• 0 Posts
  • 211 Comments
Joined 6 months ago
cake
Cake day: May 19th, 2024

help-circle



  • It sounds like you’re getting into the keeping it running phase.

    First, going back to your previous comment, self-hosting email is difficult. It’s not hard for a small provider to end up blacklisted and you’re probably kind of just done at that point and it will feel very unfair. I get that it’s a fun set of technical challenges, but you couldn’t pay me enough to help someone self-host email.

    Second, guessing, but it sounds like you may be trying to expose your services directly and doing a lot to make that work which goes against what most would recommend for hosting your own services. Big companies don’t expose their intranet like that, follow their example. Almost every guide or system is going to warn against that. If you’re going to host more than one thing, highly recommend focusing on minimizing entry points and looking into a VPN-like solution for accessing most if not all of your services. Still spend time on securing your intranet, but most of your risk is going to come from how hard it is for people to get past the front door (or doors).




  • Fucking podman… Oh man. I have lost way too many hours dealing with podman.

    It’s frustrating, because they’ve put so much into it. It’s close enough that vendors think they can get away with saying their containers are compatible and they’ve probably really honestly tested for brief periods and it really usually is close enough that you don’t discover the differences until you’re already very well established, but then it’s just a little different and it takes you FOREVER to find out why but then the only option once you do find that out is to completely start over from scratch with docker. And, almost no vendor is going to treat them differently because if we talk to redhat, the first note we’ll get back is that everything we’re trying to do should be fully compatible and there should be no need to worry about that. And, then eventually after a few weeks, it’s docker’s fault that IT WORKS IN DOCKER AND NOT IN PODMAN. Docker needs to go fix it so it’s broken for them too, it’s not a bug for podman, the problem is with the one that’s working.

    I’m a bit traumatized, not always the same, but this isn’t a singular occurrence.