That’s insane. I would consider a ipv4 -> ipv6 cloud hosted haproxy style setup if this was my only option.

i would just ask for an Ipv4 address. I asked Vodafone for one and they just gave it to me for free.

Yes. The left side of the : in the volume is the file on the host. You can see this directory on the host. The right side of the : is where that directory is replicated into the docker container.

All you need to do is to interact with the directory on the host.

You should use volumes over bind. You just move your media into the volume location on the local host and try will show up in docker. You should never need to ssh or sftp into the container.

There is a lot here but I think the most important thing is that docker containers should always be disposable. Don’t put any data into the container ever.

All of your data and configuration should be done in volumes. Local disk to inside the container is all you really need.

By doing this you make updating any given docker container easy as just pulling the newest tagged version of the container. If you are using docker and not podman you can use tools like watchtower to do this automatically.

As for what distro, it depends on your goals. Do you want to learn and improve your skills? Stick with Fedora or Rocky or Debian or openSUSE. I recommend learning the command line as you go, but if you want a nice UI openSUSE has Yast which is a very robust tool.

If you want to just have a home NAS but don’t want to learn that’s a different question. In this case if you’re getting a proprietary NAS anyway you could just get one that supports docker (like synology) and kill 2 birds with 1 stone.

https://codeberg.org/forgejo/discussions/issues/67

The biggest issue is they require your to give them your rights as they pertain to copyrights.

That means even if you submit MIT or GPL licensed code they can just instantly say “we relicense this code as proprietary” and there is nothing anyone can do.

They rejected a bunch of valid PRs. Including the one linked here because the author refused to assigned their copyrights to the Gitea corporation.

Right now Forgejo is a drop in replacement. This article is them announcing that Forgejo will eventually not be one.

Because gitea is fully the victim of corporate capture. Any PRs that make gitea better in a way that would reduce the main corporate “sponsor” profit are rejected.

The company has a conflict of interest with the community and it shows. Forgejo is sponsored by a non profit open source cooperative.

+1 For Seafile. They put out a docker image that works well. It hasthe fastest sync I’ve ever seen and it has good clients.

No problem. It should be wayyy faster than sshfs for the record. Both NFS and WireGuard are best in class tools.

NFS over WireGuard is probably going to be the best when it comes to encrypted file shares without the need to set up Kerberos. Just set up the WireGuard tunnel and export over those ips.

I understand. But do you see what you wrote could be seen as toxic? Intent is nice, but what and how you write really determines the tone of a community.

No need to be toxic here. You don’t need put people down. We’re all learning here together. Hey. We all are all learning more about how reverse proxies and forwarded headers work together right now, including you.

We should aim to be an open welcoming community.

You want to set the appropriate X-Forwarded-For or Forwarded headers in Nginx. The final application server being proxied (if well written) should be able to handle that.

Documentation can be found here. https://www.nginx.com/resources/wiki/start/topics/examples/forwarded/

Contrary to that other comment reverse proxies with actual IPs forwarded through them via the appropriate headers are normal and used commonly. Almost 100% so at scale.

Don’t let the wannabe elitists get you down. I personally would not host my production email server at home but self hosting is a learning journey. If you learn how email serves work along with reverse proxies you got it! That’s a win. Hack away.

I use route53 APIs and just directly update the AAAA and A records. Set a low TTL and you don’t really have to worry about any middle men services.

All you need is a simple script.

Strong recommend for Forgejo. It’s a community fork of gitea that’s actively maintained by the community and a great open source nonprofit.

It’s actually a drop in replacement for gitea if you are using that now.

Super lightweight. Super snappy, and it supports GitHub Actions style CI/CD.

I am not an expert but I suspect this isn’t realistically doable.

1. Google sells you a serialized pixel 5a with a google controlled root of trust.
2. You log into the phone with your account.
3. Google adds a database entry to your account with the serial/root of trust info.

I don’t really see a way to beat this except maybe buying a “still in box” unopened pixel 5a that has never been registered to anyone before and setting it up.

This assumes the program is still open. Google may have time boxed it such that you must have registered before the announcement or whatever.

All this being said be careful. Don’t get you account banned. You can’t appeal if google thinks you are doing something shady they don’t like.

Lastly I have to say this. I may be worth escaping the google ecosystem. Why let a company control so much of your life? Not related to this community, but an important point.

I encourage homelabers to set up email servers and to play with them. Doing all of that will help a lot and you will learn a lot for sure.

It’s mostly the bureaucratic stuff that’s the killer here I think. Without putting in an effort to do the constant spam list appeals you can never be confident that your email makes it into people’s inboxes. Sure you could test with Gmail, but you can’t test for all of the smaller email hosting providers that mostly use a combination of spam assassin and spam lists.

Without confidence I don’t think it would be wise to use email in “production”. If you only use email to receive notifications it might make sense to self host. But if you need to reliably, timely, and confidently send out messages the downsides of self hosting are rough.

I hate to say this but even for dedicated self hosters it’s almost never worth it to self host email, either at home or hosted on some rented server or via some IP tunnels.

The reason being is that even after you set up DKIM and SPF and DMARC perfectly you will still need to fight to keep your IPs off of spam lists.

It’s somewhat doable but at the cost of:

1. Your email being unreliable and not making it to the destination inbox, AND you not knowing if it went to spam or the inbox.
2. You will need to dedicate a few hours a week to appeal and scan spam lists for your IP.

If anyone in the /16 that your IP lives in sends spam you get re added to the list.

Self hosting email is almost never worth it. I self host everything except for email and maps. Those two just are not worth it.

It’s rough in some spots but doable. If you are looking for search replacement I found that paying for Kagi was the only way to go. Unlike DuckDuckGo and Bing it does not suck. I’m convinced the reason is because they don’t try to sell you ads.