@cherrykraken

cherrykraken@lemmy.ca · 15 days ago

I’ve actually been investigating Postgres cluster configurations the past 2 weeks at work (though we’re considering CloudNativePG+Kubernetes on 3 nodes spanning two physical locations).

One thing I might recommend is to investigate adding a proxy like PgBouncer in front of the databases. This will manage request differences where write-queries must go to the primary, but read-queries may go to any of the replicas as well.

It should also better handle the recycling of short-lived and orphaned connections, which may become more of a concern on your stage 3, and especially on some stage 4.

cherrykraken@lemmy.ca · 24 days ago

Regarding access tokens, there’s a third party credential helper for Linux that uses OAuth. I recently found it and started using it a month ago. Works pretty much the same as Git + Windows Credential Manager. In case you are running headless, there is a device mode flag that will allow you to login with the GitHub app on your phone.

https://github.com/hickford/git-credential-oauth

(And if you layer a timed cache helper before the OAuth helper… well you shouldn’t have to reauthenticate every time!)

Otherwise, the Git manual lists some other credential helpers that interface with some password managers.

https://git-scm.com/doc/credential-helpers

cherrykraken@lemmy.ca · 3 months ago

In NPM I set a proxy host 192.168.box.IP to forward to 100.jellyfin.tailscale.IP:8096. I tested it by going to box.IP and jellyfin works.

I’m not surprised this worked, numbers are allowed in FQDNs, but an IP address is not entirely equivalent.

I tried “box.IP:8096” as a domain name and NPM rejected it. I tried “box.IP/jellyfin” and NPM rejected that too (I’ll try Locations in a bit)

I would strongly suggest you to read up on the OSI model.

Nginx only understands HTTP and HTTPS requests at Layer 7 (implicitly and strictly ports :80 and :443), and forwards or redirects them to Layer 4 destinations. (Nginx can technically handle other protocol requests via plugins, but that isn’t what you are looking for.)

In NPM, the proxy host name should at least contain the Raspberry Pi’s hostname, e.g. jellyfin.your-rpi-name. Or you could use the path location option, e.g. your-rpi-name with location /jellyfin. (I think the second option might work with network hostname auto-discovery, in which case pihole as a DNS may not be strictly necessary.)