I use firewalld as generic firewall and fail2ban as IPS/anti-bruteforce solution (blocks IPs using firewalld's ipsets)
vegetaaaaaaa
joined 2 years ago
I have copied the latest git revision c67b943aa894b90103c4752ac430958886b996b2 from https://gitlab.tt-rss.org/tt-rss/tt-rss to my gitea instance which is mirrored to https://gitlab.com/nodiscc/tt-rss and https://github.com/nodiscc/tt-rss.
I don't intend to make changes or bugfixes (it's working fine), but I will try to keep it compatible with the PHP version in Debian stable, since I've been using it for years and would really like to keep doing so.
cross-posted from: https://feddit.org/post/9959466
geteilt von: https://programming.dev/post/27692275
- step 1: use named volumes
- step 2: stop your containers or just wait for them to crash/stop unnoticed for some reason
- step 3: run
docker system prune --allas one should do periodically to clean up the garbage docker leaves on your system. Lose all your data (this will delete even named volumes if they are not in use by a running container) - step 4: never use named or anonymous volumes again, use bind mounts
The fact that you absolutely need to run docker system prune --all regularly to get rid of GBs of unused layers, test containers, etc, combined with the fact that it deletes explicitely named volumes makes them too unsafe for my taste. Just use bind mounts.
unattended-upgrades doesn't do that unless you explicitly specify
Unattended-Upgrade::Automatic-Reboot "true";in the config. Check/usr/share/doc/unattended-upgrades/README.md.gzThe main configuration file is
/etc/apt/apt.conf.d/50unattended-upgrades, maybe you put your config in the wrong place?here is mine