Matt The Horwood

We got an old style phone when we went to see the northern lights

OVH here, both domains, dedi server and a VPS.

Has an API to get an cert you want, even for non internet facing stuff

Snapcast might fit the bill, not sure about the 5.1 bit.

Does multi room sync

In my case I need to use a named volume for docker swarm, also I can reuse a named volume in other services. If your not using swarm then just a bind mount should be fine

with the way I do it, you can also use NFS as a backend

https://docs.docker.com/reference/compose-file/volumes/

but you shouldn’t be building out new applications and new environments on VMs or LXC

That’s a bold statement, VMs might be just fine for some.

Use what ever is best for you, if thats containers great. If that’s a VM, sure. Just make sure you keep it secure.

If you use a volume, you can mount that anywhere.

volumes:
  lemmy_pgsql:
    driver: local
    driver_opts:
      type: none
      o: bind
      device: '/mnt/data/lemmy/pgsql'

Then in your service add a volume

    volumes:
      - lemmy_pgsql:/var/lib/postgresql/data:Z

Yes, but no. There is still a lot of places using old fashioned VMs, my company is still building VMs from an AWS ami and running ansible to install all the stuff we need. Some places will move to containers and that’s great, but containers won’t solve every problem

would agree the hardware would run everything fine

right tool for the job mate, not everything works great in a container.

Also Proxmox is not legacy as its used a lot in homelabs and also some companys

I use proxmox to carve up my dedicated host with OVH, 3 of the vms run docker anyway.

If your router is setup to only allow in the ports with a service hanging off it, like SSH. Then a firewall wont add anything your router doesnt.

On the flip side, if your running any kind of VPS or directly accessible server, like a VPS or dedicated server. Then a firewall is required.

Now protecting your server from other things on your local network might something you want to do, think IoT stuff getting popped and being used to hack other things on the network

Keycloak here, I plugged my keycloak into my Google workspace. Yes I know Google!!

But the login flow is amazing and I get all the MFA without the faff

If you run a single DNS server, you will always have downtime when it’s restarted.

The only way to mitigate that, is to run 2 DNS servers.

I setup my network to use pihole as the first DNS and the router as the second, most of the time pihole is used. Unless it’s down

As a homelabber and systems admin, I would start with learning how to use Linux on the command line.

It’s all well and good looking at docker, but if you don’t know how to move about or edit on the command line. Your going to get stuck real quick.

Once your happy doing simple tasks on the command line, I would actually look at running something like wordpress on a pi or VPS. That will help you understand how to connect services together, and cement your basic command line knowledge.

Yeah, OVH do website hosting as well

I moved all my domains from Google to OVH, OVH have an API so you can get certs with certbot. You could also use the API to update records for a dynamic home broadband

I have stuff in new releases.io and also GitHub release RSS feeds in nextcloud, I then sit down once a week and see what needs an update. Reboot when required.

I nextcloud news (RSS) for that sort of thing, you can organise feeds into folders and see an unread list. There is even a mobile app to get whats on the server

I would recommend not using a mobile to edit a spreadsheet, I have tried and gave up as its less the ideal.

your running something on port 443 already, if its nginx thats still running kill it. If not, then found out what is running on port 443 and kill it use ss -nlp to find the process name