Cool, best of luck. I’ve been using lightly for a couple months via the AUR package and I really like it.

CachyOS installer these are all things outside at all related to the game and back to the game and back to the game and back to the game

Pretty accurate really.

lol I would open every port on my router and route them all to wireguard before I would ever consider doing this

Plus in Linux you can actually fix this with a live USB, while on Windows you can run startup repair and hope for the best.

The power is out and my laptop has less than 10% battery left?

It’s pacman -Syu time.

I did this once to install a different distro on a free oracle VPS lol

I use Nextcloud with Nginx Proxy Manager and just use NPM to handle the reverse proxy, nothing in Nextcloud other than adding the domain to the config so it’s trusted.

I use Plex instead of Jellyfin, but I stream it through NPM with no issues. I can’t speak to the tunnel though, I prefer a simple wireguard tunnel for anything external so I’ve never tried it.

Edit: unless that’s what you mean by tunnel, I was assuming you meant traefik or tailscale or one of the other solutions I see posted more often, but I think one or both of those use wireguard under the hood.

The issue is that the docker container will still be running as the LXC’s root user even if you specify another user to run as in the docker compose file or run command, and if root doesn’t have access to the dir the container will always fail.

The solution to this is to remap the unprivileged LXC’s root user to a user on the Proxmox host that has access to the dir using the LXC’s config file, mount the container’s filesystem using pct mount, and then chown everything in the container owned by the default root mapped user (100000).

These are the commands I use for this:

find /var/lib/lxc/xxx/rootfs -user 100000 -type f -exec chown username {} +;
find /var/lib/lxc/xxx/rootfs -user 100000 -type d -exec chown username {} +;
find /var/lib/lxc/xxx/rootfs -user 100000 -type l -exec chown -h username {} +;
find /var/lib/lxc/xxx/rootfs -group 100000 -type f -exec chown :username {} +;
find /var/lib/lxc/xxx/rootfs -group 100000 -type d -exec chown :username {} +;
find /var/lib/lxc/xxx/rootfs -group 100000 -type l -exec chown -h :username {} +

(Replace xxx with the LXC number and username with the host user/UID)

If group permissions are involved you’ll also have to map those groups in the LXC config, create them in the LXC with the corresponding GIDs, add them as supplementary groups to the root user in the LXC, and then add them to the docker compose yaml using group_add.

It’s super confusing and annoying but this is the workflow I’m using now to avoid having to have any resources tied up in VMs unnecessarily.

I’ve been doing this for at least a decade now and the drives are just as reliable as if you bought them normally. The only downside is having to block one of the pins on the SATA connector with kapton tape for it to work.

Acts as a wildcard for any directories that exist between arteries and clot.

I like the workflow of having a DNS record on my network for *.mydomain.com pointing to Nginx Proxy Manager, and just needing to plug in a subdomain, IP, and port whenever I spin up something new for super easy SSL. All you need is one let’s encrypt wildcard cert for your domain and you’re all set.

I only use rolling releases on my desktop and have ran into enough issues with apps not working because of changes made in library updates that I’d rather they just include whatever version they’re targeting at this point. Sure, that might mean they’re using a less secure version, and they’re less incentivized to stay on the latest version and fix those issues as they arise, but I’m also not as concerned about the security implications of that because everything is running as my unprivileged user and confined to the flatpak.

I’d rather have a less secure flatpak then need to downgrade a library to make one app I need work and then have a less secure system overall.

Definitely. I’d rather have a “good and specific reason” why your application needs to use my shared libraries or have acess to my entire filesystem by default.

IIRC from running into this same issue, this won’t work the way you have the volume bind mounts set up because it will treat the movies and downloads directories as two separate file systems, which hardlinks don’t work across.

If you bind mounted /media/HDD1:/media/HDD1 it should work, but then the container will have access to the entire drive. You might be able to get around that by running the container as a different user and only giving that user access to those two directories, but docker is also really inconsistent about that in my experience.

If you want Proxmox to dynamically allocate resources you’ll need to use LXCs, not VMs. I don’t use VMs at all anymore for this exact reason.

That I’m not sure of. My proxmox host is headless and none of my containers have a GUI so I haven’t tried.

You can also pass the GPU to multiple LXCs that will share it vs it being tied to a single VM. I use VMs as little as possible in Proxmox these days.

lol I switched to CachyOS because it’s Arch with less steps, at least as a user

I’ve never actually had this problem, but the issue is Windows will wipe your bootloader from the ESP, so it can’t do anything about it. You can use your bootloader of choice to fix it, but you’d have to chroot from a live image.

Source: I accidentally deleted the wrong EFI partition

Visual discomfort because it looks like an slightly older app? What kind of issue is that???

You’ve met an iOS user.