ampersandrew@lemmy.world 22 hours ago I think the tunnel method you’re suggesting is different than what I’m after, and a lot of the “complexity” in learning this stuff is coming from all the different methods we have available to achieve similar results. I ought to be able to just expose 443 once I’m fully up and running, and it will route to the various services through the reverse proxy and subdomains. My “zero trust” separation for security ought to be my VLANs. So if I’m not going exactly that route, where would my DNS servers come from, and why would I need something other than what’s there by default?
I know the CLI is effective. My daily driver has been Kubuntu since 2017, and I dabbled with Ubuntu for a decade before that. But I’m so much slower on the command line, because I have to think so much harder about each command, and the outputs are often unintuitive to read and parse out what I’m looking for.
Security in depth for me. I tend to be a little heavy on security: lemmy.world/post/43533409
I feel that, and it’s understandable. I seriously doubt that even Linus Torvalds knows every command and sequence off the top of his head. However, it would seem to me that at some point, the GUI will not have the options you need to deploy xyz app, and you’re going to have to use the cli. I keep a ‘note pad’ on my dashboard full of commands because my brain is shit and this helps me as much as it may seem rudimentary. LOL The list goes on for quite a ways past what is visible in the screen shot.
Image
In that vein I always encourage users to take prolific notes. You’ll never remember everything you did 6 months from now. So, write down everything during the deployment, then distill the notes into what actually worked, and include them in your 3,2,1 back up scheme.
My 2p. Best of luck. Do share your journey.