Posts

There are subdomains on my home network that I only want accessible locally. While there are no public DNS records pointing to them, the URLs are still visible thanks to Certificate Transparency, and I want to add a layer of security just to be sure. Here’s where Caddy snippets are convenient to block all WAN traffic for select subdomains. The following snippet in my Caddyfile blocks all traffic coming from outside the subnets after remote_ip, in the blocks where it’s used. ...

I’ve recently started using subdomains for services I only access locally. I want Caddy to serve them through HTTPS so I don’t get annoying warnings about the connection being insecure, while blocking access from WAN just to be extra safe, which I cover here. The thing is, port 80 is not forwarded on my router, which is required for the ACME HTTP-01 challenge. I also don’t want a DNS record for my private subdomains to appear publicly (I use the hosts file in my router to provide DNS resolution locally). EDIT: Certificate Transparency is a thing… Thank you Laurent! ...

I recently stumbled upon corrupted music files randomly during playback. My player (Poweramp) would skip them before the end, and I was worried more might be corrupted and started looking for a way to easily check my whole library. FFmpeg is great for the job (of course it is). Here’s the command I ended up with after browsing multiple Stack Overflow threads. The command recursively checks FLAC files in the current directory. You can adjust the file extension, or remove it entirely to check all files. Add -maxdepth 1 after find ./ to disable recursion. You might want to run it in Screen since the process will read through your entire library, which could take some time. ...