Ryan McGuire
Ryan McGuire
This is the third draft of this idea, replacing #100 and #32. This idea uses X11 forwarding and so also makes #163 unnecessary.
Using [acme-dns](https://github.com/joohoi/acme-dns#configuration) we can avoid the problem of holding onto a broad security token just for DNS management.
This branch will implement postgresql backups to S3 with pgbackrest. Fixes #44
Tiddlywiki is not being upgraded to Oauth as part of #120. Due to the complexity of the current config, it is staying with only basic auth for the time being....
[pgbackrest](https://github.com/pgbackrest/pgbackrest#readme) looks like a good option. A good first implementation should only be for the postgres DBaaS, not for the individual services.
Any service that uses postgres should be able to deploy with an instance in the same docker-compose.yaml (embedded postgres) or to use an external (or third part) DB / DBaaS....
The cryptpad-nginx image is not designed for use with a proxy, it expects to be on public port 443, and this is a problem when I attempted to upgrade to...
I started to fix #30 - but I am still getting an internal server error that I cannot trace in the logs. I suspect I will have better luck by...
traefik-forward-auth uses the /_oauth/logout path to perform logout. It uses HTTP GET. traefik-forward-auth has a LOGOUT_REDIRECT that is currently configured to another Gitea specific logout endpoint that also uses HTTP...
Many containers don't really need to run as root, or even if they do, they don't need quite as many capabilities as Docker gives by default. There should also be...