It really depends on which Socket Services the container requires. If you have a lot of containers that all need the same set of Socket Services, you could potentially use a single socket-proxy to serve all of them (in theory, I think).

I usually run one per stack, sometimes more if I have a container within my stack that requires more/different Socket Services to the other(s).

I’m not a docker expert though, so I’m not sure I can say what’s recommended. If you find/get a more authoritative answer on this question, I’d be interested to know.

PfSense is another choice, if you want something with a more polished UI.

The risk is certainly lower if you’re not exposing services to the internet, but that’s not the only way to end up with a rogue container. I use docker-socket-proxy for most of my stacks that need socket access. It can sometimes require a little bit of troubleshooting to understand what services you need to proxy, but I’ve had a pretty good success rate. Reading the logs from the socket-proxy and referring to the Docker Engine API documentation will help you to understand what Services you need to enable in the socket-proxy config.

Are you interested in the networking side of self hosting? If so, you should get a better router, something you can run OPNsense or similar on. There are other “options”, but they’re workarounds that avoid fixing the real problem.

If you’re not using a VPN, it’s possible your ISP is throttling your connection when it sees p2p traffic. Just another thing to look into.

Have you considered other approaches, such as Tailscale or Cloudflare Tunnels? I think you’re complicating things.

I have some SmartThings plugs that work similarly, I think they have a UK version.

TubeArchivist sounds like a better fit for that.

You can use lists in Readarr. Set up a Goodreads account, link Readarr to a list in Goodreads. Any books in the list will automatically be added to Readarr.

Jim’s Garage on YT, he recently did a video about running Docker in an LXC. I think you’ll find the info you need there. It can be done, but if you’re new to Docker and/or LXCs, it adds an additional layer of complexity you will have to deal with for every container/stack you deploy.

Proxmox. Currently considering upgrading from a single node to a 3 node Cluster for Ceph.

Dark mode?

You can head over to the ArchiveTeam Warrior site for more info. You can set up a Warrior instance in Docker and assign it to the Reddit archive project.