More specifically, they are all weather themed.

https://learn.microsoft.com/en-us/defender-xdr/microsoft-threat-actor-naming

deleted by creator

Look man, this is just exhausting. I’m well aware of that security policy. I have enabled it at some of my clients. But it’s not a default setting and would never be on a random non-enterprise PC. This is what I mean when I say the only people who are getting locked out this way were screwing with their computers in ways they don’t understand, installing random garbage and following bad advice on the internet.

From your link:

If you set the value to 0, or leave blank, the computer or device will never be locked as a result of this policy setting.

I don’t care what you think. I’m playing chess with a pigeon here. Test it yourself.

Edit: And sorry for being a jerk. Back to my original point, I’m pretty much fed up with the “technical” communities of Lemmy where correct information is downvote to oblivion and blatantly wrong information is lionized as absolute truth. And when I have tried to actually help and provide useful information I get met with the hordes of confidently incorrect people trying to discredit me.

That’s the BitLocker PIN, not the OS PIN. Go away.

Bitlocker activates when you enter an incorrect OS password too many times.

This is completely false. Please stop spreading misinformation. You clearly have no idea how BitLocker works, nor Secure Boot, BCD, TPM, or PCRs. Or anything really.

Maybe you should stick to an iPad. I’m done replying to this blithering nonsense.

Bitlocker activated because of an OS update

This did not happen. You did something to enable it.

I don’t have an MS account, because I have no need to give MS all of my data

If you had one, all of your data would have been safe in OneDrive and easily recoverable. But I’m sure the irony is completely lost on all the anti-MS people here. Nah, it must be Microsoft’s fault you didn’t have backups when you broke your tablet.

I’m rocking a 12-year-old 3930k with BitLocker on all drives and it’s perfectly fine.

Agreed. The immature iamsosmart user base is making me strongly consider leaving Lemmy for good. There just aren’t enough actual professionals here for any serious discussion in a technical community. It’s just a bunch of 20-year-olds who think they have the world figured out. And they all downvote based on emotion rather than facts (which I am quite prepared for).

Microsoft accounts, OneDrive, and BitLocker are absolutely great features for the average user providing SSO, cloud storage with ransomware-proof backups, and seamless full-disk encryption.

I love Linux too, but there seems to be no room for nuance on Lemmy. These children are insufferable.

Yeah that sounds about right.

There’s no way you need to somehow eat more to lose weight. Are you sure you’re counting your calories correctly? Using an app? Tracking everything, especially drinks like sodas and alcohol?

Citogenesis:

https://xkcd.com/978/

Did you have to install an app called Company Portal or Intune? If no, then they probably don’t have access to your device, except for possibly being able to selectively wipe school data. They could also be using another MDM solution like Airwatch, but again, you would have had to have installed something (and unlikely, since universities get massive discounts on Microsoft licensing).

Even if you do have Company Portal, it doesn’t necessarily mean it’s managed as it’s still used to broker communication and authentication between Office apps on Android. The app itself would be able to tell you if the device is managed.

And as the other poster mentioned, if they had you install a root certificate for the university they can intercept and inspect HTTPS traffic from your device while on their network. But that still doesn’t give them access to the data-at-rest on your device.

If you’re sure you’ve got a DNS entry for the Pihole FQDN pointing at Traefik, open the dev panel in your browser (F12), switch it to the Network tab, and visit the pihole URL.

See if you get anything back and especially take note of the HTTP status codes.

Can you see the router and service in the Traefik dashboard and do they show any errors there?

I think you’re close.

You need to change service: pihole-rtr to service: pihole-svc.

Do I have to redefine all of the same information I did in my Traefik yml but in this separate config.yml?

No, you just need to reference it like you have. Define once, reference many.

No worries for the question. It’s not terribly intuitive.

The configs live on the Traefik server. In my static traefik.yml config I have the following providers section, which adds the file provider in addition to the docker provider which you likely already have:

providers:
  docker:
    endpoint: "unix:///var/run/docker.sock"
    exposedByDefault: false
  file:
    directory: /config
    watch: true

And in the /config folder mapped into the Traefik container I have several files for services external to docker. You can combine them or keep them separate since the watch: true setting tells it to read in all files (and it’s near instant when you create them, no need to restart Traefik).

Here is my homeassistant.yml in that folder (I have a separate VM running HASS outside of Docker/Traefik):

http:
  routers:
    homeassistant-rtr:
      entryPoints:
      - https
      service: homeassistant-svc
      rule: "Host(`home.example.com`)"
      tls:
        certResolver: examplecom-dns

  services:
    homeassistant-svc:
      loadBalancer:
        servers:
          - url: "http://hass1.internal.local:8123"

Hope this helps!

I use the Traefik file provider for this.

https://doc.traefik.io/traefik/providers/file/

It picks up all my .yml configs in the watched folder which define the routers and services external to Docker.

I know plenty account SNI already, but thanks. You might want to study more yourself, since we’re being condescending.

https://blog.cloudflare.com/encrypted-sni/

So now your ISP sees all of your queries instead of CF. (Assuming the cloudflared option is using DoH)

I’ll trust Cloudflare over Comcast/AT&T/etc. any day of the week.