Is it just you that needs access? VPN like Tailscale or Wireguard is the most secure option then, as it’s not exposing any services to the internet.
Otherwise a reverse proxy in front of things like Traefik or Nginx, make sure things are automatically updated ASAP, and make sure auth is enabled on the services.
Hibernate is even better with a fast SSD.
Neat bit of work finding the issue.
What’s the advantage of static container IPs? I’ve never thought about that in all my time using docker.
With several comments now showing surprise about this, is sleep mode or hibernation not common knowledge?? Windows and every Linux distro I’ve tried has sleep mode enabled by default.
Most people use sleep or hibernate, still uses very little power (none in hibernate) but you don’t have to open all your stuff every time.
Veeam endpoint free version is nice because it doesn’t require a reboot.
I can’t automate full disk backups as I can’t run dd reliably from a system that is itself already running.
Can’t you do a snapshot like VSS does on windows and back that up on a running system? I assume with a filesystem that supports snapshots that would be possible.
Since you’re using a non-standard HTTPS port, check your browser network log in dev tools and make sure your app isn’t redirecting you to the standard port 443. With non-standard ports you often will need to customize the config of apps so they know what you’re using.
Maybe your ISP has you on CGNAT? If your public IP is between 100.64.0.0 and 100.127.255.255 you’re on CGNAT.
Do you use ZFS? It uses half your RAM for cache by default, which matches with 2GB used by user apps + 16GB = 18GB total.
The most generic simple setup IMO is a Debian minimal install with Docker, and use Komodo if you want a webUI to manage Docker stacks.
I’d say leave out the 250GB and install proxmox on a mirror on the 2x 512GB drives, it barely uses any space, just remember to set the root size to like 32GB. Then you have redundancy for the boot partition too.
If using ZFS for the SSD mirror you could use it for the HDD too, but if you want the best performance something other than ZFS may be better.
It is, I’ve been auto updating it for almost 2 years. Just needs a quick fix every now and then.
Obviously make sure your backups are working properly.
Probably a hardware upgrade of some kind. The i5-7500 is not cutting it for Minecraft servers with mods and Arma 3 servers, single thread performance is just too slow. So I may grab an i3-14100 or similar and a motherboard and do that swap.
They have full access to the hardware, everything on it, and all traffic going to/from it. So you need to trust the provider you use somewhat.
If you just want privacy from the usual online services by running some of your own stuff, then that’s totally fine.
Oh I see, you mean you mount the NAS storage into /home?
Interesting, are you accessing files directly on the NAS or something like that where the symlink makes sense?
I mount extra storage under /mnt/ and store stuff like media in there.
I use Frigate, works well with RTSP cameras such as Amcrest.
Tailscale is very easy and handles everything for you but you are relying on their services, so if you want to be 100% self hosted Wireguard is the way to go.