keep up the good work boys
Thanks for sharing this! It also took me a while to understand the difference between the Expose dockerfile command and the --publish cli command
Do you run anything like fail2ban with that compatibility?
Can you expand on why you chose uCore? I was considering CoreOS until just now and the idea of setting up ignition config serving seems overkill for running only one server at home. ignition is still required the same way as CoreOS
Do you need to set lingering for all container users you set up? Does it restart all services in your compose files without issue?
I would love to see your compose file. I already have to run special steps on my nextcloud-aio to use it with a reverse proxy so I'm interested in moving away from it.
I make extensive use of compose in my own server so I'm assuming I'll need to transition to systemd confs. Do you run those or do you run everything by podman CLI?
I'm thinking about an immutable OS with podman support first and foremost. Would you recommend Fedora CoreOS?
I’m moving to a new machine soon and want to re-evaluate some security practices while I’m doing it. My current server is debian with all apps containerized in docker with root. I’d like to harden some stuff, especially vaultwarden but I’m concerned about transitioning to podman while using complex docker setups like nextcloud-aio. Do you have experience hardening your containers by switching? Is it worth it? How long is a piece of string?
Sad to see it. Good reminder to check your back ups though
there’s a reason most private trackers dont allow pre-releases. it attracts a lot of negative attention
Seems a little old. It should have BlueSky and FChannel
Spoiler: Things wait. A lot. A tale of efficiency, but for whom?