n
      </span><span style="color:#323232;">      - EMERGENCY_ACCESS_ALLOWED=true\n
      </span><span style="color:#323232;">      - WEB_VAULT_ENABLED=true\n
      </span><span style="color:#323232;">      - SIGNUPS_ALLOWED=true\n
      </span>\n
      ```\n
      \n
      I have forwarded the ports in the router.\n
      \n
      I have set up nginx the following:\n
      \n
      ![](https://lemmy.world/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)\n
      \n
      Issue is when I open the website, it will give me the error that hsts is enabled, even though I definitely did not check this option ( and I never did (today!).\n
      \n
      What is the reason for this?\n
      \n
      Do I have to set some sort of header?\n
      \n
      Same thing with vaultwarden, basically I set this up 1:1 except for the url whichi is vw.xxxxx.duckdns .org.
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 15
    +favouriteCount: 30
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1709146727 {#2414
      date: 2024-02-28 19:58:47.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 25290
    -titleTs: "'duckdn':11 'ha':8 'help':1 'need':2 'nginx':5 'proxi':7 'revers':6 'set':3 'use':10 'vaultwarden':9"
    -bodyTs: "'/24':88 '/config':104 '/data':154,185 '/etc/letsencrypt':156 '/etc/localtime':105,106 '/home-assistant/home-assistant:stable':101 '/homeassistant':103 '/nginx/data':153 '/nginx/letsencrypt':155 '/nginx/mysql':170 '/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)':245 '/var/lib/mysql':171 '/vaultwarden':184 '1':301,302 '10':198,207 '172.22.0.0':87 '192.168.178.214':74 '3012':188 '3306':151 '443':139,140 '5683':120,121 '60':202,211 '80':135,136,190 '81':137,138 '8123':75,118,119 '8124':189 '8125':187 'access':218 'account':51 'admin':203,208,212 'allow':215,219,226 'basic':296 'burst':197,206 'check':269 'clue':8 'configur':93 'contain':32,95,126,160,173 'db':142,147,148,159,164 'definit':266 'docker':31 'domain':192 'duckdn':50 'dyndn':61 'emerg':217 'enabl':223,262 'environ':141,168,191 'error':258 'even':263 'except':303 'expos':37 'extern':76 'follow':70,89,242 'forward':82,230 'fritzbox':57 'ghcr.io':100 'ghcr.io/home-assistant/home-assistant:stable':99 'give':255 'guy':2 'ha.xxxxx.duckdns.org':78 'header':291 'henc':16 'hey':1 'homeassist':38,68,71,92,94,97 'host':114,144 'hsts':260 'http':79 'im':14 'imag':98,131,165,176 'intern':72 'internet':43 'issu':246 'jc21/mariadb-aria':166 'jc21/nginx-proxy-manager':132 'kind':29 'latest':133,167,178 'lemmy.world':244 'lemmy.world/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)':243 'login':194,199 'manag':125 'max':196,205 'mode':113 'mysql':143,149 'name':96,127,161,174 'network':112 'never':274 'nginx':123,128,146,158,163,240 'nginx-db':145,157,162 'nginx-proxy-manag':122 'open':250 'option':271 'org':310 'port':117,134,150,186,232 'privileg':115,129 'proxi':86,124 'ratelimit':195,200,204,209 'reason':280 'restart':108,179 'ro':107 'router':56,235 'run':27 'second':201,210 'send':214 'set':47,62,65,238,287,298 'setup':54 'signup':225 'sort':289 'still':5 'stop':111,182 'stuff':13 'system':26 'thing':293 'though':264 'today':276 'token':213 'true':84,116,130,216,220,224,227 'trust':85 'ubuntu':25 'unless':110,181 'unless-stop':109,180 'updat':59 'url':73,77,306 'use':80 'vault':222 'vaultwarden':40,172,175,295 'vaultwarden/server':177 'volum':102,152,169,183 'vw.xxxxx.duckdns':309 'vw.xxxxx.duckdns.org':193 'want':35 'web':221 'websit':252 'whichi':307 'x':81"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1703803540
    +visibility: "visible             "
    +apId: "https://lemmy.world/post/10039683"
    +editedAt: null
    +createdAt: DateTimeImmutable @1703717140 {#1793
      date: 2023-12-27 23:45:40.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: null
  +root: null
  +body: "Are you absolutely sure that NPM has an IP from the subnet 172.22.0.0/24? Is there any way you can remove the `trusted_proxies` setting from homeassistant and then check if it will accept the connection from NPM?"
  +lang: "en"
  +isAdult: false
  +favouriteCount: 1
  +score: 0
  +lastActive: DateTime @1709146727 {#4052
    date: 2024-02-28 19:58:47.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@Lobotomie@lemmy.world"
    "@Lobotomie@lemmy.world"
    "@Lobotomie@lemmy.world"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4039 …}
  +nested: Doctrine\ORM\PersistentCollection {#4037 …}
  +votes: Doctrine\ORM\PersistentCollection {#4035 …}
  +reports: Doctrine\ORM\PersistentCollection {#4033 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4001 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4005 …}
  -id: 262493
  -bodyTs: "'/24':14 '172.22.0.0':13 'absolut':3 'accept':34 'check':30 'connect':36 'homeassist':27 'ip':9 'npm':6,38 'proxi':24 'remov':21 'set':25 'subnet':12 'sure':4 'trust':23 'way':18"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://sedd.it/comment/29728"
  +editedAt: DateTimeImmutable @1709092521 {#3988
    date: 2024-02-28 04:55:21.0 +01:00
  }
  +createdAt: DateTimeImmutable @1703869310 {#4051
    date: 2023-12-29 18:01:50.0 +01:00
  }
}

App\Entity\EntryComment {#4041
  +user: App\Entity\User {#3989 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "selfhosted@lemmy.world"
      +title: "selfhosted"
      +description: """
        A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
        \n
        Rules:\n
        \n
        - Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
        - No spam posting.\n
        - Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
        - Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
        - No trolling.\n
        \n
        Resources:\n
        \n
        - [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
        - [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
        - [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
        \n
        > Any issues on the community? Report it using the report flag.\n
        \n
        > Questions? DM the mods!
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 222
      +entryCommentCount: 3916
      +postCount: 0
      +postCommentCount: 0
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729582735 {#275
        date: 2024-10-22 09:38:55.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 120
      +apId: "selfhosted@lemmy.world"
      +apProfileId: "https://lemmy.world/c/selfhosted"
      +apPublicUrl: "https://lemmy.world/c/selfhosted"
      +apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
      +apInboxUrl: "https://lemmy.world/inbox"
      +apDomain: "lemmy.world"
      +apPreferredUsername: "selfhosted"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1703473826 {#269
        date: 2023-12-25 04:10:26.0 +01:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1703473826 {#271
        date: 2023-12-25 04:10:26.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Help-needed-setting-up-NGINX-reverse-Proxy-HA-Vaultwarden-using"
    +title: "Help needed setting up NGINX reverse Proxy / HA / Vaultwarden using Duckdns"
    +url: null
    +body: """
      Hey Guys,\n
      \n
      so I still have no clue about most of the stuff im doing hence why I am doing it :)\n
      \n
      I have a ubuntu system running all kinds of docker containers and I want to expose homeassistant and vaultwarden to the internet.\n
      \n
      Now I have set up a Duckdns account, I have setup my Router (fritzbox) to update the dyndns settings, I have set up my homeassistant the following:\n
      \n
      ```\n
      \n
      <span style="color:#323232;">homeassistant:\n
      </span><span style="color:#323232;">  internal_url: http://192.168.178.214:8123\n
      </span><span style="color:#323232;">  external_url: https://ha.xxxxx.duckdns.org\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">http:\n
      </span><span style="color:#323232;">  use_x_forwarded_for: true\n
      </span><span style="color:#323232;">  trusted_proxies:\n
      </span><span style="color:#323232;">    - 172.22.0.0/24\n
      </span>\n
      ```\n
      \n
      Following is my Homeassistant Configuration:\n
      \n
      ```\n
      \n
      <span style="color:#323232;">  homeassistant:\n
      </span><span style="color:#323232;">    container_name: homeassistant\n
      </span><span style="color:#323232;">    image: "ghcr.io/home-assistant/home-assistant:stable"\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /homeassistant/:/config\n
      </span><span style="color:#323232;">      - /etc/localtime:/etc/localtime:ro\n
      </span><span style="color:#323232;">    restart: unless-stopped\n
      </span><span style="color:#323232;">    network_mode: host\n
      </span><span style="color:#323232;">    privileged: true\n
      </span><span style="color:#323232;">    ports:\n
      </span><span style="color:#323232;">      - 8123:8123\n
      </span><span style="color:#323232;">      - 5683:5683\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">  nginx-proxy-manager:\n
      </span><span style="color:#323232;">    container_name: nginx\n
      </span><span style="color:#323232;">    privileged: true\n
      </span><span style="color:#323232;">    image: 'jc21/nginx-proxy-manager:latest'\n
      </span><span style="color:#323232;">    ports:\n
      </span><span style="color:#323232;">      - '80:80'\n
      </span><span style="color:#323232;">      - '81:81'\n
      </span><span style="color:#323232;">      - '443:443'\n
      </span><span style="color:#323232;">    environment:\n
      </span><span style="color:#323232;">      DB_MYSQL_HOST: "nginx-db"\n
      </span><span style="color:#323232;">      DB_MYSQL_PORT: 3306\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /nginx/data:/data\n
      </span><span style="color:#323232;">      - /nginx/letsencrypt:/etc/letsencrypt\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">  nginx-db:\n
      </span><span style="color:#323232;">    container_name: nginx-db\n
      </span><span style="color:#323232;">    image: 'jc21/mariadb-aria:latest'\n
      </span><span style="color:#323232;">    environment:\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /nginx/mysql:/var/lib/mysql\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">  vaultwarden:\n
      </span><span style="color:#323232;">    container_name: vaultwarden\n
      </span><span style="color:#323232;">    image: vaultwarden/server:latest\n
      </span><span style="color:#323232;">    restart: unless-stopped\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /vaultwarden:/data/\n
      </span><span style="color:#323232;">    ports:\n
      </span><span style="color:#323232;">      - 8125:3012\n
      </span><span style="color:#323232;">      - 8124:80\n
      </span><span style="color:#323232;">    environment:\n
      </span><span style="color:#323232;">      - DOMAIN=https://vw.xxxxx.duckdns.org\n
      </span><span style="color:#323232;">      - LOGIN_RATELIMIT_MAX_BURST=10\n
      </span><span style="color:#323232;">      - LOGIN_RATELIMIT_SECONDS=60\n
      </span><span style="color:#323232;">      - ADMIN_RATELIMIT_MAX_BURST=10\n
      </span><span style="color:#323232;">      - ADMIN_RATELIMIT_SECONDS=60\n
      </span><span style="color:#323232;">      - ADMIN_TOKEN=\n
      </span><span style="color:#323232;">      - SENDS_ALLOWED=true\n
      </span><span style="color:#323232;">      - EMERGENCY_ACCESS_ALLOWED=true\n
      </span><span style="color:#323232;">      - WEB_VAULT_ENABLED=true\n
      </span><span style="color:#323232;">      - SIGNUPS_ALLOWED=true\n
      </span>\n
      ```\n
      \n
      I have forwarded the ports in the router.\n
      \n
      I have set up nginx the following:\n
      \n
      ![](https://lemmy.world/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)\n
      \n
      Issue is when I open the website, it will give me the error that hsts is enabled, even though I definitely did not check this option ( and I never did (today!).\n
      \n
      What is the reason for this?\n
      \n
      Do I have to set some sort of header?\n
      \n
      Same thing with vaultwarden, basically I set this up 1:1 except for the url whichi is vw.xxxxx.duckdns .org.
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 15
    +favouriteCount: 30
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1709146727 {#2414
      date: 2024-02-28 19:58:47.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 25290
    -titleTs: "'duckdn':11 'ha':8 'help':1 'need':2 'nginx':5 'proxi':7 'revers':6 'set':3 'use':10 'vaultwarden':9"
    -bodyTs: "'/24':88 '/config':104 '/data':154,185 '/etc/letsencrypt':156 '/etc/localtime':105,106 '/home-assistant/home-assistant:stable':101 '/homeassistant':103 '/nginx/data':153 '/nginx/letsencrypt':155 '/nginx/mysql':170 '/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)':245 '/var/lib/mysql':171 '/vaultwarden':184 '1':301,302 '10':198,207 '172.22.0.0':87 '192.168.178.214':74 '3012':188 '3306':151 '443':139,140 '5683':120,121 '60':202,211 '80':135,136,190 '81':137,138 '8123':75,118,119 '8124':189 '8125':187 'access':218 'account':51 'admin':203,208,212 'allow':215,219,226 'basic':296 'burst':197,206 'check':269 'clue':8 'configur':93 'contain':32,95,126,160,173 'db':142,147,148,159,164 'definit':266 'docker':31 'domain':192 'duckdn':50 'dyndn':61 'emerg':217 'enabl':223,262 'environ':141,168,191 'error':258 'even':263 'except':303 'expos':37 'extern':76 'follow':70,89,242 'forward':82,230 'fritzbox':57 'ghcr.io':100 'ghcr.io/home-assistant/home-assistant:stable':99 'give':255 'guy':2 'ha.xxxxx.duckdns.org':78 'header':291 'henc':16 'hey':1 'homeassist':38,68,71,92,94,97 'host':114,144 'hsts':260 'http':79 'im':14 'imag':98,131,165,176 'intern':72 'internet':43 'issu':246 'jc21/mariadb-aria':166 'jc21/nginx-proxy-manager':132 'kind':29 'latest':133,167,178 'lemmy.world':244 'lemmy.world/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)':243 'login':194,199 'manag':125 'max':196,205 'mode':113 'mysql':143,149 'name':96,127,161,174 'network':112 'never':274 'nginx':123,128,146,158,163,240 'nginx-db':145,157,162 'nginx-proxy-manag':122 'open':250 'option':271 'org':310 'port':117,134,150,186,232 'privileg':115,129 'proxi':86,124 'ratelimit':195,200,204,209 'reason':280 'restart':108,179 'ro':107 'router':56,235 'run':27 'second':201,210 'send':214 'set':47,62,65,238,287,298 'setup':54 'signup':225 'sort':289 'still':5 'stop':111,182 'stuff':13 'system':26 'thing':293 'though':264 'today':276 'token':213 'true':84,116,130,216,220,224,227 'trust':85 'ubuntu':25 'unless':110,181 'unless-stop':109,180 'updat':59 'url':73,77,306 'use':80 'vault':222 'vaultwarden':40,172,175,295 'vaultwarden/server':177 'volum':102,152,169,183 'vw.xxxxx.duckdns':309 'vw.xxxxx.duckdns.org':193 'want':35 'web':221 'websit':252 'whichi':307 'x':81"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1703803540
    +visibility: "visible             "
    +apId: "https://lemmy.world/post/10039683"
    +editedAt: null
    +createdAt: DateTimeImmutable @1703717140 {#1793
      date: 2023-12-27 23:45:40.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: null
  +root: null
  +body: "Are you absolutely sure that NPM has an IP from the subnet 172.22.0.0/24? Is there any way you can remove the `trusted_proxies` setting from homeassistant and then check if it will accept the connection from NPM?"
  +lang: "en"
  +isAdult: false
  +favouriteCount: 1
  +score: 0
  +lastActive: DateTime @1709146727 {#4052
    date: 2024-02-28 19:58:47.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@Lobotomie@lemmy.world"
    "@Lobotomie@lemmy.world"
    "@Lobotomie@lemmy.world"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4039 …}
  +nested: Doctrine\ORM\PersistentCollection {#4037 …}
  +votes: Doctrine\ORM\PersistentCollection {#4035 …}
  +reports: Doctrine\ORM\PersistentCollection {#4033 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4001 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4005 …}
  -id: 262493
  -bodyTs: "'/24':14 '172.22.0.0':13 'absolut':3 'accept':34 'check':30 'connect':36 'homeassist':27 'ip':9 'npm':6,38 'proxi':24 'remov':21 'set':25 'subnet':12 'sure':4 'trust':23 'way':18"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://sedd.it/comment/29728"
  +editedAt: DateTimeImmutable @1709092521 {#3988
    date: 2024-02-28 04:55:21.0 +01:00
  }
  +createdAt: DateTimeImmutable @1703869310 {#4051
    date: 2023-12-29 18:01:50.0 +01:00
  }
}

App\Entity\EntryComment {#4041
  +user: App\Entity\User {#3989 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "selfhosted@lemmy.world"
      +title: "selfhosted"
      +description: """
        A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
        \n
        Rules:\n
        \n
        - Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
        - No spam posting.\n
        - Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
        - Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
        - No trolling.\n
        \n
        Resources:\n
        \n
        - [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
        - [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
        - [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
        \n
        > Any issues on the community? Report it using the report flag.\n
        \n
        > Questions? DM the mods!
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 222
      +entryCommentCount: 3916
      +postCount: 0
      +postCommentCount: 0
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729582735 {#275
        date: 2024-10-22 09:38:55.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 120
      +apId: "selfhosted@lemmy.world"
      +apProfileId: "https://lemmy.world/c/selfhosted"
      +apPublicUrl: "https://lemmy.world/c/selfhosted"
      +apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
      +apInboxUrl: "https://lemmy.world/inbox"
      +apDomain: "lemmy.world"
      +apPreferredUsername: "selfhosted"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1703473826 {#269
        date: 2023-12-25 04:10:26.0 +01:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1703473826 {#271
        date: 2023-12-25 04:10:26.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Help-needed-setting-up-NGINX-reverse-Proxy-HA-Vaultwarden-using"
    +title: "Help needed setting up NGINX reverse Proxy / HA / Vaultwarden using Duckdns"
    +url: null
    +body: """
      Hey Guys,\n
      \n
      so I still have no clue about most of the stuff im doing hence why I am doing it :)\n
      \n
      I have a ubuntu system running all kinds of docker containers and I want to expose homeassistant and vaultwarden to the internet.\n
      \n
      Now I have set up a Duckdns account, I have setup my Router (fritzbox) to update the dyndns settings, I have set up my homeassistant the following:\n
      \n
      ```\n
      \n
      <span style="color:#323232;">homeassistant:\n
      </span><span style="color:#323232;">  internal_url: http://192.168.178.214:8123\n
      </span><span style="color:#323232;">  external_url: https://ha.xxxxx.duckdns.org\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">http:\n
      </span><span style="color:#323232;">  use_x_forwarded_for: true\n
      </span><span style="color:#323232;">  trusted_proxies:\n
      </span><span style="color:#323232;">    - 172.22.0.0/24\n
      </span>\n
      ```\n
      \n
      Following is my Homeassistant Configuration:\n
      \n
      ```\n
      \n
      <span style="color:#323232;">  homeassistant:\n
      </span><span style="color:#323232;">    container_name: homeassistant\n
      </span><span style="color:#323232;">    image: "ghcr.io/home-assistant/home-assistant:stable"\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /homeassistant/:/config\n
      </span><span style="color:#323232;">      - /etc/localtime:/etc/localtime:ro\n
      </span><span style="color:#323232;">    restart: unless-stopped\n
      </span><span style="color:#323232;">    network_mode: host\n
      </span><span style="color:#323232;">    privileged: true\n
      </span><span style="color:#323232;">    ports:\n
      </span><span style="color:#323232;">      - 8123:8123\n
      </span><span style="color:#323232;">      - 5683:5683\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">  nginx-proxy-manager:\n
      </span><span style="color:#323232;">    container_name: nginx\n
      </span><span style="color:#323232;">    privileged: true\n
      </span><span style="color:#323232;">    image: 'jc21/nginx-proxy-manager:latest'\n
      </span><span style="color:#323232;">    ports:\n
      </span><span style="color:#323232;">      - '80:80'\n
      </span><span style="color:#323232;">      - '81:81'\n
      </span><span style="color:#323232;">      - '443:443'\n
      </span><span style="color:#323232;">    environment:\n
      </span><span style="color:#323232;">      DB_MYSQL_HOST: "nginx-db"\n
      </span><span style="color:#323232;">      DB_MYSQL_PORT: 3306\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /nginx/data:/data\n
      </span><span style="color:#323232;">      - /nginx/letsencrypt:/etc/letsencrypt\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">  nginx-db:\n
      </span><span style="color:#323232;">    container_name: nginx-db\n
      </span><span style="color:#323232;">    image: 'jc21/mariadb-aria:latest'\n
      </span><span style="color:#323232;">    environment:\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /nginx/mysql:/var/lib/mysql\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">  vaultwarden:\n
      </span><span style="color:#323232;">    container_name: vaultwarden\n
      </span><span style="color:#323232;">    image: vaultwarden/server:latest\n
      </span><span style="color:#323232;">    restart: unless-stopped\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /vaultwarden:/data/\n
      </span><span style="color:#323232;">    ports:\n
      </span><span style="color:#323232;">      - 8125:3012\n
      </span><span style="color:#323232;">      - 8124:80\n
      </span><span style="color:#323232;">    environment:\n
      </span><span style="color:#323232;">      - DOMAIN=https://vw.xxxxx.duckdns.org\n
      </span><span style="color:#323232;">      - LOGIN_RATELIMIT_MAX_BURST=10\n
      </span><span style="color:#323232;">      - LOGIN_RATELIMIT_SECONDS=60\n
      </span><span style="color:#323232;">      - ADMIN_RATELIMIT_MAX_BURST=10\n
      </span><span style="color:#323232;">      - ADMIN_RATELIMIT_SECONDS=60\n
      </span><span style="color:#323232;">      - ADMIN_TOKEN=\n
      </span><span style="color:#323232;">      - SENDS_ALLOWED=true\n
      </span><span style="color:#323232;">      - EMERGENCY_ACCESS_ALLOWED=true\n
      </span><span style="color:#323232;">      - WEB_VAULT_ENABLED=true\n
      </span><span style="color:#323232;">      - SIGNUPS_ALLOWED=true\n
      </span>\n
      ```\n
      \n
      I have forwarded the ports in the router.\n
      \n
      I have set up nginx the following:\n
      \n
      ![](https://lemmy.world/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)\n
      \n
      Issue is when I open the website, it will give me the error that hsts is enabled, even though I definitely did not check this option ( and I never did (today!).\n
      \n
      What is the reason for this?\n
      \n
      Do I have to set some sort of header?\n
      \n
      Same thing with vaultwarden, basically I set this up 1:1 except for the url whichi is vw.xxxxx.duckdns .org.
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 15
    +favouriteCount: 30
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1709146727 {#2414
      date: 2024-02-28 19:58:47.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 25290
    -titleTs: "'duckdn':11 'ha':8 'help':1 'need':2 'nginx':5 'proxi':7 'revers':6 'set':3 'use':10 'vaultwarden':9"
    -bodyTs: "'/24':88 '/config':104 '/data':154,185 '/etc/letsencrypt':156 '/etc/localtime':105,106 '/home-assistant/home-assistant:stable':101 '/homeassistant':103 '/nginx/data':153 '/nginx/letsencrypt':155 '/nginx/mysql':170 '/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)':245 '/var/lib/mysql':171 '/vaultwarden':184 '1':301,302 '10':198,207 '172.22.0.0':87 '192.168.178.214':74 '3012':188 '3306':151 '443':139,140 '5683':120,121 '60':202,211 '80':135,136,190 '81':137,138 '8123':75,118,119 '8124':189 '8125':187 'access':218 'account':51 'admin':203,208,212 'allow':215,219,226 'basic':296 'burst':197,206 'check':269 'clue':8 'configur':93 'contain':32,95,126,160,173 'db':142,147,148,159,164 'definit':266 'docker':31 'domain':192 'duckdn':50 'dyndn':61 'emerg':217 'enabl':223,262 'environ':141,168,191 'error':258 'even':263 'except':303 'expos':37 'extern':76 'follow':70,89,242 'forward':82,230 'fritzbox':57 'ghcr.io':100 'ghcr.io/home-assistant/home-assistant:stable':99 'give':255 'guy':2 'ha.xxxxx.duckdns.org':78 'header':291 'henc':16 'hey':1 'homeassist':38,68,71,92,94,97 'host':114,144 'hsts':260 'http':79 'im':14 'imag':98,131,165,176 'intern':72 'internet':43 'issu':246 'jc21/mariadb-aria':166 'jc21/nginx-proxy-manager':132 'kind':29 'latest':133,167,178 'lemmy.world':244 'lemmy.world/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)':243 'login':194,199 'manag':125 'max':196,205 'mode':113 'mysql':143,149 'name':96,127,161,174 'network':112 'never':274 'nginx':123,128,146,158,163,240 'nginx-db':145,157,162 'nginx-proxy-manag':122 'open':250 'option':271 'org':310 'port':117,134,150,186,232 'privileg':115,129 'proxi':86,124 'ratelimit':195,200,204,209 'reason':280 'restart':108,179 'ro':107 'router':56,235 'run':27 'second':201,210 'send':214 'set':47,62,65,238,287,298 'setup':54 'signup':225 'sort':289 'still':5 'stop':111,182 'stuff':13 'system':26 'thing':293 'though':264 'today':276 'token':213 'true':84,116,130,216,220,224,227 'trust':85 'ubuntu':25 'unless':110,181 'unless-stop':109,180 'updat':59 'url':73,77,306 'use':80 'vault':222 'vaultwarden':40,172,175,295 'vaultwarden/server':177 'volum':102,152,169,183 'vw.xxxxx.duckdns':309 'vw.xxxxx.duckdns.org':193 'want':35 'web':221 'websit':252 'whichi':307 'x':81"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1703803540
    +visibility: "visible             "
    +apId: "https://lemmy.world/post/10039683"
    +editedAt: null
    +createdAt: DateTimeImmutable @1703717140 {#1793
      date: 2023-12-27 23:45:40.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: null
  +root: null
  +body: "Are you absolutely sure that NPM has an IP from the subnet 172.22.0.0/24? Is there any way you can remove the `trusted_proxies` setting from homeassistant and then check if it will accept the connection from NPM?"
  +lang: "en"
  +isAdult: false
  +favouriteCount: 1
  +score: 0
  +lastActive: DateTime @1709146727 {#4052
    date: 2024-02-28 19:58:47.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@Lobotomie@lemmy.world"
    "@Lobotomie@lemmy.world"
    "@Lobotomie@lemmy.world"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4039 …}
  +nested: Doctrine\ORM\PersistentCollection {#4037 …}
  +votes: Doctrine\ORM\PersistentCollection {#4035 …}
  +reports: Doctrine\ORM\PersistentCollection {#4033 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4001 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4005 …}
  -id: 262493
  -bodyTs: "'/24':14 '172.22.0.0':13 'absolut':3 'accept':34 'check':30 'connect':36 'homeassist':27 'ip':9 'npm':6,38 'proxi':24 'remov':21 'set':25 'subnet':12 'sure':4 'trust':23 'way':18"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://sedd.it/comment/29728"
  +editedAt: DateTimeImmutable @1709092521 {#3988
    date: 2024-02-28 04:55:21.0 +01:00
  }
  +createdAt: DateTimeImmutable @1703869310 {#4051
    date: 2023-12-29 18:01:50.0 +01:00
  }
}

null

App\Entity\EntryComment {#4079
  +user: App\Entity\User {#4061 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "selfhosted@lemmy.world"
      +title: "selfhosted"
      +description: """
        A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
        \n
        Rules:\n
        \n
        - Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
        - No spam posting.\n
        - Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
        - Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
        - No trolling.\n
        \n
        Resources:\n
        \n
        - [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
        - [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
        - [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
        \n
        > Any issues on the community? Report it using the report flag.\n
        \n
        > Questions? DM the mods!
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 222
      +entryCommentCount: 3916
      +postCount: 0
      +postCommentCount: 0
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729582735 {#275
        date: 2024-10-22 09:38:55.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 120
      +apId: "selfhosted@lemmy.world"
      +apProfileId: "https://lemmy.world/c/selfhosted"
      +apPublicUrl: "https://lemmy.world/c/selfhosted"
      +apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
      +apInboxUrl: "https://lemmy.world/inbox"
      +apDomain: "lemmy.world"
      +apPreferredUsername: "selfhosted"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1703473826 {#269
        date: 2023-12-25 04:10:26.0 +01:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1703473826 {#271
        date: 2023-12-25 04:10:26.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Help-needed-setting-up-NGINX-reverse-Proxy-HA-Vaultwarden-using"
    +title: "Help needed setting up NGINX reverse Proxy / HA / Vaultwarden using Duckdns"
    +url: null
    +body: """
      Hey Guys,\n
      \n
      so I still have no clue about most of the stuff im doing hence why I am doing it :)\n
      \n
      I have a ubuntu system running all kinds of docker containers and I want to expose homeassistant and vaultwarden to the internet.\n
      \n
      Now I have set up a Duckdns account, I have setup my Router (fritzbox) to update the dyndns settings, I have set up my homeassistant the following:\n
      \n
      ```\n
      \n
      <span style="color:#323232;">homeassistant:\n
      </span><span style="color:#323232;">  internal_url: http://192.168.178.214:8123\n
      </span><span style="color:#323232;">  external_url: https://ha.xxxxx.duckdns.org\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">http:\n
      </span><span style="color:#323232;">  use_x_forwarded_for: true\n
      </span><span style="color:#323232;">  trusted_proxies:\n
      </span><span style="color:#323232;">    - 172.22.0.0/24\n
      </span>\n
      ```\n
      \n
      Following is my Homeassistant Configuration:\n
      \n
      ```\n
      \n
      <span style="color:#323232;">  homeassistant:\n
      </span><span style="color:#323232;">    container_name: homeassistant\n
      </span><span style="color:#323232;">    image: "ghcr.io/home-assistant/home-assistant:stable"\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /homeassistant/:/config\n
      </span><span style="color:#323232;">      - /etc/localtime:/etc/localtime:ro\n
      </span><span style="color:#323232;">    restart: unless-stopped\n
      </span><span style="color:#323232;">    network_mode: host\n
      </span><span style="color:#323232;">    privileged: true\n
      </span><span style="color:#323232;">    ports:\n
      </span><span style="color:#323232;">      - 8123:8123\n
      </span><span style="color:#323232;">      - 5683:5683\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">  nginx-proxy-manager:\n
      </span><span style="color:#323232;">    container_name: nginx\n
      </span><span style="color:#323232;">    privileged: true\n
      </span><span style="color:#323232;">    image: 'jc21/nginx-proxy-manager:latest'\n
      </span><span style="color:#323232;">    ports:\n
      </span><span style="color:#323232;">      - '80:80'\n
      </span><span style="color:#323232;">      - '81:81'\n
      </span><span style="color:#323232;">      - '443:443'\n
      </span><span style="color:#323232;">    environment:\n
      </span><span style="color:#323232;">      DB_MYSQL_HOST: "nginx-db"\n
      </span><span style="color:#323232;">      DB_MYSQL_PORT: 3306\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /nginx/data:/data\n
      </span><span style="color:#323232;">      - /nginx/letsencrypt:/etc/letsencrypt\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">  nginx-db:\n
      </span><span style="color:#323232;">    container_name: nginx-db\n
      </span><span style="color:#323232;">    image: 'jc21/mariadb-aria:latest'\n
      </span><span style="color:#323232;">    environment:\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /nginx/mysql:/var/lib/mysql\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">  vaultwarden:\n
      </span><span style="color:#323232;">    container_name: vaultwarden\n
      </span><span style="color:#323232;">    image: vaultwarden/server:latest\n
      </span><span style="color:#323232;">    restart: unless-stopped\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /vaultwarden:/data/\n
      </span><span style="color:#323232;">    ports:\n
      </span><span style="color:#323232;">      - 8125:3012\n
      </span><span style="color:#323232;">      - 8124:80\n
      </span><span style="color:#323232;">    environment:\n
      </span><span style="color:#323232;">      - DOMAIN=https://vw.xxxxx.duckdns.org\n
      </span><span style="color:#323232;">      - LOGIN_RATELIMIT_MAX_BURST=10\n
      </span><span style="color:#323232;">      - LOGIN_RATELIMIT_SECONDS=60\n
      </span><span style="color:#323232;">      - ADMIN_RATELIMIT_MAX_BURST=10\n
      </span><span style="color:#323232;">      - ADMIN_RATELIMIT_SECONDS=60\n
      </span><span style="color:#323232;">      - ADMIN_TOKEN=\n
      </span><span style="color:#323232;">      - SENDS_ALLOWED=true\n
      </span><span style="color:#323232;">      - EMERGENCY_ACCESS_ALLOWED=true\n
      </span><span style="color:#323232;">      - WEB_VAULT_ENABLED=true\n
      </span><span style="color:#323232;">      - SIGNUPS_ALLOWED=true\n
      </span>\n
      ```\n
      \n
      I have forwarded the ports in the router.\n
      \n
      I have set up nginx the following:\n
      \n
      ![](https://lemmy.world/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)\n
      \n
      Issue is when I open the website, it will give me the error that hsts is enabled, even though I definitely did not check this option ( and I never did (today!).\n
      \n
      What is the reason for this?\n
      \n
      Do I have to set some sort of header?\n
      \n
      Same thing with vaultwarden, basically I set this up 1:1 except for the url whichi is vw.xxxxx.duckdns .org.
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 15
    +favouriteCount: 30
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1709146727 {#2414
      date: 2024-02-28 19:58:47.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 25290
    -titleTs: "'duckdn':11 'ha':8 'help':1 'need':2 'nginx':5 'proxi':7 'revers':6 'set':3 'use':10 'vaultwarden':9"
    -bodyTs: "'/24':88 '/config':104 '/data':154,185 '/etc/letsencrypt':156 '/etc/localtime':105,106 '/home-assistant/home-assistant:stable':101 '/homeassistant':103 '/nginx/data':153 '/nginx/letsencrypt':155 '/nginx/mysql':170 '/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)':245 '/var/lib/mysql':171 '/vaultwarden':184 '1':301,302 '10':198,207 '172.22.0.0':87 '192.168.178.214':74 '3012':188 '3306':151 '443':139,140 '5683':120,121 '60':202,211 '80':135,136,190 '81':137,138 '8123':75,118,119 '8124':189 '8125':187 'access':218 'account':51 'admin':203,208,212 'allow':215,219,226 'basic':296 'burst':197,206 'check':269 'clue':8 'configur':93 'contain':32,95,126,160,173 'db':142,147,148,159,164 'definit':266 'docker':31 'domain':192 'duckdn':50 'dyndn':61 'emerg':217 'enabl':223,262 'environ':141,168,191 'error':258 'even':263 'except':303 'expos':37 'extern':76 'follow':70,89,242 'forward':82,230 'fritzbox':57 'ghcr.io':100 'ghcr.io/home-assistant/home-assistant:stable':99 'give':255 'guy':2 'ha.xxxxx.duckdns.org':78 'header':291 'henc':16 'hey':1 'homeassist':38,68,71,92,94,97 'host':114,144 'hsts':260 'http':79 'im':14 'imag':98,131,165,176 'intern':72 'internet':43 'issu':246 'jc21/mariadb-aria':166 'jc21/nginx-proxy-manager':132 'kind':29 'latest':133,167,178 'lemmy.world':244 'lemmy.world/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)':243 'login':194,199 'manag':125 'max':196,205 'mode':113 'mysql':143,149 'name':96,127,161,174 'network':112 'never':274 'nginx':123,128,146,158,163,240 'nginx-db':145,157,162 'nginx-proxy-manag':122 'open':250 'option':271 'org':310 'port':117,134,150,186,232 'privileg':115,129 'proxi':86,124 'ratelimit':195,200,204,209 'reason':280 'restart':108,179 'ro':107 'router':56,235 'run':27 'second':201,210 'send':214 'set':47,62,65,238,287,298 'setup':54 'signup':225 'sort':289 'still':5 'stop':111,182 'stuff':13 'system':26 'thing':293 'though':264 'today':276 'token':213 'true':84,116,130,216,220,224,227 'trust':85 'ubuntu':25 'unless':110,181 'unless-stop':109,180 'updat':59 'url':73,77,306 'use':80 'vault':222 'vaultwarden':40,172,175,295 'vaultwarden/server':177 'volum':102,152,169,183 'vw.xxxxx.duckdns':309 'vw.xxxxx.duckdns.org':193 'want':35 'web':221 'websit':252 'whichi':307 'x':81"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1703803540
    +visibility: "visible             "
    +apId: "https://lemmy.world/post/10039683"
    +editedAt: null
    +createdAt: DateTimeImmutable @1703717140 {#1793
      date: 2023-12-27 23:45:40.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: null
  +root: null
  +body: """
    What cert did you put on the proxy answering the inbound? Usually that error means either the browser doesn’t like the cert, or it’s connecting to 80, and modern browsers really fight you on that sometimes. Also, cache. Clear your cache if you’re bouncing between internal URL/IP and the public.\n
    \n
    I assume you just want to expose to internet to learn art of reverse. Otherwise there’s better ways.
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 3
  +score: 0
  +lastActive: DateTime @1708785732 {#4085
    date: 2024-02-24 15:42:12.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@Lobotomie@lemmy.world"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4076 …}
  +nested: Doctrine\ORM\PersistentCollection {#4074 …}
  +votes: Doctrine\ORM\PersistentCollection {#4071 …}
  +reports: Doctrine\ORM\PersistentCollection {#4067 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4065 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4063 …}
  -id: 258005
  -bodyTs: "'80':29 'also':39 'answer':9 'art':65 'assum':55 'better':71 'bounc':47 'browser':18,32 'cach':40,43 'cert':2,23 'clear':41 'connect':27 'doesn':19 'either':16 'error':14 'expos':60 'fight':34 'inbound':11 'intern':49 'internet':62 'learn':64 'like':21 'mean':15 'modern':31 'otherwis':68 'proxi':8 'public':53 'put':5 're':46 'realli':33 'revers':67 'sometim':38 'url/ip':50 'usual':12 'want':58 'way':72"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://infosec.pub/comment/5279971"
  +editedAt: null
  +createdAt: DateTimeImmutable @1703722390 {#4082
    date: 2023-12-28 01:13:10.0 +01:00
  }
}

App\Entity\EntryComment {#4079
  +user: App\Entity\User {#4061 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "selfhosted@lemmy.world"
      +title: "selfhosted"
      +description: """
        A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
        \n
        Rules:\n
        \n
        - Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
        - No spam posting.\n
        - Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
        - Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
        - No trolling.\n
        \n
        Resources:\n
        \n
        - [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
        - [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
        - [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
        \n
        > Any issues on the community? Report it using the report flag.\n
        \n
        > Questions? DM the mods!
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 222
      +entryCommentCount: 3916
      +postCount: 0
      +postCommentCount: 0
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729582735 {#275
        date: 2024-10-22 09:38:55.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 120
      +apId: "selfhosted@lemmy.world"
      +apProfileId: "https://lemmy.world/c/selfhosted"
      +apPublicUrl: "https://lemmy.world/c/selfhosted"
      +apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
      +apInboxUrl: "https://lemmy.world/inbox"
      +apDomain: "lemmy.world"
      +apPreferredUsername: "selfhosted"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1703473826 {#269
        date: 2023-12-25 04:10:26.0 +01:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1703473826 {#271
        date: 2023-12-25 04:10:26.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Help-needed-setting-up-NGINX-reverse-Proxy-HA-Vaultwarden-using"
    +title: "Help needed setting up NGINX reverse Proxy / HA / Vaultwarden using Duckdns"
    +url: null
    +body: """
      Hey Guys,\n
      \n
      so I still have no clue about most of the stuff im doing hence why I am doing it :)\n
      \n
      I have a ubuntu system running all kinds of docker containers and I want to expose homeassistant and vaultwarden to the internet.\n
      \n
      Now I have set up a Duckdns account, I have setup my Router (fritzbox) to update the dyndns settings, I have set up my homeassistant the following:\n
      \n
      ```\n
      \n
      <span style="color:#323232;">homeassistant:\n
      </span><span style="color:#323232;">  internal_url: http://192.168.178.214:8123\n
      </span><span style="color:#323232;">  external_url: https://ha.xxxxx.duckdns.org\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">http:\n
      </span><span style="color:#323232;">  use_x_forwarded_for: true\n
      </span><span style="color:#323232;">  trusted_proxies:\n
      </span><span style="color:#323232;">    - 172.22.0.0/24\n
      </span>\n
      ```\n
      \n
      Following is my Homeassistant Configuration:\n
      \n
      ```\n
      \n
      <span style="color:#323232;">  homeassistant:\n
      </span><span style="color:#323232;">    container_name: homeassistant\n
      </span><span style="color:#323232;">    image: "ghcr.io/home-assistant/home-assistant:stable"\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /homeassistant/:/config\n
      </span><span style="color:#323232;">      - /etc/localtime:/etc/localtime:ro\n
      </span><span style="color:#323232;">    restart: unless-stopped\n
      </span><span style="color:#323232;">    network_mode: host\n
      </span><span style="color:#323232;">    privileged: true\n
      </span><span style="color:#323232;">    ports:\n
      </span><span style="color:#323232;">      - 8123:8123\n
      </span><span style="color:#323232;">      - 5683:5683\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">  nginx-proxy-manager:\n
      </span><span style="color:#323232;">    container_name: nginx\n
      </span><span style="color:#323232;">    privileged: true\n
      </span><span style="color:#323232;">    image: 'jc21/nginx-proxy-manager:latest'\n
      </span><span style="color:#323232;">    ports:\n
      </span><span style="color:#323232;">      - '80:80'\n
      </span><span style="color:#323232;">      - '81:81'\n
      </span><span style="color:#323232;">      - '443:443'\n
      </span><span style="color:#323232;">    environment:\n
      </span><span style="color:#323232;">      DB_MYSQL_HOST: "nginx-db"\n
      </span><span style="color:#323232;">      DB_MYSQL_PORT: 3306\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /nginx/data:/data\n
      </span><span style="color:#323232;">      - /nginx/letsencrypt:/etc/letsencrypt\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">  nginx-db:\n
      </span><span style="color:#323232;">    container_name: nginx-db\n
      </span><span style="color:#323232;">    image: 'jc21/mariadb-aria:latest'\n
      </span><span style="color:#323232;">    environment:\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /nginx/mysql:/var/lib/mysql\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">  vaultwarden:\n
      </span><span style="color:#323232;">    container_name: vaultwarden\n
      </span><span style="color:#323232;">    image: vaultwarden/server:latest\n
      </span><span style="color:#323232;">    restart: unless-stopped\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /vaultwarden:/data/\n
      </span><span style="color:#323232;">    ports:\n
      </span><span style="color:#323232;">      - 8125:3012\n
      </span><span style="color:#323232;">      - 8124:80\n
      </span><span style="color:#323232;">    environment:\n
      </span><span style="color:#323232;">      - DOMAIN=https://vw.xxxxx.duckdns.org\n
      </span><span style="color:#323232;">      - LOGIN_RATELIMIT_MAX_BURST=10\n
      </span><span style="color:#323232;">      - LOGIN_RATELIMIT_SECONDS=60\n
      </span><span style="color:#323232;">      - ADMIN_RATELIMIT_MAX_BURST=10\n
      </span><span style="color:#323232;">      - ADMIN_RATELIMIT_SECONDS=60\n
      </span><span style="color:#323232;">      - ADMIN_TOKEN=\n
      </span><span style="color:#323232;">      - SENDS_ALLOWED=true\n
      </span><span style="color:#323232;">      - EMERGENCY_ACCESS_ALLOWED=true\n
      </span><span style="color:#323232;">      - WEB_VAULT_ENABLED=true\n
      </span><span style="color:#323232;">      - SIGNUPS_ALLOWED=true\n
      </span>\n
      ```\n
      \n
      I have forwarded the ports in the router.\n
      \n
      I have set up nginx the following:\n
      \n
      ![](https://lemmy.world/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)\n
      \n
      Issue is when I open the website, it will give me the error that hsts is enabled, even though I definitely did not check this option ( and I never did (today!).\n
      \n
      What is the reason for this?\n
      \n
      Do I have to set some sort of header?\n
      \n
      Same thing with vaultwarden, basically I set this up 1:1 except for the url whichi is vw.xxxxx.duckdns .org.
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 15
    +favouriteCount: 30
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1709146727 {#2414
      date: 2024-02-28 19:58:47.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 25290
    -titleTs: "'duckdn':11 'ha':8 'help':1 'need':2 'nginx':5 'proxi':7 'revers':6 'set':3 'use':10 'vaultwarden':9"
    -bodyTs: "'/24':88 '/config':104 '/data':154,185 '/etc/letsencrypt':156 '/etc/localtime':105,106 '/home-assistant/home-assistant:stable':101 '/homeassistant':103 '/nginx/data':153 '/nginx/letsencrypt':155 '/nginx/mysql':170 '/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)':245 '/var/lib/mysql':171 '/vaultwarden':184 '1':301,302 '10':198,207 '172.22.0.0':87 '192.168.178.214':74 '3012':188 '3306':151 '443':139,140 '5683':120,121 '60':202,211 '80':135,136,190 '81':137,138 '8123':75,118,119 '8124':189 '8125':187 'access':218 'account':51 'admin':203,208,212 'allow':215,219,226 'basic':296 'burst':197,206 'check':269 'clue':8 'configur':93 'contain':32,95,126,160,173 'db':142,147,148,159,164 'definit':266 'docker':31 'domain':192 'duckdn':50 'dyndn':61 'emerg':217 'enabl':223,262 'environ':141,168,191 'error':258 'even':263 'except':303 'expos':37 'extern':76 'follow':70,89,242 'forward':82,230 'fritzbox':57 'ghcr.io':100 'ghcr.io/home-assistant/home-assistant:stable':99 'give':255 'guy':2 'ha.xxxxx.duckdns.org':78 'header':291 'henc':16 'hey':1 'homeassist':38,68,71,92,94,97 'host':114,144 'hsts':260 'http':79 'im':14 'imag':98,131,165,176 'intern':72 'internet':43 'issu':246 'jc21/mariadb-aria':166 'jc21/nginx-proxy-manager':132 'kind':29 'latest':133,167,178 'lemmy.world':244 'lemmy.world/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)':243 'login':194,199 'manag':125 'max':196,205 'mode':113 'mysql':143,149 'name':96,127,161,174 'network':112 'never':274 'nginx':123,128,146,158,163,240 'nginx-db':145,157,162 'nginx-proxy-manag':122 'open':250 'option':271 'org':310 'port':117,134,150,186,232 'privileg':115,129 'proxi':86,124 'ratelimit':195,200,204,209 'reason':280 'restart':108,179 'ro':107 'router':56,235 'run':27 'second':201,210 'send':214 'set':47,62,65,238,287,298 'setup':54 'signup':225 'sort':289 'still':5 'stop':111,182 'stuff':13 'system':26 'thing':293 'though':264 'today':276 'token':213 'true':84,116,130,216,220,224,227 'trust':85 'ubuntu':25 'unless':110,181 'unless-stop':109,180 'updat':59 'url':73,77,306 'use':80 'vault':222 'vaultwarden':40,172,175,295 'vaultwarden/server':177 'volum':102,152,169,183 'vw.xxxxx.duckdns':309 'vw.xxxxx.duckdns.org':193 'want':35 'web':221 'websit':252 'whichi':307 'x':81"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1703803540
    +visibility: "visible             "
    +apId: "https://lemmy.world/post/10039683"
    +editedAt: null
    +createdAt: DateTimeImmutable @1703717140 {#1793
      date: 2023-12-27 23:45:40.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: null
  +root: null
  +body: """
    What cert did you put on the proxy answering the inbound? Usually that error means either the browser doesn’t like the cert, or it’s connecting to 80, and modern browsers really fight you on that sometimes. Also, cache. Clear your cache if you’re bouncing between internal URL/IP and the public.\n
    \n
    I assume you just want to expose to internet to learn art of reverse. Otherwise there’s better ways.
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 3
  +score: 0
  +lastActive: DateTime @1708785732 {#4085
    date: 2024-02-24 15:42:12.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@Lobotomie@lemmy.world"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4076 …}
  +nested: Doctrine\ORM\PersistentCollection {#4074 …}
  +votes: Doctrine\ORM\PersistentCollection {#4071 …}
  +reports: Doctrine\ORM\PersistentCollection {#4067 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4065 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4063 …}
  -id: 258005
  -bodyTs: "'80':29 'also':39 'answer':9 'art':65 'assum':55 'better':71 'bounc':47 'browser':18,32 'cach':40,43 'cert':2,23 'clear':41 'connect':27 'doesn':19 'either':16 'error':14 'expos':60 'fight':34 'inbound':11 'intern':49 'internet':62 'learn':64 'like':21 'mean':15 'modern':31 'otherwis':68 'proxi':8 'public':53 'put':5 're':46 'realli':33 'revers':67 'sometim':38 'url/ip':50 'usual':12 'want':58 'way':72"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://infosec.pub/comment/5279971"
  +editedAt: null
  +createdAt: DateTimeImmutable @1703722390 {#4082
    date: 2023-12-28 01:13:10.0 +01:00
  }
}

App\Entity\EntryComment {#4079
  +user: App\Entity\User {#4061 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "selfhosted@lemmy.world"
      +title: "selfhosted"
      +description: """
        A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
        \n
        Rules:\n
        \n
        - Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
        - No spam posting.\n
        - Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
        - Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
        - No trolling.\n
        \n
        Resources:\n
        \n
        - [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
        - [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
        - [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
        \n
        > Any issues on the community? Report it using the report flag.\n
        \n
        > Questions? DM the mods!
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 222
      +entryCommentCount: 3916
      +postCount: 0
      +postCommentCount: 0
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729582735 {#275
        date: 2024-10-22 09:38:55.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 120
      +apId: "selfhosted@lemmy.world"
      +apProfileId: "https://lemmy.world/c/selfhosted"
      +apPublicUrl: "https://lemmy.world/c/selfhosted"
      +apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
      +apInboxUrl: "https://lemmy.world/inbox"
      +apDomain: "lemmy.world"
      +apPreferredUsername: "selfhosted"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1703473826 {#269
        date: 2023-12-25 04:10:26.0 +01:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1703473826 {#271
        date: 2023-12-25 04:10:26.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Help-needed-setting-up-NGINX-reverse-Proxy-HA-Vaultwarden-using"
    +title: "Help needed setting up NGINX reverse Proxy / HA / Vaultwarden using Duckdns"
    +url: null
    +body: """
      Hey Guys,\n
      \n
      so I still have no clue about most of the stuff im doing hence why I am doing it :)\n
      \n
      I have a ubuntu system running all kinds of docker containers and I want to expose homeassistant and vaultwarden to the internet.\n
      \n
      Now I have set up a Duckdns account, I have setup my Router (fritzbox) to update the dyndns settings, I have set up my homeassistant the following:\n
      \n
      ```\n
      \n
      <span style="color:#323232;">homeassistant:\n
      </span><span style="color:#323232;">  internal_url: http://192.168.178.214:8123\n
      </span><span style="color:#323232;">  external_url: https://ha.xxxxx.duckdns.org\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">http:\n
      </span><span style="color:#323232;">  use_x_forwarded_for: true\n
      </span><span style="color:#323232;">  trusted_proxies:\n
      </span><span style="color:#323232;">    - 172.22.0.0/24\n
      </span>\n
      ```\n
      \n
      Following is my Homeassistant Configuration:\n
      \n
      ```\n
      \n
      <span style="color:#323232;">  homeassistant:\n
      </span><span style="color:#323232;">    container_name: homeassistant\n
      </span><span style="color:#323232;">    image: "ghcr.io/home-assistant/home-assistant:stable"\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /homeassistant/:/config\n
      </span><span style="color:#323232;">      - /etc/localtime:/etc/localtime:ro\n
      </span><span style="color:#323232;">    restart: unless-stopped\n
      </span><span style="color:#323232;">    network_mode: host\n
      </span><span style="color:#323232;">    privileged: true\n
      </span><span style="color:#323232;">    ports:\n
      </span><span style="color:#323232;">      - 8123:8123\n
      </span><span style="color:#323232;">      - 5683:5683\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">  nginx-proxy-manager:\n
      </span><span style="color:#323232;">    container_name: nginx\n
      </span><span style="color:#323232;">    privileged: true\n
      </span><span style="color:#323232;">    image: 'jc21/nginx-proxy-manager:latest'\n
      </span><span style="color:#323232;">    ports:\n
      </span><span style="color:#323232;">      - '80:80'\n
      </span><span style="color:#323232;">      - '81:81'\n
      </span><span style="color:#323232;">      - '443:443'\n
      </span><span style="color:#323232;">    environment:\n
      </span><span style="color:#323232;">      DB_MYSQL_HOST: "nginx-db"\n
      </span><span style="color:#323232;">      DB_MYSQL_PORT: 3306\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /nginx/data:/data\n
      </span><span style="color:#323232;">      - /nginx/letsencrypt:/etc/letsencrypt\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">  nginx-db:\n
      </span><span style="color:#323232;">    container_name: nginx-db\n
      </span><span style="color:#323232;">    image: 'jc21/mariadb-aria:latest'\n
      </span><span style="color:#323232;">    environment:\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /nginx/mysql:/var/lib/mysql\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">  vaultwarden:\n
      </span><span style="color:#323232;">    container_name: vaultwarden\n
      </span><span style="color:#323232;">    image: vaultwarden/server:latest\n
      </span><span style="color:#323232;">    restart: unless-stopped\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /vaultwarden:/data/\n
      </span><span style="color:#323232;">    ports:\n
      </span><span style="color:#323232;">      - 8125:3012\n
      </span><span style="color:#323232;">      - 8124:80\n
      </span><span style="color:#323232;">    environment:\n
      </span><span style="color:#323232;">      - DOMAIN=https://vw.xxxxx.duckdns.org\n
      </span><span style="color:#323232;">      - LOGIN_RATELIMIT_MAX_BURST=10\n
      </span><span style="color:#323232;">      - LOGIN_RATELIMIT_SECONDS=60\n
      </span><span style="color:#323232;">      - ADMIN_RATELIMIT_MAX_BURST=10\n
      </span><span style="color:#323232;">      - ADMIN_RATELIMIT_SECONDS=60\n
      </span><span style="color:#323232;">      - ADMIN_TOKEN=\n
      </span><span style="color:#323232;">      - SENDS_ALLOWED=true\n
      </span><span style="color:#323232;">      - EMERGENCY_ACCESS_ALLOWED=true\n
      </span><span style="color:#323232;">      - WEB_VAULT_ENABLED=true\n
      </span><span style="color:#323232;">      - SIGNUPS_ALLOWED=true\n
      </span>\n
      ```\n
      \n
      I have forwarded the ports in the router.\n
      \n
      I have set up nginx the following:\n
      \n
      ![](https://lemmy.world/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)\n
      \n
      Issue is when I open the website, it will give me the error that hsts is enabled, even though I definitely did not check this option ( and I never did (today!).\n
      \n
      What is the reason for this?\n
      \n
      Do I have to set some sort of header?\n
      \n
      Same thing with vaultwarden, basically I set this up 1:1 except for the url whichi is vw.xxxxx.duckdns .org.
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 15
    +favouriteCount: 30
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1709146727 {#2414
      date: 2024-02-28 19:58:47.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 25290
    -titleTs: "'duckdn':11 'ha':8 'help':1 'need':2 'nginx':5 'proxi':7 'revers':6 'set':3 'use':10 'vaultwarden':9"
    -bodyTs: "'/24':88 '/config':104 '/data':154,185 '/etc/letsencrypt':156 '/etc/localtime':105,106 '/home-assistant/home-assistant:stable':101 '/homeassistant':103 '/nginx/data':153 '/nginx/letsencrypt':155 '/nginx/mysql':170 '/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)':245 '/var/lib/mysql':171 '/vaultwarden':184 '1':301,302 '10':198,207 '172.22.0.0':87 '192.168.178.214':74 '3012':188 '3306':151 '443':139,140 '5683':120,121 '60':202,211 '80':135,136,190 '81':137,138 '8123':75,118,119 '8124':189 '8125':187 'access':218 'account':51 'admin':203,208,212 'allow':215,219,226 'basic':296 'burst':197,206 'check':269 'clue':8 'configur':93 'contain':32,95,126,160,173 'db':142,147,148,159,164 'definit':266 'docker':31 'domain':192 'duckdn':50 'dyndn':61 'emerg':217 'enabl':223,262 'environ':141,168,191 'error':258 'even':263 'except':303 'expos':37 'extern':76 'follow':70,89,242 'forward':82,230 'fritzbox':57 'ghcr.io':100 'ghcr.io/home-assistant/home-assistant:stable':99 'give':255 'guy':2 'ha.xxxxx.duckdns.org':78 'header':291 'henc':16 'hey':1 'homeassist':38,68,71,92,94,97 'host':114,144 'hsts':260 'http':79 'im':14 'imag':98,131,165,176 'intern':72 'internet':43 'issu':246 'jc21/mariadb-aria':166 'jc21/nginx-proxy-manager':132 'kind':29 'latest':133,167,178 'lemmy.world':244 'lemmy.world/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)':243 'login':194,199 'manag':125 'max':196,205 'mode':113 'mysql':143,149 'name':96,127,161,174 'network':112 'never':274 'nginx':123,128,146,158,163,240 'nginx-db':145,157,162 'nginx-proxy-manag':122 'open':250 'option':271 'org':310 'port':117,134,150,186,232 'privileg':115,129 'proxi':86,124 'ratelimit':195,200,204,209 'reason':280 'restart':108,179 'ro':107 'router':56,235 'run':27 'second':201,210 'send':214 'set':47,62,65,238,287,298 'setup':54 'signup':225 'sort':289 'still':5 'stop':111,182 'stuff':13 'system':26 'thing':293 'though':264 'today':276 'token':213 'true':84,116,130,216,220,224,227 'trust':85 'ubuntu':25 'unless':110,181 'unless-stop':109,180 'updat':59 'url':73,77,306 'use':80 'vault':222 'vaultwarden':40,172,175,295 'vaultwarden/server':177 'volum':102,152,169,183 'vw.xxxxx.duckdns':309 'vw.xxxxx.duckdns.org':193 'want':35 'web':221 'websit':252 'whichi':307 'x':81"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1703803540
    +visibility: "visible             "
    +apId: "https://lemmy.world/post/10039683"
    +editedAt: null
    +createdAt: DateTimeImmutable @1703717140 {#1793
      date: 2023-12-27 23:45:40.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: null
  +root: null
  +body: """
    What cert did you put on the proxy answering the inbound? Usually that error means either the browser doesn’t like the cert, or it’s connecting to 80, and modern browsers really fight you on that sometimes. Also, cache. Clear your cache if you’re bouncing between internal URL/IP and the public.\n
    \n
    I assume you just want to expose to internet to learn art of reverse. Otherwise there’s better ways.
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 3
  +score: 0
  +lastActive: DateTime @1708785732 {#4085
    date: 2024-02-24 15:42:12.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@Lobotomie@lemmy.world"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4076 …}
  +nested: Doctrine\ORM\PersistentCollection {#4074 …}
  +votes: Doctrine\ORM\PersistentCollection {#4071 …}
  +reports: Doctrine\ORM\PersistentCollection {#4067 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4065 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4063 …}
  -id: 258005
  -bodyTs: "'80':29 'also':39 'answer':9 'art':65 'assum':55 'better':71 'bounc':47 'browser':18,32 'cach':40,43 'cert':2,23 'clear':41 'connect':27 'doesn':19 'either':16 'error':14 'expos':60 'fight':34 'inbound':11 'intern':49 'internet':62 'learn':64 'like':21 'mean':15 'modern':31 'otherwis':68 'proxi':8 'public':53 'put':5 're':46 'realli':33 'revers':67 'sometim':38 'url/ip':50 'usual':12 'want':58 'way':72"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://infosec.pub/comment/5279971"
  +editedAt: null
  +createdAt: DateTimeImmutable @1703722390 {#4082
    date: 2023-12-28 01:13:10.0 +01:00
  }
}

null

App\Entity\EntryComment {#4165
  +user: App\Entity\User {#4178 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "selfhosted@lemmy.world"
      +title: "selfhosted"
      +description: """
        A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
        \n
        Rules:\n
        \n
        - Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
        - No spam posting.\n
        - Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
        - Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
        - No trolling.\n
        \n
        Resources:\n
        \n
        - [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
        - [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
        - [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
        \n
        > Any issues on the community? Report it using the report flag.\n
        \n
        > Questions? DM the mods!
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 222
      +entryCommentCount: 3916
      +postCount: 0
      +postCommentCount: 0
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729582735 {#275
        date: 2024-10-22 09:38:55.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 120
      +apId: "selfhosted@lemmy.world"
      +apProfileId: "https://lemmy.world/c/selfhosted"
      +apPublicUrl: "https://lemmy.world/c/selfhosted"
      +apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
      +apInboxUrl: "https://lemmy.world/inbox"
      +apDomain: "lemmy.world"
      +apPreferredUsername: "selfhosted"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1703473826 {#269
        date: 2023-12-25 04:10:26.0 +01:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1703473826 {#271
        date: 2023-12-25 04:10:26.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Help-needed-setting-up-NGINX-reverse-Proxy-HA-Vaultwarden-using"
    +title: "Help needed setting up NGINX reverse Proxy / HA / Vaultwarden using Duckdns"
    +url: null
    +body: """
      Hey Guys,\n
      \n
      so I still have no clue about most of the stuff im doing hence why I am doing it :)\n
      \n
      I have a ubuntu system running all kinds of docker containers and I want to expose homeassistant and vaultwarden to the internet.\n
      \n
      Now I have set up a Duckdns account, I have setup my Router (fritzbox) to update the dyndns settings, I have set up my homeassistant the following:\n
      \n
      ```\n
      \n
      <span style="color:#323232;">homeassistant:\n
      </span><span style="color:#323232;">  internal_url: http://192.168.178.214:8123\n
      </span><span style="color:#323232;">  external_url: https://ha.xxxxx.duckdns.org\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">http:\n
      </span><span style="color:#323232;">  use_x_forwarded_for: true\n
      </span><span style="color:#323232;">  trusted_proxies:\n
      </span><span style="color:#323232;">    - 172.22.0.0/24\n
      </span>\n
      ```\n
      \n
      Following is my Homeassistant Configuration:\n
      \n
      ```\n
      \n
      <span style="color:#323232;">  homeassistant:\n
      </span><span style="color:#323232;">    container_name: homeassistant\n
      </span><span style="color:#323232;">    image: "ghcr.io/home-assistant/home-assistant:stable"\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /homeassistant/:/config\n
      </span><span style="color:#323232;">      - /etc/localtime:/etc/localtime:ro\n
      </span><span style="color:#323232;">    restart: unless-stopped\n
      </span><span style="color:#323232;">    network_mode: host\n
      </span><span style="color:#323232;">    privileged: true\n
      </span><span style="color:#323232;">    ports:\n
      </span><span style="color:#323232;">      - 8123:8123\n
      </span><span style="color:#323232;">      - 5683:5683\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">  nginx-proxy-manager:\n
      </span><span style="color:#323232;">    container_name: nginx\n
      </span><span style="color:#323232;">    privileged: true\n
      </span><span style="color:#323232;">    image: 'jc21/nginx-proxy-manager:latest'\n
      </span><span style="color:#323232;">    ports:\n
      </span><span style="color:#323232;">      - '80:80'\n
      </span><span style="color:#323232;">      - '81:81'\n
      </span><span style="color:#323232;">      - '443:443'\n
      </span><span style="color:#323232;">    environment:\n
      </span><span style="color:#323232;">      DB_MYSQL_HOST: "nginx-db"\n
      </span><span style="color:#323232;">      DB_MYSQL_PORT: 3306\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /nginx/data:/data\n
      </span><span style="color:#323232;">      - /nginx/letsencrypt:/etc/letsencrypt\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">  nginx-db:\n
      </span><span style="color:#323232;">    container_name: nginx-db\n
      </span><span style="color:#323232;">    image: 'jc21/mariadb-aria:latest'\n
      </span><span style="color:#323232;">    environment:\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /nginx/mysql:/var/lib/mysql\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">  vaultwarden:\n
      </span><span style="color:#323232;">    container_name: vaultwarden\n
      </span><span style="color:#323232;">    image: vaultwarden/server:latest\n
      </span><span style="color:#323232;">    restart: unless-stopped\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /vaultwarden:/data/\n
      </span><span style="color:#323232;">    ports:\n
      </span><span style="color:#323232;">      - 8125:3012\n
      </span><span style="color:#323232;">      - 8124:80\n
      </span><span style="color:#323232;">    environment:\n
      </span><span style="color:#323232;">      - DOMAIN=https://vw.xxxxx.duckdns.org\n
      </span><span style="color:#323232;">      - LOGIN_RATELIMIT_MAX_BURST=10\n
      </span><span style="color:#323232;">      - LOGIN_RATELIMIT_SECONDS=60\n
      </span><span style="color:#323232;">      - ADMIN_RATELIMIT_MAX_BURST=10\n
      </span><span style="color:#323232;">      - ADMIN_RATELIMIT_SECONDS=60\n
      </span><span style="color:#323232;">      - ADMIN_TOKEN=\n
      </span><span style="color:#323232;">      - SENDS_ALLOWED=true\n
      </span><span style="color:#323232;">      - EMERGENCY_ACCESS_ALLOWED=true\n
      </span><span style="color:#323232;">      - WEB_VAULT_ENABLED=true\n
      </span><span style="color:#323232;">      - SIGNUPS_ALLOWED=true\n
      </span>\n
      ```\n
      \n
      I have forwarded the ports in the router.\n
      \n
      I have set up nginx the following:\n
      \n
      ![](https://lemmy.world/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)\n
      \n
      Issue is when I open the website, it will give me the error that hsts is enabled, even though I definitely did not check this option ( and I never did (today!).\n
      \n
      What is the reason for this?\n
      \n
      Do I have to set some sort of header?\n
      \n
      Same thing with vaultwarden, basically I set this up 1:1 except for the url whichi is vw.xxxxx.duckdns .org.
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 15
    +favouriteCount: 30
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1709146727 {#2414
      date: 2024-02-28 19:58:47.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 25290
    -titleTs: "'duckdn':11 'ha':8 'help':1 'need':2 'nginx':5 'proxi':7 'revers':6 'set':3 'use':10 'vaultwarden':9"
    -bodyTs: "'/24':88 '/config':104 '/data':154,185 '/etc/letsencrypt':156 '/etc/localtime':105,106 '/home-assistant/home-assistant:stable':101 '/homeassistant':103 '/nginx/data':153 '/nginx/letsencrypt':155 '/nginx/mysql':170 '/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)':245 '/var/lib/mysql':171 '/vaultwarden':184 '1':301,302 '10':198,207 '172.22.0.0':87 '192.168.178.214':74 '3012':188 '3306':151 '443':139,140 '5683':120,121 '60':202,211 '80':135,136,190 '81':137,138 '8123':75,118,119 '8124':189 '8125':187 'access':218 'account':51 'admin':203,208,212 'allow':215,219,226 'basic':296 'burst':197,206 'check':269 'clue':8 'configur':93 'contain':32,95,126,160,173 'db':142,147,148,159,164 'definit':266 'docker':31 'domain':192 'duckdn':50 'dyndn':61 'emerg':217 'enabl':223,262 'environ':141,168,191 'error':258 'even':263 'except':303 'expos':37 'extern':76 'follow':70,89,242 'forward':82,230 'fritzbox':57 'ghcr.io':100 'ghcr.io/home-assistant/home-assistant:stable':99 'give':255 'guy':2 'ha.xxxxx.duckdns.org':78 'header':291 'henc':16 'hey':1 'homeassist':38,68,71,92,94,97 'host':114,144 'hsts':260 'http':79 'im':14 'imag':98,131,165,176 'intern':72 'internet':43 'issu':246 'jc21/mariadb-aria':166 'jc21/nginx-proxy-manager':132 'kind':29 'latest':133,167,178 'lemmy.world':244 'lemmy.world/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)':243 'login':194,199 'manag':125 'max':196,205 'mode':113 'mysql':143,149 'name':96,127,161,174 'network':112 'never':274 'nginx':123,128,146,158,163,240 'nginx-db':145,157,162 'nginx-proxy-manag':122 'open':250 'option':271 'org':310 'port':117,134,150,186,232 'privileg':115,129 'proxi':86,124 'ratelimit':195,200,204,209 'reason':280 'restart':108,179 'ro':107 'router':56,235 'run':27 'second':201,210 'send':214 'set':47,62,65,238,287,298 'setup':54 'signup':225 'sort':289 'still':5 'stop':111,182 'stuff':13 'system':26 'thing':293 'though':264 'today':276 'token':213 'true':84,116,130,216,220,224,227 'trust':85 'ubuntu':25 'unless':110,181 'unless-stop':109,180 'updat':59 'url':73,77,306 'use':80 'vault':222 'vaultwarden':40,172,175,295 'vaultwarden/server':177 'volum':102,152,169,183 'vw.xxxxx.duckdns':309 'vw.xxxxx.duckdns.org':193 'want':35 'web':221 'websit':252 'whichi':307 'x':81"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1703803540
    +visibility: "visible             "
    +apId: "https://lemmy.world/post/10039683"
    +editedAt: null
    +createdAt: DateTimeImmutable @1703717140 {#1793
      date: 2023-12-27 23:45:40.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: null
  +root: null
  +body: """
    What happened when you tried to open it on incognito mode / private browsing mode?\n
    \n
    Btw, if you’re using Chrome, you can type `thisisunsafe` to bypass hsts warning if nothing else work.
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 3
  +score: 0
  +lastActive: DateTime @1708784944 {#4160
    date: 2024-02-24 15:29:04.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@Lobotomie@lemmy.world"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4166 …}
  +nested: Doctrine\ORM\PersistentCollection {#4168 …}
  +votes: Doctrine\ORM\PersistentCollection {#4170 …}
  +reports: Doctrine\ORM\PersistentCollection {#4172 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4174 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4176 …}
  -id: 259356
  -bodyTs: "'brows':13 'btw':15 'bypass':26 'chrome':20 'els':31 'happen':2 'hsts':27 'incognito':10 'mode':11,14 'noth':30 'open':7 'privat':12 're':18 'thisisunsaf':24 'tri':5 'type':23 'use':19 'warn':28 'work':32"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.institute/comment/1871198"
  +editedAt: null
  +createdAt: DateTimeImmutable @1703772758 {#4161
    date: 2023-12-28 15:12:38.0 +01:00
  }
}

App\Entity\EntryComment {#4165
  +user: App\Entity\User {#4178 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "selfhosted@lemmy.world"
      +title: "selfhosted"
      +description: """
        A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.\n
        \n
        Rules:\n
        \n
        - Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.\n
        - No spam posting.\n
        - Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.\n
        - Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).\n
        - No trolling.\n
        \n
        Resources:\n
        \n
        - [awesome-selfhosted software](https://github.com/awesome-selfhosted/awesome-selfhosted)\n
        - [awesome-sysadmin](https://github.com/awesome-foss/awesome-sysadmin) resources\n
        - [Self-Hosted Podcast from Jupiter Broadcasting](https://selfhosted.show)\n
        \n
        > Any issues on the community? Report it using the report flag.\n
        \n
        > Questions? DM the mods!
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 222
      +entryCommentCount: 3916
      +postCount: 0
      +postCommentCount: 0
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729582735 {#275
        date: 2024-10-22 09:38:55.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 120
      +apId: "selfhosted@lemmy.world"
      +apProfileId: "https://lemmy.world/c/selfhosted"
      +apPublicUrl: "https://lemmy.world/c/selfhosted"
      +apFollowersUrl: "https://lemmy.world/c/selfhosted/followers"
      +apInboxUrl: "https://lemmy.world/inbox"
      +apDomain: "lemmy.world"
      +apPreferredUsername: "selfhosted"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1703473826 {#269
        date: 2023-12-25 04:10:26.0 +01:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1703473826 {#271
        date: 2023-12-25 04:10:26.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Help-needed-setting-up-NGINX-reverse-Proxy-HA-Vaultwarden-using"
    +title: "Help needed setting up NGINX reverse Proxy / HA / Vaultwarden using Duckdns"
    +url: null
    +body: """
      Hey Guys,\n
      \n
      so I still have no clue about most of the stuff im doing hence why I am doing it :)\n
      \n
      I have a ubuntu system running all kinds of docker containers and I want to expose homeassistant and vaultwarden to the internet.\n
      \n
      Now I have set up a Duckdns account, I have setup my Router (fritzbox) to update the dyndns settings, I have set up my homeassistant the following:\n
      \n
      ```\n
      \n
      <span style="color:#323232;">homeassistant:\n
      </span><span style="color:#323232;">  internal_url: http://192.168.178.214:8123\n
      </span><span style="color:#323232;">  external_url: https://ha.xxxxx.duckdns.org\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">http:\n
      </span><span style="color:#323232;">  use_x_forwarded_for: true\n
      </span><span style="color:#323232;">  trusted_proxies:\n
      </span><span style="color:#323232;">    - 172.22.0.0/24\n
      </span>\n
      ```\n
      \n
      Following is my Homeassistant Configuration:\n
      \n
      ```\n
      \n
      <span style="color:#323232;">  homeassistant:\n
      </span><span style="color:#323232;">    container_name: homeassistant\n
      </span><span style="color:#323232;">    image: "ghcr.io/home-assistant/home-assistant:stable"\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /homeassistant/:/config\n
      </span><span style="color:#323232;">      - /etc/localtime:/etc/localtime:ro\n
      </span><span style="color:#323232;">    restart: unless-stopped\n
      </span><span style="color:#323232;">    network_mode: host\n
      </span><span style="color:#323232;">    privileged: true\n
      </span><span style="color:#323232;">    ports:\n
      </span><span style="color:#323232;">      - 8123:8123\n
      </span><span style="color:#323232;">      - 5683:5683\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">  nginx-proxy-manager:\n
      </span><span style="color:#323232;">    container_name: nginx\n
      </span><span style="color:#323232;">    privileged: true\n
      </span><span style="color:#323232;">    image: 'jc21/nginx-proxy-manager:latest'\n
      </span><span style="color:#323232;">    ports:\n
      </span><span style="color:#323232;">      - '80:80'\n
      </span><span style="color:#323232;">      - '81:81'\n
      </span><span style="color:#323232;">      - '443:443'\n
      </span><span style="color:#323232;">    environment:\n
      </span><span style="color:#323232;">      DB_MYSQL_HOST: "nginx-db"\n
      </span><span style="color:#323232;">      DB_MYSQL_PORT: 3306\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /nginx/data:/data\n
      </span><span style="color:#323232;">      - /nginx/letsencrypt:/etc/letsencrypt\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">  nginx-db:\n
      </span><span style="color:#323232;">    container_name: nginx-db\n
      </span><span style="color:#323232;">    image: 'jc21/mariadb-aria:latest'\n
      </span><span style="color:#323232;">    environment:\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /nginx/mysql:/var/lib/mysql\n
      </span><span style="color:#323232;">\n
      </span><span style="color:#323232;">  vaultwarden:\n
      </span><span style="color:#323232;">    container_name: vaultwarden\n
      </span><span style="color:#323232;">    image: vaultwarden/server:latest\n
      </span><span style="color:#323232;">    restart: unless-stopped\n
      </span><span style="color:#323232;">    volumes:\n
      </span><span style="color:#323232;">      - /vaultwarden:/data/\n
      </span><span style="color:#323232;">    ports:\n
      </span><span style="color:#323232;">      - 8125:3012\n
      </span><span style="color:#323232;">      - 8124:80\n
      </span><span style="color:#323232;">    environment:\n
      </span><span style="color:#323232;">      - DOMAIN=https://vw.xxxxx.duckdns.org\n
      </span><span style="color:#323232;">      - LOGIN_RATELIMIT_MAX_BURST=10\n
      </span><span style="color:#323232;">      - LOGIN_RATELIMIT_SECONDS=60\n
      </span><span style="color:#323232;">      - ADMIN_RATELIMIT_MAX_BURST=10\n
      </span><span style="color:#323232;">      - ADMIN_RATELIMIT_SECONDS=60\n
      </span><span style="color:#323232;">      - ADMIN_TOKEN=\n
      </span><span style="color:#323232;">      - SENDS_ALLOWED=true\n
      </span><span style="color:#323232;">      - EMERGENCY_ACCESS_ALLOWED=true\n
      </span><span style="color:#323232;">      - WEB_VAULT_ENABLED=true\n
      </span><span style="color:#323232;">      - SIGNUPS_ALLOWED=true\n
      </span>\n
      ```\n
      \n
      I have forwarded the ports in the router.\n
      \n
      I have set up nginx the following:\n
      \n
      ![](https://lemmy.world/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)\n
      \n
      Issue is when I open the website, it will give me the error that hsts is enabled, even though I definitely did not check this option ( and I never did (today!).\n
      \n
      What is the reason for this?\n
      \n
      Do I have to set some sort of header?\n
      \n
      Same thing with vaultwarden, basically I set this up 1:1 except for the url whichi is vw.xxxxx.duckdns .org.
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 15
    +favouriteCount: 30
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1709146727 {#2414
      date: 2024-02-28 19:58:47.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 25290
    -titleTs: "'duckdn':11 'ha':8 'help':1 'need':2 'nginx':5 'proxi':7 'revers':6 'set':3 'use':10 'vaultwarden':9"
    -bodyTs: "'/24':88 '/config':104 '/data':154,185 '/etc/letsencrypt':156 '/etc/localtime':105,106 '/home-assistant/home-assistant:stable':101 '/homeassistant':103 '/nginx/data':153 '/nginx/letsencrypt':155 '/nginx/mysql':170 '/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)':245 '/var/lib/mysql':171 '/vaultwarden':184 '1':301,302 '10':198,207 '172.22.0.0':87 '192.168.178.214':74 '3012':188 '3306':151 '443':139,140 '5683':120,121 '60':202,211 '80':135,136,190 '81':137,138 '8123':75,118,119 '8124':189 '8125':187 'access':218 'account':51 'admin':203,208,212 'allow':215,219,226 'basic':296 'burst':197,206 'check':269 'clue':8 'configur':93 'contain':32,95,126,160,173 'db':142,147,148,159,164 'definit':266 'docker':31 'domain':192 'duckdn':50 'dyndn':61 'emerg':217 'enabl':223,262 'environ':141,168,191 'error':258 'even':263 'except':303 'expos':37 'extern':76 'follow':70,89,242 'forward':82,230 'fritzbox':57 'ghcr.io':100 'ghcr.io/home-assistant/home-assistant:stable':99 'give':255 'guy':2 'ha.xxxxx.duckdns.org':78 'header':291 'henc':16 'hey':1 'homeassist':38,68,71,92,94,97 'host':114,144 'hsts':260 'http':79 'im':14 'imag':98,131,165,176 'intern':72 'internet':43 'issu':246 'jc21/mariadb-aria':166 'jc21/nginx-proxy-manager':132 'kind':29 'latest':133,167,178 'lemmy.world':244 'lemmy.world/pictrs/image/534b7ad1-c10d-42a8-9da4-90e2aac4c67f.png)':243 'login':194,199 'manag':125 'max':196,205 'mode':113 'mysql':143,149 'name':96,127,161,174 'network':112 'never':274 'nginx':123,128,146,158,163,240 'nginx-db':145,157,162 'nginx-proxy-manag':122 'open':250 'option':271 'org':310 'port':117,134,150,186,232 'privileg':115,129 'proxi':86,124 'ratelimit':195,200,204,209 'reason':280 'restart':108,179 'ro':107 'router':56,235 'run':27 'second':201,210 'send':214 'set':47,62,65,238,287,298 'setup':54 'signup':225 'sort':289 'still':5 'stop':111,182 'stuff':13 'system':26 'thing':293 'though':264 'today':276 'token':213 'true':84,116,130,216,220,224,227 'trust':85 'ubuntu':25 'unless':110,181 'unless-stop':109,180 'updat':59 'url':73,77,306 'use':80 'vault':222 'vaultwarden':40,172,175,295 'vaultwarden/server':177 'volum':102,152,169,183 'vw.xxxxx.duckdns':309 'vw.xxxxx.duckdns.org':193 'want':35 'web':221 'websit':252 'whichi':307 'x':81"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1703803540
    +visibility: "visible             "
    +apId: "https://lemmy.world/post/10039683"
    +editedAt: null
    +createdAt: DateTimeImmutable @1703717140 {#1793
      date: 2023-12-27 23:45:40.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: null
  +root: null
  +body: """
    What happened when you tried to open it on incognito mode / private browsing mode?\n
    \n
    Btw, if you’re using Chrome, you can type `thisisunsafe` to bypass hsts warning if nothing else work.
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 3
  +score: 0
  +lastActive: DateTime @1708784944 {#4160
    date: 2024-02-24 15:29:04.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@Lobotomie@lemmy.world"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4166 …}
  +nested: Doctrine\ORM\PersistentCollection {#4168 …}
  +votes: Doctrine\ORM\PersistentCollection {#4170 …}
  +reports: Doctrine\ORM\PersistentCollection {#4172 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4174 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4176 …}
  -id: 259356
  -bodyTs: "'brows':13 'btw':15 'bypass':26 'chrome':20 'els':31 'happen':2 'hsts':27 'incognito':10 'mode':11,14 'noth':30 'open':7 'privat':12 're':18 'thisisunsaf':24 'tri':5 'type':23 'use':19 'warn':28 'work':32"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.institute/comment/1871198"
  +editedAt: null
  +createdAt: DateTimeImmutable @1703772758 {#4161
    date: 2023-12-28 15:12:38.0 +01:00
  }
}