I have several services running at home. I have a VPS running NGINX Proxy Manager and Tailscale, also some of my services get proxied through Cloudflare Tunnels. Both of these prevent my servers from seeing the actual IP address that is connecting to them.

The situation is:

- My servers can see the failed login attempts. But it can't see the real client IP address.

- The VPS can see the real client IP. But it's unaware of the failed login attempts.

So the idea I had was to have some way of parsing the connection logs on my servers, when there is more than "X" failed login attempts the log entry of each failed login can be sent to the VPS. On the VPS there would be some way to compare the time from the server logs, with the time of the connection logs of the VPS. With this info the VPS could then make a fairly safe guess at which IP the attack is coming from and block that IP at the VPS.

Does anything that can do this already exist?

​

To add more details:

On the VPS I already have several well known block lists, along with Crowdsec which has significantly reduced the failed login attempts on my servers, but I would like to be able to use more specific Crowdsec bouncers, or Fail2Ban to stop the specific IP's.

The use of Tailscale and Cloudflare was by choice. I previously used a Wireguard tunnel and everything went through the VPS, this setup DID allow my servers to see the actual IP addresses. The reason for the change was that it was simply too much of a pain to manage, and I am too busy lately to properly manage it. By making the changes I did it greatly simplified managing everything, increased the reliability, and using Cloudflare has significantly increased the performance of several services.

​

I had my domain with Dynu for years, great company btw. But I recently switched over to Cloudflare to use tunnels.

I followed the steps outlined on the CF site, removed the old name servers, added CFs name servers, enabled zone transfer at my old registrar, and when I go to my site overview on the CF dashboard I see the message "Great news! Cloudflare is now protecting your site". The transfer was initiated almost exactly 24 hours ago.

here's how I have things setup:

• All services setup with a CF tunnel is a sub domain, so "service.mydomain.com"
• All CF Tunnels show up as CNAME records.
• My base domain A Record points to the public IP of my VPS. This is used as a tunnel for my email server since CF won't pass SMTP or IMAP through their tunnels. (at least that's what I was told)
• All MX records point to relays I still have with Dynu.

I have 2 other domains with Cloudflare, one of which was also transferred from Dynu, and the tunnels on them work just fine.

Im not sure if I did something wrong, missed a step, or if I just need to wait longer.

Im wanting to replicate the files on my home server to my server at my business and a VPS. Then have it setup in a way where my laptop, iphone, etc... will automatically connect to whichever server is closest or fastest. Clearly the servers would sync amongst themselves so they all 3 stay up to date.

Is this even possible?

Syncthing has Möbius and Resilio has an official app for ios. But I am desperately trying to find something else.

Syncthing is not an option as long as it doesn’t have selective sync. Resilio works fine but even the pro version is really lacking, plus it’s more or less dead anyway. But at-least it does integrate with Files on iOS.

What I am looking for is anything distributed, anything where i can download from multiple peers at once. I have servers at home, servers at work, and a VPS that all contain the same data and Id like to be-able to pull from them all at the same time. Or at a minimum at-least something that is smart enough to connect to whichever peer is the fastest.

The biggest limit seems to be that I need selective sync, iOS Files integration, and some way to access the files from MacOS.

The only thing I could think of is a Ceph cluster but I don’t know enough about it to even know if it would work for my use.