I know, I know, clickbaity title but in a way it did. It also brought in the situation in the first place but I’m just going to deliberately ignore that. Quick recap:

  1. I came home at 3pm from the city, my internet at home didnt work.
  2. checked multiple devices, phones worked out of wifi, I figured I need to restart the router
  3. I login to the router and it responds totally normal but my local network doesnt. (Its always dns, I know)
  4. I check the router log and see 100s of login attempts over the past couple of days.
  5. I panic and pull the plug, try to get into my server by installing an old monitor, works, many errors about dns
  6. Wife googles with her phone, seems I had https login from outside on and someone found the correct port, its disabled now
  7. Obviously, local network still down, I replug everything and ssh into the server which runs pihole as dns
  8. pihole wont start dns, whatever I do
  9. I use history and find I "chmod 700"ed the dns mask directory instead of putting it in a docker volume…
  10. I check the pihole.log, nothing
  11. I check the FTL log, there is the issue
  12. I return it to 777, everything is hunky dory again.

Now I feel very stupid but I found a very dangerous mistake by having my lan fail due to a less dangerous mistake so I’ll take this as a win.

Thanks for reading and have a good day! I hope this helps someone at some day.

  • Lem453@lemmy.ca
    link
    fedilink
    English
    arrow-up
    7
    ·
    8 months ago

    If you have everything on docker compose migrating to another host is pretty easy. I could probably migrate my 11 stacks of 36 containers in 2 to 3 hrs

    • haui@lemmy.giftedmc.comOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      8 months ago

      If everything works well, I could probably do that too. But I‘ve had too many obscure little things happen that 10x the amount of time needed so I always plan for the worst case.

      Also, my point was that people are being massively overreacting due to the fact that my logs showed signs of attacks, not intrusion.

      I run many servers and the commercial ones I am much more slow and careful with. Every public facing service has attacks in their logs and I deal with them. I know what experience you guys have but its not hosting public services.

      the arrogance with which people suggest someone is incompetent is baffling. Not talking about you but quite a number of comments where condescending af.

      Thanks for the advice with ansible. I might actually give this a go.