SysAdmin/DevOps Engineer

Seting up a reverse proxy with HTTPS for intranet services

I have been selfhosting some useful services on my home raspberry pi for a while. It is easy to set up a reverse proxy and expose the services to the Internet and access then from everywhere, but I didn’t want to allow access to a lot of them from the outside, such as radarr or sonarr. The solution I adopted for a long time is to set up a VPN, access my local network trough the VPN and then connect to the services.…
Read more ⟶

Banning bots in nginx using fail2ban

Some days ago I started learning a bit more about fail2ban in order to ban bad HTTP petitions reaching my nginx server. Here is a brief of what I learnt and did. fail2ban jails Normally configured in /etc/fail2ban/jail.local file. In this file you configure fail2ban jails. Each jail will search for a type of bad behavior and ban IPs with that specific pattern. Here is an example of a little jail I made.…
Read more ⟶

Selfhost Overleaf using Ansible and Docker

I’ve been wanting to automate the deployment of all my docker services using Ansible for some time and, unfortunately, I haven’t found the moment yet. A new service to host arrived to my setup, and I wanted to make things right from the beginning. These days I’ve been interested in self-hosting Overleaf, given that I’m doing my final degree project and I want to share the document with my mentors.…
Read more ⟶