For those of us who rely on Logitech Media Server (LMS), now known as the Lyrion Music Server, to stream music and radio throughout our homes, a recent change threw a wrench into our routines (if you are french). In April 2024, the partnership between Radio France and TuneIn came to an end, leaving many users without access to their favorite French radio stations.
Let’s fix that !
If you have a homelab or a small web server for your tool, you probably know the Fail2ban software. It’s a tool capable of taking input from another software (usually log) to flag the IP doing bad stuff and block them for a defined amount of time (usually using iptables). It’s really not a tool for big production-grade projects, but for small personal stuff, it does the job quite well!
But as long as you have multiple VMs running for different tools or projects, having all of them individually fully exposed to the internet isn’t a good idea. It costs some extra IPv4 allocation (assuming you aren’t IPv6 only), and securing them may require more time and effort. Most people end up with some kind of proxy. It can be a single Nginx/Apache2, a haproxy, or a traefik… it doesn’t really matter. What does matter is that now, all of your requests will come from the IP of that proxy and no longer the one trying to mess with your stuff. Does this make Fail2ban useless? Dropping the ban hammer on your own proxy IP isn’t a good idea, but how can you selectively ban something that comes from a single server?
Breaking out of SSH
We’ve all been there. You are working on your remote server though ssh, and suddenly a colleague restart openvpn, or your ISP crapy modem restart… You end up with a frozen ssh prompt, and no ctrl+c or ctrl+d give let you break that.
If you aren’t too familiar with this issue, you probably don’t know how to fix this, and quickly end up closing the terminal and opening another one. This work but there is a “better” way.