Comment

Comment on Selfhosting Sunday! What's up?

confusedpuppy@lemmy.dbzer0.com ⁨1⁩ ⁨week⁩ ago

I’ve been making another attempt to replace Docker with Podman. The issue is I can’t connect to my server through a web browser. I think it’s a firewall issue.

Networking and networking troubleshooting is a bit confusing for me and that’s the least favourite part about self hosting for me. Turns out I actually enjoy writing scripts more and the challenge of writing POSIX scripts especially.

If I can figure it out, I’ll probably write a guide for setting up Podman and Caddy on Alpine Linux since there isn’t a lot of recent information out there from what I found in my searches so far.

source

Sort:hotnew top

skilltheamps@feddit.org ⁨1⁩ ⁨week⁩ ago
Rootless podman cannot bind ports <1024, only root can by default (on pretty much any distro I guess). Have you done something like sysctl net.ipv4.ip_unprivileged_port_start=80 to allow non-root processes to bind to port numbers >=80?

source
- confusedpuppy@lemmy.dbzer0.com ⁨1⁩ ⁨week⁩ ago
  I’ve read about that and I already have that in my notes as well.
  
  It doesn’t really affect my needs because my ISP blocks incoming on those ports anyways. Also I’m choosing not to use a tunnel at the moment so I’ll be using a higher port anyways.
  
  The last time I asked about it, a few people seemed to agree it was something to do with the firewall settings. That seems most likely since I was able to connect when I disabled my firewall. I’m not a fan of working with iptables. The language for that type of networking is gibberish to me.
  
  I had also tried going from docker compose to rootful podman compose and ran into the same issue. Although I’m trying to work away from podman compose in the future, just taking it in steps.
  
  source
dabe@lemmy.zip ⁨1⁩ ⁨week⁩ ago
Good luck 🫡 I made the switch about half a year ago and went all in on rootless quadlets while I was at it. It was a pretty nightmarish couple weeks figuring out things like user id mappings and rootless permissions, but I got there eventually. Landed on a super neat Traefik config that should work for anyone and makes spinning up new quadlets with their own reverse proxied subdomains really simple. I should really post it somewhere…

In the end I wouldn’t exactly say it was worth it… but it sure feels cool to be fully moved into a more open/native container implementation.

source
- confusedpuppy@lemmy.dbzer0.com ⁨1⁩ ⁨week⁩ ago
  Yeah, I mainly just want to move away to more open projects. When I first started, everyone kept suggesting using Cloudflare. After half a year using their service, I just felt icky the entire time.
  
  In the past couple months I was able to move away and chose to protect myself by learning how to harden my server as well as hiding my server behind multiple layers of obscurity.
  
  With my current setup, the only site traffic I get has only been myself and my custom ssh port only gets hit by bots about 3-10 times a week according to my logs. Only time will tell how effective my layers of obscurity will hold up but so far it seems to satisfy my needs better than I was expecting.
  
  Once I get podman in a state I like, I’ll pretty much be all open sourced and all I’ll have to do for myself is be in maintenance mode unless I care to add a new service. I like to keep things simple so I don’t normally go crazy adding new services anyways.
  
  source
Eldaroth@lemmy.world ⁨1⁩ ⁨week⁩ ago
Did the switch from Docker to Podman a couple of months ago. Now I host all my services (arr-stack, Forgejo, Nextcloud, Authelia, Traefik, Immich… to name a few) on my VPS and mini pc/home server with Podman.

I recently sat up headscale to connect my VPS running the Traefik Proxy to my home lab to make some of my services running on there accessible from the internet. It was quite the journey, to say the least, as networking is not my forte either.

But feel free to dm me if you need some inspiration or support, maybe I can help.

source
- confusedpuppy@lemmy.dbzer0.com ⁨1⁩ ⁨week⁩ ago
  Thank you for the offer. I still need a bit more more time to experiment and zero in on the issue again. Fortunately my setup is quite simple and the only bottleneck will be Caddy.
  
  I basically run Caddy which redirects to a static generated blog, simple file server page and a Kiwix instance. I’m mostly making a self hosted reference site of materials for Linux and Scripting resources.
  
  One day I may add a Forgeo instance but currently my entire workflow exists around rsync. I’m happy just having my single file scripts hosted as text files and don’t really need the power of git. At least not at the moment.
  
  source