lal309

Very valid points. Since the RedHat announcement, I’ve migrated all my home servers to Debian so I thought “why not switch over my gaming rig as well”. As I thought about which district to use I came to the realization that I don’t want another situation where I’m using a distro based on another distro and that other distro decides to do something that affects the distro I’m using and blah blah. So then that leaves me with using the base (Debian, Arch, etc.) to avoid what I just mentioned.

I’ve been using Linux for quite some time so I can usually handle some break/fix. I haven’t tried Linux Mint yet but again, I rather just go straight to the base and go from there.

Still want to read your post tho. I’ve got Sid setup and ready to go and I do want to see how much breakage it introduces as I continue to use it. If it’s a bit too much, I’ll give stable a try.

If you are running everything in containers then there’s a very simple and straightforward solution for this. Run your reverse proxy (NPM, Caddy, whatever) on two network (internal and external or whatever you want to call them). In the external network is where you will map your host port to the reverse proxy container. For example, on NPM it’s 81 so you map host 81 to container 81. You should then be able to go to http://localhost:81. The internal network will be where your reverse proxy will talk to your other two web services you want to run so make sure you add your other services to this internal network.

On your DNS (personally I run PiHole) point your service name (as guard) to the IP of the host running your reverse proxy. Do an nslookup on the name to make sure you actually get the right IP for the name you want.

Login to your reverse proxy and configure a proxy host to point to the name of the container and the correct port. Since the reverse proxy is on the same “internal” network, they should be able to talk to each other via names rather than IPs.

Test your connection to the service on your browser.

Another solution (less technical but much faster) would be to runa dashboard service like Heimdall then just add a “link” to the service you want and the port it’s running on. Then you will have a single link to click on that will take you where you want without typing manually. You could even add the dashboard as your browser default page on startup.

There are other ways to skin this cat but these two solutions will get you where you want to go quickly.

This looks like a detailed write up. I need to sit down and digest this information (currently out and about). I’ll come back to you with questions I’m sure.

I was running Nobara and had a rock solid setup. My problem was more related to the upstream changes by RedHat. Haven’t tried SteamOS

The only Trixie relate software I have was Wine staging as I couldn’t find “Sid” specific instructions. The documentation said unstable so I just assumed the Trixie instructions were also applicable to Sid.

Excellent! This is my current setup as well.

This is encouraging. I do have somewhat older hardware but you are right. Even updating the kernel for update sake in other distros don’t seem to bring me visible value other than just updating to the lasers available.

Are you running into system access limitations? For example, mesa or proton needing to access system files, services or whatever.

I certainly understand the main purpose and honestly you have a good point about git.

Let’s say that I can utilize your code within my personal app, but my personal app leverages a database (postgres). How would I integrate my app, the database and your library? Unless I’m missing something, I would still need a .env for the database since I don’t have access to the source code of the database.

So I like the idea. The main “problem” I see is that it/you assume that I have access to the code and can modify at will. lol to leverage this. If I have a database container but I don’t want to hard code the secret in a .env, how do I leverage your code/app/library? Another thing is, most of the time these type of secret managers require a password... to retrieve … a password. What’s the benefit in that? What other authentication methods can you provide to authenticate and retrieve the secret I want (without running into the chicken or egg problem). Two example that comes to mind right now are certificate based authentication and IP restrictions.

I do understand that the scenarios I’m describing above may not be the goal of your code. I self host a lot of stuff (10-15 services) that all requires credential but only one app is custom written (so I have access to the source code and can make use of your code) BUT I still need to centrally manage credentials for it all.

I do like the idea of having a single file with the creds. Especially for a small environment, databases are just overkill for this use case (in most cases) and it makes it really easy to backup your creds since it’s just one file.

Perhaps writing up some documentation on ideas and examples for backing up the credentials (rsync, simple copy/paste, etc) would help new comers.

P.S. Bonus points if you can make your code rotate said credentials on a schedule so they are never static.

Not to a be a dick but this question (self hosted email) is answered weekly….

Wait you can still play Battlefield 2? How??? I need to know ASAP!