Op I was you 12 months ago. +1 installing proxmox. The ability to make mistakes in an LXCs and always having the nightly back up right there was worth it alone. Helper scripts get you close to where you want to go fast. As for guides, there's a bunch, raid owl, technotim both have initial proxmox setup guides. There are many like them, just two I remember.
It might just be me, I struggled with every step of every guide I followed, mostly because I skip to copy paste the commands... Don't do that. Chatgpt, plug the command in there and start quizzing it: "what does this do, what are the flags doing, I want to do x will command work". Then don't copy chatgpt either, take its output back to the documentation and make sure it makes sense. Then take a snapshot. Then paste the thing. It at least forced me to slow down.
In the beginning I was about a month, just on a pi, getting a pihole and a servarr installed and configured. Then I nuked it and rebuilt in a couple weeks. Then I messed up again and rebuilt in a couple days. I dedicate 1hr to try fix what I broke using Chatgpt as mentor/rubber duck, if I can't make progress on a fix in that time I load the snapshot. Troubleshooting is a great skill, however, everything you need gets installed at least once, so get good at installing things. Back ups need testing and you should be familiar with the process, get good at recovering from back ups. Chatgpt solves most of the problems surface level problems. You'll get to a point when you get stuck chatgpt won't be any help either, but let gpt get you there quickly.
I genuinely prefer Dockge to Portainer, learn Portainer. As a rule learn the industry standard then migrate. Tonnes of articles and resources for Portainer, almost everyone using Dockge can help you with Portainer, not the other way around. The only difference is when the non-industry standard is specifically made to solve problems you have with the IS, I went with nginx proxy manager over nginx for example. GUIs are nice and I can see things working, unlike pasting a massive config and hoping. Now I have huge compose.yaml stacks for docker that I used to install one by one in Portainer.
Security is hard. Outsource all you can. Your ISP firewall is perfectly serviceable don't punch holes in it (for now). Tailscale is perfectly serviceable don't try make your own tunnels (for now). One of my earliest posts was me installing a firewall on my pi, separate from the my router, and then going into a blind panic about punching holes in my firewall. Funny to look back on, my isp firewall is still completely intact, I picked a different path.
Each iteration add one layer of complexity and take easy wins for everything else. I set up pihole bare metal, messed up the unbound install, go again. I used docker starter to set up pihole+unbound, messed up [something]... go again... Prioritise "working" over "perfect". You don't know what perfect is anyway. I don't know what perfect is, but just getting something working teaches me what would be better for next go around. If what you did is "wrong" it's going to break sooner rather than later so you get to go again. If what you did works forever be happy and enjoy the thing you built.
Oh I forgot. No big updates right before bed, before a big event or when you're out of the house. I once had an auto updater [watch tower] go off and delete my access to the internet [pihole] before downloading the new image, on my fiancée's first day off, and while I was at work. I learned a lot about redundancy for essential infrastructure to Facebook that day, rightly so. If you can't/won't want to fix broken things right then, don't be doing stuff that might break things.
You didn't lend it to me, don't check. My fiancée found a couple of knorks in the same style, because she's long suffering. She flatly refused buying them for daily use though. Some people hate progress I swear. So I'm looking for dining table appropriate aesthetics, despite us not having a dining room table.
I just wanted to say America didn't only practice slavery in the past, it practices slavery right now and you "love it there". Like what you want. I love chocolate [don't buy it anymore though] and when someone points out there's a huge slave trade in it I don't go: "Honey, the adults are speaking. We are X. We work hard. We take of each other and we love our community " I say "you're right". The primary teachers I know don't treat anyone with that amount of condescention, veiled or otherwise.
It isn't more "adult" to ignore the problems of the world. It is, by definition, more ignorant though. Your previous comment called me a child. It didn't say anything else. Just called me a child, don't get on your high horse now, no-one is buying it.
"There is no gay gene, people arent born gay" it rhymes. Lately it's being used to question trans-rights to suggest they aren't born that way either.
All moot though, born that way, not born that way, doesn't matter at all. It's a way of making one protected class feel lesser than another in order to discredit them.
This was my "are we the baddies" moment, some 15 years ago btw. Someone pointed out that my anti-thiest rhetoric and the "just asking questions" I was asking were incredibly reminiscent of the other bigots. Of course, in the moment "they were wrong", "I was right", "yada yada yada". But, later when I had time for some introspection, I asked myself why do anti-thiests quack like the other bigots, and more importantly why was I quacking too.
Does anyone know where I could get a knork and spife set? We're too lazy to grab a knife from the draw so just use the side of the regular utensils anyways
Christ man, there's shit to criticise about every nation, none are worth praise imho. But America isn't even close to being "just a little bit evil" let alone good.
It is funny how attacks on the protected classes seem to rhyme. Homosexuality is presented as being a decision to try attack it. Gender identity is presented as being a choice to try and discredit it.
Now I'll agree that religion is a class someone can move through, from Christian to muslim, to atheist and finally Buddhist for example. But I don't think that particularly matters. Someone can realise their sexual identity later in life, then realise they are wrong and it was something else. I don't think that's them making decisions, so much as learning more about themselves and the world. So how someone can move around a religious space doesn't really interest me in terms of what it means as a protected class.
Muse away, transphobes have trodden a lot of ground if you want a head start.
I did think about cron but, long ago, I heard it wasn't best practice to update through cron because the lack of logs makes things difficult to see where things went wrong, when they do.
I've got automatic-upgrades running on stuff so it's mostly fine. Dockge is running purely to give me a way to upgrade docker images without having to ssh. It's just the monthly routine of "apt update && apt upgrade -y" *5 that sucks.
Thank you for the advice though. I'll probably set cron to update the images with the script as you suggest. I have a "maintenance" homarr page as a budget uptime kuma so I can quickly look there to make sure everything is pinging at least. I made the page so I can quickly get to everyone's dockge, pihole and nginx but the pings were a happy accident.
On my home network I have nginxproxymanager running let's encrypt with my domain for https, currently only for vaultwarden (I'm testing it for a bit for rolling it out or migrating wholly over to https). My domain is a ######.xyz that's cheap.
For remote access I use Tailscale. For friends and family I give them a relay [raspberry pi with nginx which proxys them over tailscale] that sits on their home network, that way they need "something they have"[the relay] and "something they know" [login credentials] to get at my stuff. I won't implement biometrics for "something they are". This is post hoc justification though, and nonesense to boot. I don't want to expose a port and a VPS has low WAF and I'm not installing tailscale on all of their devices so s relay is an unhappy compromise.
For bonus points I run pihole to pretty up the domain names to service.swirl and run a homarr instance so no-one needs to remember anything except home.swirl, but if they do remember immich.swirl that works too.
If there are many ways to skin a cat I believe I chose to use a spoon, don't be like me. Updating each dockge instance is a couple minutes and updating diet pi is a few minutes more which, individually, is not a lot on my weekly/monthly maintence respectfully. But on aggregate... I have checklists. One day I'll write a script that will ssh into a machine > update/upgrade the os > docker compose pull/rebuild/purge> move on to the next relay... That'll be my impetus to learn how to write a script.
I thought they were disagreeing with point two, I don't want to jump to conclusions though. Social media is full of "so you think [extreme nonsense here]" I am trying to be better than that.
I dunno. I was around for the "it's PC culture gone mad" position from yonder year. Their comment was similar to arguments made back then about racism, transphobia, homophobia, any protected class really.
Momentum really. I'm on NPM now, it works and it's great. I didn't put much thought into it. I'm generally happy with npm, it's mostly just something to learn next and plain nginx made sense.
Fedegenerate @ Fedegenerate @lemmynsfw.com Posts 2Comments 303Joined 2 yr. ago
Op I was you 12 months ago. +1 installing proxmox. The ability to make mistakes in an LXCs and always having the nightly back up right there was worth it alone. Helper scripts get you close to where you want to go fast. As for guides, there's a bunch, raid owl, technotim both have initial proxmox setup guides. There are many like them, just two I remember.
It might just be me, I struggled with every step of every guide I followed, mostly because I skip to copy paste the commands... Don't do that. Chatgpt, plug the command in there and start quizzing it: "what does this do, what are the flags doing, I want to do x will command work". Then don't copy chatgpt either, take its output back to the documentation and make sure it makes sense. Then take a snapshot. Then paste the thing. It at least forced me to slow down.
In the beginning I was about a month, just on a pi, getting a pihole and a servarr installed and configured. Then I nuked it and rebuilt in a couple weeks. Then I messed up again and rebuilt in a couple days. I dedicate 1hr to try fix what I broke using Chatgpt as mentor/rubber duck, if I can't make progress on a fix in that time I load the snapshot. Troubleshooting is a great skill, however, everything you need gets installed at least once, so get good at installing things. Back ups need testing and you should be familiar with the process, get good at recovering from back ups. Chatgpt solves most of the problems surface level problems. You'll get to a point when you get stuck chatgpt won't be any help either, but let gpt get you there quickly.
I genuinely prefer Dockge to Portainer, learn Portainer. As a rule learn the industry standard then migrate. Tonnes of articles and resources for Portainer, almost everyone using Dockge can help you with Portainer, not the other way around. The only difference is when the non-industry standard is specifically made to solve problems you have with the IS, I went with nginx proxy manager over nginx for example. GUIs are nice and I can see things working, unlike pasting a massive config and hoping. Now I have huge compose.yaml stacks for docker that I used to install one by one in Portainer.
Security is hard. Outsource all you can. Your ISP firewall is perfectly serviceable don't punch holes in it (for now). Tailscale is perfectly serviceable don't try make your own tunnels (for now). One of my earliest posts was me installing a firewall on my pi, separate from the my router, and then going into a blind panic about punching holes in my firewall. Funny to look back on, my isp firewall is still completely intact, I picked a different path.
Each iteration add one layer of complexity and take easy wins for everything else. I set up pihole bare metal, messed up the unbound install, go again. I used docker starter to set up pihole+unbound, messed up [something]... go again... Prioritise "working" over "perfect". You don't know what perfect is anyway. I don't know what perfect is, but just getting something working teaches me what would be better for next go around. If what you did is "wrong" it's going to break sooner rather than later so you get to go again. If what you did works forever be happy and enjoy the thing you built.
Oh I forgot. No big updates right before bed, before a big event or when you're out of the house. I once had an auto updater [watch tower] go off and delete my access to the internet [pihole] before downloading the new image, on my fiancée's first day off, and while I was at work. I learned a lot about redundancy for essential infrastructure to Facebook that day, rightly so. If you can't/won't want to fix broken things right then, don't be doing stuff that might break things.