ComfyUI: remove metadata from image files

When you generate a file using ComfyUI, metadata are added to the image automatically. Amongst the metadata, there is the full workflow including the prompt. If you want to remove those data, you can use ImageMagick convert with the --strip option. convert image.png --strip image_strip.png If you want to alter the original file, use mogrify: mogrify --strip image.png

July 23, 2023 · 1 min

ComfyUI: batch run from command line with API

While AUTOMATIC1111 can generate images based on prompt variations, I haven’t found the same possibility in ComfyUI. However, you can achieve the same result thanks to ComfyUI API and curl. When you click “queue prompt” in ComfyUI, it actually sends a POST request with the whole workflow as JSON data to http://127.0.0.1:8188/prompt . To get the workflow as JSON, go to the UI and click on the settings icon, then enable Dev mode Options and click close. You will now see a new button Save (API format). ...

July 22, 2023 · 2 min

ComfyUI custom node Impact Pack

I mostly use the FaceDetailer node to fix eyes and mouths, it really makes a difference, especially with models on CivitAI. You will find the workflow below. Note that on Nvidia GPU, I can use the SAMLoader node with “GPU” but on AMD GPU (RX 6700 XT), I must use “CPU”.

July 21, 2023 · 1 min

ComfyUI for dummies: a comprehensive guide for Stable Diffusion

ComfyUI is a web UI to run Stable Diffusion and similar models. It is an alternative to Automatic1111 and SDNext. One interesting thing about ComfyUI is that it shows exactly what is happening. The disadvantage is it looks much more complicated than its alternatives. In this post, I will describe the base installation and all the optional assets I use. I will provide workflows for models you find on CivitAI and also for SDXL 0.9. ...

July 21, 2023 · 5 min

Open source document search engines

Some websites post lists the best of open source document search engines available, unfortunately, they don’t seem up to date or they don’t care about unmaintained projects. Here’s my updated list as of July 2023, in no particular order. Note: there are some document management systems included because they also include a search feature. Open Semantic Search https://github.com/opensemanticsearch/open-semantic-search Last update: March 2023 IResearch search engine https://github.com/iresearch-toolkit/iresearch Last update: June 2023 OpenSearch https://opensearch.org/ Last update: July 2023 Meilisearch https://github.com/meilisearch/meilisearch Last update: July 2023 Teedy https://teedy.io/#!/ Last update: June 2023 Papermerge https://papermerge.com/ Last update: December 2022 Docassemble https://docassemble.org/ Last update: July 2023 Elastic Enterprise Search https://www.elastic.co/enterprise-search Last update: July 2023 Note: I have not used nor tested all these solutions, this is just a list. ...

July 11, 2023 · 1 min

Run Jenkins and Jenkins agents on Docker

I have managed a Gitlab instance for a couple of years, but for some organizations, Gitlab is overkill. For some people, Gitea is enough. However, Gitea does not have production-ready CI/CD yet. Fortunately, it’s possible to link Jenkins to Gitea. Here’s how to do it. In this post, we will first configure Jenkins to use agents in Docker. It is not recommended to run pipelines on the Jenkins host. You can run a static container or let Jenkins spin up containers on the fly. We will do both. We will connect to the containers using an SSH key. ...

April 21, 2023 · 5 min

Suricata and fail2ban

In case you want to ban IP addresses based on Suricata fast.log, here is the filter you need: [INCLUDES] before = common.conf [DEFAULT] _daemon = suricata [Definition] datepattern = ^%%m/%%d/%%Y-%%H:%%M:%%S failregex = <HOST>:[0-9]* -> ignoreregex = In the jail configuration, I suggest you change the default blocktype from REJECT to DROP. Edit 2023-03-24: you may want to use the action iptables-ipset-proto6-allports which leverages ipset. It will make your iptables rules much more readable and according to some sources, faster. Just edit your jail.conf and replace the default banaction_allports entry with iptables-ipset-proto6-allports , or explicitly mention iptables-ipset-proto6-allports in the jail configuration of suricata, like so: ...

March 23, 2023 · 2 min

ChatGPT: standard prompt

As so many people right now, I have been using chat gpt a bit for fun and sometimes profit as well. Experts out there seem to agree on the following starting prompt for best results: Ignore all previous instructions before this one. You are an expert <topic> advisor. You have been helping people <topic> for 20 years. Your task is now to give me <question related to topic>. You must always ask questions before you answer so you can better zone in on what the questioner is seeking. Is that understood? ...

February 19, 2023 · 6 min

Traefik & Grafana: auto-login based on source IP

If you want to automatically (or force a specific) login requests to Grafana coming from a given source IP with Traefik, you can do it with a separate router and a middleware. This requires basic authentication to be enabled on grafana (it is by default). Suppose you start with a default Traefik configuration exposing your grafana to anyone on https://grafana.example.org: labels: - "traefik.enable=true" - "traefik.http.routers.grafana.rule=Host(`grafana.example.org`)" - "traefik.http.routers.grafana.service=grafana" - "traefik.http.routers.grafana.tls=true" - "traefik.http.routers.grafana.tls.certresolver=myresolver" - "traefik.http.routers.grafana.entrypoints=websecure" - "traefik.http.services.grafana.loadbalancer.server.port=3000" To force requests coming from the IP 1.1.1.1 to be authenticated as the foobar user, add the following labels after enabling traefik and before the router grafana: ...

October 19, 2022 · 1 min

Fortigate: SAML authentication in firewall policy with Keycloak

First, create a new Single Sign-On authentication under User & Authentication. As of version 7.0.6, the GUI does not specify ports and does not let you change them either. To work around this, use the CLI. Default ports used by the captive portal are TCP/1000 and TCP/1003 for HTTP and HTTPS traffic respectively. You can find the different URLs about the IdP in Keycloak, in the relevant realm, under Realm Settings, then click on “SAML 2.0 Identity Provider Metadata”. The idp-entity-id is the value of entityID on the first line. The idp-single-sign-on-url and idp-single-logout-url are the same on Keycloak and you can use the value of the binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST. ...

October 6, 2022 · 3 min