how are you trying to run podman?

If you just want a similar setup as with docker I'll recommend this:

https://github.com/containers/podman/blob/main/docs/tutorials/rootless_tutorial.md

Lingering (running services without login / after logout)

https://github.com/containers/podman/issues/12001

https://unix.stackexchange.com/questions/462845/how-to-apply-lingering-immedeately#462867

    
sudo loginctl enable-linger <user>

  

https://github.com/containers/podman/blob/main/vendor/github.com/containers/storage/storage.conf

Check out the storage.conf to use the fuse-overlay driver.

I like podman-compose and i have a start up script that restarts all my containers at reboot, as my user.

Also use the full link to your images, like docker.io/image oder where ever you get your images from.

have fun :)

I use glance.

Yes all users that have containers running, that should keep running need lingering.

The Services do not restart themself. I have cronjob that executes podman start --all at reboot for my "podman user".

I'm running podman and podman-compose with no problem. And I'm happy. At first I was confused by the uid and gid mapping the containers have, but you'll get used to it.

This are some notes I took, please don't take all of it for the right choice.

Podman-Stuff

https://github.com/containers/podman/blob/main/docs/tutorials/rootless_tutorial.md

storage.conf

To use the fuse-overlay driver, the storage must be configured:

.config/containers/storage.conf

    
[storage]
  driver = "overlay"
  runroot = "/run/user/1000"
  graphroot = "/home/<user>/.local/share/containers/storage"
  [storage.options]
    mount_program = "/usr/bin/fuse-overlayfs"

  

Lingering (running services without login / after logout)

https://github.com/containers/podman/issues/12001

https://unix.stackexchange.com/questions/462845/how-to-apply-lingering-immedeately#462867

    
sudo loginctl enable-linger <user>

  

Yeah, I did not know it is that bad....

You don't want the nextcloud to be public for everyone, then I'd go the tailscale route without a vps. Just connect your Server and phone.

If you want it to be public, then I'd still use tailscale and do it like the other comment suggested.

Reverse Proxy on vps connected to tailscale, proxzies the traffic through the tailnet to your server. That's what I'm doing btw.

https://lemmy.world/comment/10089750

This is how I did it.

I recommend this: https://www.zigbee2mqtt.io/guide/installation/20_zigbee2mqtt-fails-to-start.html#method-1-give-your-user-permissions-on-every-reboot

with that and also read the tipp after that I was troubleshooting my permission issues.

This should apply to gpu too.

But does this matter if you just want this to be locally accessible and you're running your own dns?

You need a wildcard cert for ypur subdoman:

    
*.legal.example.com


  

Then point that record to 127.0.0.0. This will not resolve for anyone. But you'll have an internal dns enty (useig pihole/adguard/unbound) that redirects to your reverse proxy.

You could also point to your revers proxy internal address instead of 127.0.0.0.

This video could help you: https://www.youtube.com/watch?v=qlcVx-k-02E

Sorry I have no idea how traefik works, but I've seen that this new video ist out. It might help you.

https://youtu.be/n1vOfdz5Nm8

I'm sorry to hear that. But the dev points that out very clear on the docs etc.

From what we self hosters are used to, this does not happen often, but it can.

Hope you can recover!

Immich is very cool. Be carefull to read every release note and do not auto update. There are can be breaking changes! In total im happy with immich!

You can take a look at FFUpdater on F-Droid. There you can see different browsers for android and information about the features they have.

I'm useing mull.

I understand this, but that way you always read the update notes and you control what version you install. This can be a good practice.

That stuff breaks is not so nice though.

Little donut 🍩

I switched a year ago to podman and had some trouble to get everything running. But it is possible. I'm not running anything rootful and everything works.

Read the docs, use podman-compose (this sadly has no good docs, but works quit well when you got it) and get ready to play around with permissions and file ownership.

Podman does not start your containrs on boot. You need to do some magic yoursefel. Like a cronjob that starts all containers at boot.

As far as I know, you'll have a last syched copy in your cache. Test it with no internet con! Try to export your data without internet.

I'm using vaultwarden for like 4 year now, but on my personal server at home. Btw a raspberry pi is enough to run vaultwarden.

You could take a look at reverse proxys and dyndns services (like duckdns -> free). I started like this. Now I have my own domain, but that is not mandatory!

I'm adding AntennaPod for Podcast.