What? Gitea. Gitlab is a complete devops platform. Awesome, but complete overkill.

Why? Because I regularly commit code atrocities and have a hard enough time dealing with imposter syndrome, I don’t need to add public shaming on top of it (And just data sovereignty I guess)

Basically I ran into issues with building images from newer and more complex compose files that podman-compose just couldn’t pull apart.

Docker is still the go-to if you want shit to ‘just work’, it has an easier user experience, it’s what the vast majority of developers building containers are using. You can run rootless if you want without too much pain.

It has come a long way but the probability that you’ll run into some random edge case or other issue with podman is higher, podman-compose has some thorns (high likelihood you’ll need to hack on compose files), if you want containers to start without your interaction you have to bake up systemd unit files for them, etc. I’ve not messed with podman-kube-play - wasn’t even aware of it, so can’t really comment as to how well that works.

There’s nothing to lose by giving it a go except your sanity and time. 😁

Totally respect that, I question my sanity frequently

This individual fornicates

Container host started life as rocky, I honestly can’t remember why I switched distros

The KVM host also hosts a bunch of other random stuff, Debian running on Rocky is just the tip of the junkpile

I know a lot more about self hosting than I did a month ago that’s for sure, I wonder how long until I start trying to use ssh in my dreams.

Now that you’ve written this? Tonight. It’ll happen tonight.

My dream was to find a way to leverage them as poor man’s IP camera or something …one day…

this site runs of parts scavenged from a roadside sign

Love keeping that old tech alive! My Core 2 Duo died a couple of years back, if I could figure out a way to leverage old mobile phones for some sort of project I would.

I’ve always called it ‘ghetto IT’ personally.

Docker is still what 95% of people think of when you talk containers and you may encounters issues, particularly running things rootlessly as it’s not a use-case that developers necessarily support. Not to discourage you at all, experimentation is great, but be prepared for thorns. 👍

Nice - what are you using to cache windows updates? LANcache?

Mainly selected podman for the security, it doesn’t rely on a daemon and supported rootless containers before docker did. Easy to just come up with a pattern where you can minimise the risk of container breakout by having a user for each container stack to provide even more isolation. You can do the same with docker these days I think, each user just runs their own copy of the docker daemon. The aim of the project was to achieve 1:1 compatibility, I think it’s pretty close these days. It’s also native to the Redhat family so could avoid using the community edition of Docker.

Lazy is good… I try not to think about the time I’ve invested in this stuff

Had never heard of Shinobi, looks interesting - are you using the bear+elephant tensorflow object detection?

It really comes down to what value you assign to having private email storage… unless you’re having GPG encrypted convos, its probably pretty moot anyway as one side is going to have a copy of the email trail and theres a 98% probability its google, microsoft or …yahoo I guess?

I might be talking myself out of this, this is now a therapy session

Yeah I shell out ~$3 per month for the privilege of indulging in the insanity of self hosting email.

I see you, fellow data sovereignty aficionado.

My first thought would be to try and set up iptables/nftables forwarding for this.

Personally I opted to just use my VPS as a MITM mail relay and just forward inbound mail for my domains to my own on-prem dovecot instance.

…your way is probably easier

Might be a bit more complex than what you want, but I love Prometheus + Alertmanager and a nice sexy Grafana dashboard