I’m using this right now but I’m switching to having all my services under one domain and blocking non internal ips. Technically someone can access your site by providing the host manually, althought it’s unlikely since they would need to know it
I use ddclient but in a docker container. Works great with minimal config
I just bind mount volumes I want to keep and use duplicati to backup the contents of my containers folder. Another idea if you are committed to docker volumes, is to also mount them to your backup solution.
Interesting my ip shows up with a plex logo and a port that I’ve never opened. I have never used any plex services
Thanks for sharing this! It also took me a while to understand the difference between the Expose dockerfile command and the --publish cli command
Do you run anything like fail2ban with that compatibility?
Can you expand on why you chose uCore? I was considering CoreOS until just now and the idea of setting up ignition config serving seems overkill for running only one server at home. ignition is still required the same way as CoreOS
Do you need to set lingering for all container users you set up? Does it restart all services in your compose files without issue?
I would love to see your compose file. I already have to run special steps on my nextcloud-aio to use it with a reverse proxy so I’m interested in moving away from it.
I make extensive use of compose in my own server so I’m assuming I’ll need to transition to systemd confs. Do you run those or do you run everything by podman CLI?
I’m thinking about an immutable OS with podman support first and foremost. Would you recommend Fedora CoreOS?
Yeah the remote ip is always local. This comes from a podman configuration, not a caddy one. Setting the podman network mode to pasta or slirp4netns will show the proper remote ips