Tell me you don’t live in Germany without telling me you don’t live in Germany :D

This, just pgdump properly and test the restore against a different container. Bonus points for spinning as new app instance and checking if it gets along with the restored db.

Cheap panels are tanking European competitors, but it’s probably too late to intervene at this point. Can’t compete with work camps and cheap slave labor.

You don’t need 8 drives when they are 8 times larger than your current ones. I went from planning for 5+ drives to just downsizing to two drives in mirror. Then I can expand with another mirror.

Unless you need uptime and want to guarantee an SLA for your own services, you are much better off with a mirror or raidz1. Do regular backups (off-site, incremental) and don’t fear the disk failure.

Same, I have a bunch of “inbox” folders and drop files into my server or desktop from my phone with 3 clicks.

I’m using FF tab groups and Sideberry, other than the occasional link getting opened in the wrong group I haven’t had issues. I really need to test Chrome and it’s profiles to see what the fuss is all about :D

Symfonium is great, it supports a bunch of sources and works really well. Absolutely worth supporting the dev (check his ko-fi too)!

Look for 5W idle consumption boards + CPU combos which go down to package C6+ state. HardwareLuxx has a spreadsheet with various builds focusing on low power. Sell half your disks, go mirror or Raidz1. Invest the difference in off-site vps and or backup. Storage on any SBC is a big pain and you will hit the sata connector / IO limits very soon.

The small NUC form factors are also fine, but if your problem is power you can go very low with a good approach and the right parts. And you’ll make up for any new investments within the first year.

The problem is, the libraries and SDK used to build the app will have had vulnerabilities for sure. Same for the underlying image (unless scratch / distroless). We run extensive vulnerability scanning in our pipelines, and Go libs occasionally pop up. The Go SDK also had multiple security fixes in the last year.

How does this work, some loophole or a business customer? You can drop some info in a private message if you don’t f feel like posting in public. Re server part deals, I am not sure if this is always the case, but the current selection of disks is 90% helium (Exos etc) HDDs, a few IronWolfs which are too large (20TB) and basically that’s it. My DIY NAS is unfortunately in the apartment and I’m reluctant to try He disks due to the intensive sound profile.

I wish this was an option for Europe. Once you slap VAT and shipping, you end up paying more than for new disks. :(

I wasn’t intending on doing this, instead opting to install Pi-hole, Log2Ram, UFW, and the… other… softwares directly to the OS for simplicity. Why would one set up a Pi-hole et al in a containers instead of directly?

So there are many reasons, and this is something I nowadays almost always do. But keep in mind that some of us have used Docker for our applications at work for over half a decade now. Some of these points might be relevant to you, others might seem or be unimportant.

• The first and most important thing you gain is a declarative way to describe the environment (OS, dependencies, environment variables, configuration).
• Then there is the packaging format. Containers are a way to package an application with its dependencies, and distribute it easily through the docker hub (or other registries). Redeploying is a matter of running a script and specifying the image and the tag (never use latest) of the image. You will never ask yourself again “What did I need to do to install this again? Run some random install.sh script off a github URL?”.
• Networking with docker is a bit hit and miss, but the big thing about it is that you can have whatever software running on any port inside the container, and expose it on another port on the host. Eg two apps run on port :8080 natively, and one of them will fail to start due to the port being taken. You can keep them running on their preferred ports, but expose one on 18080 and another on 19080 instead.
• You keep your host simple and empty of installed software and packages. Less of a problem with apps that come packaged as native executables, but there are languages out there which will require you to install a runtime to be able to start the app. Think .NET, Java but there is also Python out there which requires you to install it on the host and have the versions be compatible (there are virtual environments for that but im going into too much detail already).

Basically I have a very simple host setup with only a few packages installed. Then I would remotely configure and start up my containers, expose ports etc. And I can cleanly define where my configuration is, back up only that particular folder for example and keep the rest of the setup easy to redeploy.

If you want to try setting it up in high availability with failover, give me a poke. And until then - go to Teleporter in the settings, and download the backup. You can restore from there.

One thing worth saying is this - you can grab a cheap refurbished ssd (the smaller - the better), check it’s SMART data for any red flags, and attach it to the pi as OS disk. It will be much more reliable than SD, but overkill if you only run pi on the box. Alternatively look into log2ram, it keeps your SD card alive for longer :D but backup first!

The best test I have is my wife complaining, that ads in Google results cannot be opened. It seems to work flawlessly for me 😂

On a more serious note, what tests are these? The thing is, the ad domain is either in the blocklist or not. Ads inside apps are hard to block (I even have adaway on my android, and some slip through as eg Instagram reuses the backend domains/endpoints for ad delivery).

I personally stepped away from compose. You mentioned that you want a more declarative setup. Give Ansible a try. It is primarily for config management, but you can easily deploy containerized apps and correlate configs, hosts etc.

I usually write roles for some more specialized setups like my HTTP reverse proxy, the arrs etc. Then I keep everything in my inventory and var files. I’m really happy and I really can tear things down and rebuild quickly. One thing to point out is that the compose module for Ansible is basically unusable. I use the docker container module instead. Works well so far and it keeps my containers running without restarting them unnecessarily.