Yeah I use different VMs to separate out the different containers into arbitrary groups I decided on.

I run my docker containers inside different Debian VMs that are on a couple different Proxmox hosts.

I can’t speak for everyone else, but I run about 6 different VMs solely to run different docker containers. They’re split out by use case, so super critical stuff on one VM, *arr stuff on another, etc. I did this so my tinkering didn’t take down Jellyfin and other services for my wife and kids.

Beyond that I also have two VMs for virtualized pihole running gravity sync on different hosts, and another I intend to use for virtualized opnsense.

Everything is managed via ansible with each docker project in its own forgejo repo.

Yep, my family only had manual vehicles growing up so I had to learn stick just to start driving. AZ here, also mid 30s.

Homelab for me too. Started off with a repurposed gaming PC and exploded into multiple hosts, tons of drives, and an itch to keep expanding

Wow, I had no idea that there was a quote out there that aligns so well with my beliefs. I grew up in a semi religious household but was never forced to go to church. My parents encouraged me to go, not only to theirs but even go with friends that were different religions.

After going to various churches through some really vulnerable times I still don’t subscribe to any religion, but I also can’t bring myself to go full atheist.

Too bad that quote is way too long for a tattoo 🤣

Search it at your own risk.

Lmao, how have I never put that one together?

I appreciate the absolute humility though

I’m assuming you installed it directly to the container vs running docker in there?

I have been debating making the jump from docker in a VM to a container, but I’ve been maintaining Nextcloud in docker the entire time I’ve been using it and not had any issues. The interface can be a little slow at times but I’m usually not in there for long. I’m not sure it’s worth it to have to essentially rearchitect mely setup for that.

All that aside, I also map an NFS share to my docker container that stores all my files on my NAS. This could be what causes the interface slowness I sometimes see, but last time I looked into it there wasn’t a non hacky way to mount a share to an LXC container, has that changed?

Yikes! I pay a couple bucks more for uncapped gigabit. I’m fortunate in that there’s two competing providers in my area that aren’t in cahoots (that I can tell.) I much prefer the more expensive one and was able to get them to match the other’s price.

My wife has been dropping hints she wants to move to another state though and I’m low key dreading dealing with a new ISP/losing my current plan.

I do a separate container for each service that requires a db. It’s pretty baked into my backup strategy at this point where the script I wrote references environment variables for dumps in a way that I don’t have to update it for every new service I deploy.

If the container name has -dbm on the end it’s MySQL, -dbp is postgres, and -dbs would be SQLite if it needed its own containers. The suffix triggers the appropriate backup command that pulls the user, password, and db name from environment variables in the container.

I’m not too concerned about system overhead, but I’m debating doing a single container for each db type just to do it, but I also like not having a single point of failure for all my services (I even run different VMs to keep stable services from being impacted by me testing random stuff out.)

It took a little bit of work but I rolled my own docker compose and it’s been pretty solid. I pin the specific nextcloud version in my compose file (I don’t like using :latest for things) and updating is as simple as incrementing the version, pulling the new image, and restarting the container. I’ve been running this way for a couple years now and I couldn’t be happier with it.

I host forgejo internally and use that to sync changes. .env and data directories are in .gitignore (they get backed up via a separate process)

All the files are part of my docker group so anyone in it can read everything. Restarting services is handled by systemd unit files (so sudo systemctl stop/start/restart) any user that needs to manipulate containers would have the appropriate sudo access.

It’s only me they does all this though, I set it up this way for funsies.

There’s an outside chance they just don’t want to show their username, but yeah OP should make sure they’re properly pathing to their creds

I’ve been running it behind Cloudflare with no issues. I’m also doing it a completely different way than the official docs and the ubergeek method. Mostly because I have a particular way I do my docker stuff.

Every time something has broken it’s been 100% on me. My favorite way to learn is by breaking things though, so I also have an account on a different instance in case I break mine and have to wait a bit to fix it 😅

As someone else already said, automated backups should be up on the priority list.

But also maybe try out self hosting Lemmy. It’s been a fun little journey and helped me flesh out my Caddy config more than I thought possible.

How so? The three biggest things I attribute to Google are search, ads, and their mail/calendar/drive/docs suite. The only thing I see Proton doing is the last, which serves as an alternative to more than just Google.

(I ask this as someone that does not use Proton as primary for anything)

They have a similar integration with Bitwarden that I’ve used a bit. I ended up stopping though because I rely on a catch-all and just give out companyname@ or something generic like work@ or family@. Sure it’s easy to guess but I haven’t had any spam issues in the ~15 years I’ve been operating this way.

Nobody actually gets my Fastmail login address though. I picked a random string on one of their domains that’s literally only used to sign in. A fun little added obscurity feature.

Yeah I suppose I could be missing email and not know (because it never got delivered) but I get everything I expect to receive and I haven’t had anyone reach out asking why I haven’t responded to an email I never received. It’s good enough for me for now though.

LDAP support isn’t something that’s ever crossed my mind for mail, definitely a legit reason to stick with the Googs.

Yep. It was a fun ooh look what I can do that I have exactly zero people to communicate with using those features.

In the same vein, not using Google is similarly silly. Most of my personal contacts use Gmail or o365 so they still get a copy of my email anyway. But at least this way my money isn’t going to them and nobody’s scanning my inbox to advertise to me (☞ﾟヮﾟ)☞