Create secure, high-performance, affordable environment for your container applications using Hetzner dedicated servers.For around 50€ per month. This setup can also be done using different server providers, both dedicated and shared, even on public cloud. This tutorial has not been sponsored by Hetzner or any other software vendors. If you are interested in similar setup, please drop me a message via Linkedin. Goal The goal for this setup is to run Docker container in Swarm mode in secure and reliable environment. For sake of security we enable Proxmox firewall, pfSense firewall and Suricata IDS/IPS. For sake of reliability we configure
If you have Sentry on-premise installed and run out of space, then bringing it back can be a little bit tricky. Especially if you have tons of projects configured with loads of data coming into it. If you can accept some in-memory data to be lost then search for redis container and flush it. Sentry can use hundreds of GB of both RAM and swap and still do not start. So, first search for Redis, as it ca be named differently depending on your Sentry version: Once you flushed Redis, run full restart and it should start within acceptable time
In order to process incoming e-mail messages as issues registered in GitLab you need to have catch-all mailbox and GitLab configured to handle it. However, there are few quirks you need to know when setting it up. Assuming you have GitLab installed as well as iRedMail. iRedMail First, create new mailbox in iRedMail admin panel. Then manually create forwarding record. You could skip this is you purchased iRedMail Pro: At this point you can check if catch-all feature is working by sending mail to non existing mailbox user. What is especially important is to verify if messages will come once
Building applications to do things better leads to operational excellence. And using digital tools and applications across the enterprise to do business differently – to enable innovation and creativity – leads to strategic advantage. When digital transformation tools are applied to the long-term vision and creativity of the enterprise, digital transformation becomes strategic. Download Bonita Studio Community from https://www.bonitasoft.com/downloads. There is either zip package or installer available depending on your operating system. At the moment of this writing there Bonita Studio Community version 2023.02-u0. TLDR In this article you will see how to create project, organization and design sample BPMN
If you would like to run virtual machine inside another virtual machine, then you need to have CPU with nested virtualization feature and this feature needs to be enabled. Even if enabled: you might still have error on enabling virtualization inside virtual machine: Still, even with “KVM hardware virtualization” set to Yes on VM Options pane in Proxmox UI, you may have trouble to get it to work. In case of Intel Xeon Gold 5412U there are no additional CPU flags available to set from Proxmox UI. You need to select CPU type as “host” either from UI or inside
Installing Redash is straightforward if you use https://github.com/getredash/setup repository. Just run setup script to download, install and configure all required packages. But there is one thing missing from the default. It is mail configuration. First install Redash with all default settings and then edit /opt/redash/env file: After setting those values run docker-compose up -d command to recreate containers. Use TLS and local IP address if you host your mail server on-premise. Now you should be able to send mail messages from your Redash.
Benefit from running your own docker registry is cost and privacy. But in order to use it in various places you need to secure its connection with SSL/TLS certificates. In case you have only ZeroSSL or LE certificates it can be difficult to maintain both you certificate at ACME/HAProxy leve in pfSense and secondary also in docker registry somewhere else. Fortunately there is solution for that. Add your docker registry domain to ACME certificate enrollment as usual. Run docker registry without giving it certificate. Instead configure a domain pointing at pfSense, preferably using non-WAN address. Next configure proxy-pass at Nginx
In case you have some LXC containers on your Proxmox server, then there is high chance that you will get some errors during backup them up. Some container templates may not support snapshot or suspend modes. Instead you should you use stop mode. It is important to remember that during such backup container will be stopped, so be aware of that in case you have some encryption which could ask for a key during startup.