4·
8 months agodeleted by creator
- 0 Posts
- 12 Comments
Joined 1 year ago
Cake day: June 29th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
Using podman-compose, I usually have a section like:
volumes: - ./local_folder:/container/folderSpecifically, I have to use either an absolute path or a relative path with “./” to prevent it from treating a directory as a volume name.
My practical answer: Nah, it’s probably not going to nuke your files.
My software engineer answer: Never trust us to not make a mistake. It doesn’t take much to accidentally nuke a directory.
Agreed, for me containers are really nice for playing with new software without dirtying my host install.
I’m actually almost completely unfamiliar with Nginx, short of a few hours of tinkering. NginxProxyManager is a direct competitor to Caddy, with a graphical interface, SSL cert creation and auto-renew, etc. I’m not going to say to switch from Caddy, since there’s probably no major benefit, but it’s much nicer than trying to figure out Nginx reverse proxies by hand.
I really want to use tape for backups, but holy expensive. Those tape drives are thousands of dollars.
I’m going to cast another vote for a reverse proxy, such as NginxProxyManager. It’s really easy to set everything up, and they’re usually very easy to run in Docker/Podman.
One thing to note: if you end up with a domain with mandatory HSTS, you’ll have to use DNS-based certificate generation rather than HTTP based, since unencrypted HTTP is blocked (chicken/egg problem to get HTTPS working). It’s not hard, but you have to be aware of that limitation.
I ended up scoring a free lifetime membership years ago, but is their stuff open source? I never fully trusted it, so I didn’t end up using it for anything
Agreed. I have a personal modem and a separate router with openwrt acting, at least in part, as a firewall. Then each host also has its own firewall for extra protection.
Maybe consider routing your traffic through an SSH tunnel?
IIRC it’s default in Windows and GNOME now too. It’s a very strange default.
Doesn’t the RPi still go through the ISP? You’d still have to find a way to bypass their hijacking attempts, just on a different device this time.
This seems like it’s geared toward higher power hardware that’s not generally available on a consumer-grade router.
deleted by creator