Custom user/group mapping in unprivileged LXC container for (user)mount

I set up a LCX Container. My hostsystem is ArchLinux and the Container use Debian. I start the container as root and use user/group mapping so the container run ‘unprivileged’. /etc/lxc/default.conf: lxc.idmap = u 0 100000 65536 lxc.idmap = g 0 100000 65536 /etc/subuid & /etc/subgid: root:100000:65536 Now i like to share my homedir within…

Why can a port can be accessible from outside although it is not in firewall open ports on centos 7?

I have a remote vps working with centos 7, related firewalld info is as below, firewalld is running actively. [[email protected] mydir]# firewall-cmd –get-zone-of-interface=eth0 no zone [[email protected] doer mydir]# firewall-cmd –list-ports You’re performing an operation over default zone (‘public’), but your connections/interfaces are in zone ‘home’ (see –get-active-zones) You most likely need to use –zone=home option.…

Nginx proxy sees different client IP for different servers

I have nginx proxy configured for blocking some services for VPN clients only (10.1.0.4 for all users). Example of working case: ### bitwarden server { server_name one.example.com; listen 443 ssl; resolver 127.0.0.11; set $bitwarden bitwarden:80; location / { allow 10.1.0.4; deny all; proxy_pass http://$bitwarden$request_uri; } ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; include /etc/letsencrypt/conf/options-ssl-nginx.conf; ssl_dhparam /etc/letsencrypt/conf/ssl-dhparams.pem; } All…