Version 10.9 is not even released, right?

I replaced my actual domain with “mydomain”.

Here’s the full log from /tmp/letsencrypt-log/letsencrypt.log. https://notebin.de/?4859b67f1b29f0e2#8G6vSon5PUGUHoZvMYD3zKwx8hkJeCV9xQM4TWFSvudM

Of course, but I don’t know what it means or what to do with it otherwise I obviously wouldn’t have create this post!?

Every transcode could need as much disk space as the size of the file you’re playing. If you have a media file that’s bigger than your available RAM the transcode will propably cause problems because you will run out of RAM.

Yeah, but the cleanup job doesn’t seem to work reliably. I noticed because my home server ran out of disk space because the transcoding directory was over 30 GB in size.

I have like a dozen people using my Jellyfin and sometimes 3-4 people watch something at the same time which results in a lot of transcoding data. At the moment my transcoding directory (which is cleaned every 24 hours) is almost 8 GB big. I don’t have the RAM to do this.

Thanks, that did the trick!

Looks perfect, thanks!

I actually don’t know. All I want to achieve is having access from my smartphone to my local network via the VPS, which is the only device with a public IP. So it’s basically a point-to-site connection from my smartphone to my home server with the VPS in between.

And I just followed a tutorial and that’s why I set up the 10.0.0.0/24 IP range.

I am using NPM, that doesn’t help with my issue.

Thanks, but I have configured a dedicated IP range for my Wireguard network, so the devices have IPs like 10.0.0.1. But I still want to access services in my home network in the IP range 192.168.178.0/24.

And in your example the AllowedIP = 192.168.178.2/32 of the VPS would still make it possible to route traffic from my smartphone via the VPS to my home server?

Actually just nothing. I have an error at 5:32 a.m. but the logs show nothing between 2:00 a.m. and now when I logged in.

Thanks, but I meant the HAProxy in your homelab.

What is the proxy in front of crowdsec for?

Maybe use DNS challenge? https://notthebe.ee/blog/easy-ssl-in-homelab-dns01/

Uptime-Kuma

I should have added that I am also using Pi-hole and Unbound. This seems to be the issue. I now added the following to my unbound.conf but it’s still not working unfortunately. Where domain.duckdns.org is my domain by DuckDNS and the IP points to the Nginx Proxy Manager.

local-zone: "domain.duckdns.org." static
local-data: "domain.duckdns.org. IN A 192.168.178.123"

Thanks but no local proxy host is working.

Ah I see. As I’ve said the proxy is working for my domain and is available from the internet. So that shouldn’t be an issue…

This is the output of the openssl command:

# openssl s_client -connect 127.0.0.1:443 -showcerts

CONNECTED(00000003)
80DB1D0BDC7F0000:error:0A000458:SSL routines:ssl3_read_bytes:tlsv1 unrecognized name:../ssl/record/rec_layer_s3.c:1586:SSL alert number 112
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 297 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---

# openssl s_client -connect 127.0.0.1:80 -showcerts

CONNECTED(00000003)
809B89C5DB7F0000:error:0A00010B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl3_record.c:354:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 5 bytes and written 297 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---