Brain Excretions

Build a man a fire, and he’ll be warm for a day.

Set a man on fire, and he’ll be warm for the rest of his life.

Adding The Spamhaus DROP List to Unifi Gateway

Introduction The Spamhaus Don’t Route Or Peer (DROP) Lists consist of netblocks that are leased or stolen by professional spam or cyber-crime operations, and used for dissemination of malware, trojan downloaders, botnet controllers, or other kinds of malicious activity. i.e. stuff you really don’t want to interact with. I used to consume the DROP list many years ago when my home firewall was Microsoft ISA/TMG (yes, really), but then completely forgot it existed until fairly recently....

2024-03-22 · 6 min · Adam

Making Playwright Work on Alpine Out of Spite

Doing Who On What Now? Playwright is a Web Testing and Automation framework developed by Microsoft, it’s similar to Selenium or Puppeteer. The core project is written in nodejs and there are sub-projects offering the same framework in Python, .NET, and Java. It’s the Python project that I was specifically interested in due to its use in the changedetection.io container that I maintain for Linuxserver.io. The problem is that the container uses an Alpine base image whereas Microsoft only publish wheels for glibc, and they don’t publish the source to Pypi for pip to build, which means you can’t just do pip install playwright because it won’t be able to find a muslc wheel to install from....

2024-03-13 · 5 min · Adam

Wordpress Migration

Long ago, in the long-distant mists of time, I ran my blog on Wordpress. When I moved off it to Ghost a few years back it was frankly way too much effort to try and bring all the posts with me and maintain their URLs so I just left the old site up. However, as you may have seen, it looks like Automattic are going to start selling user data to AI companies for training their models on an opt-OUT basis and, even though I’m self-hosting, as I’m using plugins like Jetpack I don’t trust them not to harvest everything I’ve written to sell for their own benefit....

2024-02-28 · 1 min · Adam

Practical Configuration of Traefik as a Reverse Proxy For Docker - Updated for 2023 and Beyond

An updated guide to configuring Traefik with Docker, with explanations of why to do each step as well as how.

2023-07-19 · 20 min · Adam

Really Simple Network Bridging With qemu

Intro I’ve not really used qemu much before but I found myself needing it last week for a particular project and discovered - to my shock and amazement - that the documentation (official and 3rd party) surrounding it is almost universally terrible. A mixture of overly-complex, out of date, incredibly niche, and just straight up poorly-written. I’ll be honest, I wasn’t after much, I had a single qemu VM and I wanted it to be routable on my LAN....

2022-09-04 · 3 min · Adam

Changing Docker Daemon Options For Fun and Profit

Introduction Did you know there are all kinds of interesting options that Docker supports but doesn’t necessarily expose, or document, very well? Most of them are very simple to configure and can have substantial benefits so it’s well worth investigating. Daemons All of these options are configured via the Docker daemon. You can pass arguments to dockerd via the systemd service file or, preferably, use a config file, which defaults to /etc/docker/daemon....

2022-03-31 · 3 min · Adam

Integrating CrowdSec with Traefik & Discord

A Further Update Since writing this post I’ve now moved from using the Traefik Crowdsec Bouncer container to using a plugin-based bouncer as it performs better and is actively maintained. Update To The Update The issue with upstream proxies and the Traefik bouncer has been resolved by the maintainer. I’ll leave my fork up in case I get some more free time to work on it. I got impatient waiting for the bug with the Traefik bouncer to get fixed so I forked it and fixed it myself, as well as added a couple of extra features....

2022-01-11 · 9 min · Adam

The Dockers I Have Done

As you may be aware, I’m part of linuxserver.io where I maintain a number of Docker containers such as grav and syslog-ng but there are times when I need a container that isn’t a suitable linuxserver candidate for any number of reasons so I just publish it myself. It occurred to me that I should probably make an effort to promote them given how difficult docker discovery is on places like Docker Hub where there are hundreds of containers for any given thing, almost all of which had one image push 3 years ago and haven’t been touched since....

2021-09-07 · 2 min · Adam

How Exactly Does ProxySettingsPerUser Work?

Update A nice man at Microsoft advised me that in addition to setting DefaultConnectionSettings you should also set SavedLegacySettings to the same value under the same key. This value holds, and I quote, “configuration used by network connections other than the default connection”. I have been unable to divine exactly what this means but it sounds like it might be important. Introduction You may occasionally in your career have had a want or need to set Windows proxy settings for every account on a machine regardless of who is logged in....

2021-04-14 · 6 min · Adam

Connecting to NFS Shares From Windows (Properly)

Introduction If you live in the Windows world you probably haven’t had much cause to use NFS because SMB is the done thing, but if you’re working with Linux hosts or NAS devices NFS can be simpler to deal with. The problem is that Windows NFS support is a bit…wonky and it doesn’t help that almost all the guides on t’internet are giving out bad advice. So to continue my series of “I just figured this out so it seems only fair to share” posts, here’s how to setup the NFS client on Windows properly....

2021-02-11 · 3 min · Adam