ithilelda

joined 1 year ago
[–] [email protected] 7 points 11 months ago

been selfhosting the smtp relay and using the app for quite a while. If you use it as a private chat for sensitive content, it is PERFECT. Really looking forward to its future development in group chats.

[–] [email protected] 1 points 1 year ago (1 children)

well, it actually has a UI for managing ZFS volumes in proxmox lol. proxmox is very versatile I'll admit. I use it also, but because I absolutely need the vm capability to run opnsense and debian on the same machine. If OP only needs a NAS with docker, he may not need that power. well who am I to decide. this is selfhosted so people can just try anything.

[–] [email protected] 3 points 1 year ago (3 children)

well, there are many things to consider. TrueNAS's ZFS is memory hungry, and is best used on it's original BSD. Also, you may need SMART directly in your NAS, then you'll need to PCI passthrough the disk controller if you are on proxmox. With that said, either directly running TrueNAS Scale or TrueNAS Core on proxmox isn't ideal. Also, running database storage over NFS has great disadvantages, so I would really advice against going proxmox+truenas route.

IMO, a mature NAS system is only useful as it is designed to be: bare metal system for your disk management. If you really wanna ZFS, then use TrueNAS Scale. If you are a guru and can or are willing to setup things yourself and doesn't care about RAID5/6, just use regular linux + docker/podman + btrfs.

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago) (2 children)

if I'm understanding your question correct, you are trying to use tls on containers that may not have tls libraries?

there are two ways to that. one is to rebuild every container by yourself modifying its services to contain tls. the other is to use a pod. you put your service container and a reverse proxy into the same pod, setup that reverse proxy correctly as an edge proxy terminating tls, and expose only the reverse proxy's port. that way, it will just look like a service with tls enabled.

since you are considering tls for everyone, I assume that you don't care about overheads. adding a reverse proxy in front of every container is like 10-50MB of additional memory, and it won't matter on modern systems.

[–] [email protected] 7 points 1 year ago

definitely docker. it just has so much more documentation and community involvement.

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago)

well I've been using both for quite a while. If you just want something that works, stick with docker. There is nothing wrong with docker in the homelab scenario and podman has rough edges that cringes you. If you are a control freak like me who wants to control every aspect of container running, then podman is a great tool that forces you into the habbit of learning and tinkering. It helped me understand a hell lot of things.