vegetaaaaaaa

I wrote my own, using plain HTML/CSS. Actually the final .html file gets templated by ansible depending on what's installed on the server, but you can easily pick just the parts you need from the j2 template

1. You can verry well share bind mounts between containers
2. named volumes are actually directories too, you know? Under /var/lib/docker/volumes/ by default

Still, use bind mounts. Named or anonymous volumes are only good for temporary junk.

• step 1: use named volumes
• step 2: stop your containers or just wait for them to crash/stop unnoticed for some reason
• step 3: run docker system prune --all as one should do periodically to clean up the garbage docker leaves on your system. Lose all your data (this will delete even named volumes if they are not in use by a running container)
• step 4: never use named or anonymous volumes again, use bind mounts

The fact that you absolutely need to run docker system prune --all regularly to get rid of GBs of unused layers, test containers, etc, combined with the fact that it deletes explicitely named volumes makes them too unsafe for my taste. Just use bind mounts.

One has a total powered-on time of 51534 hours, and the other 49499 hours.
As for their actual age (manufacturing date), the only way to know is to look at the sticker on the drive, or find the invoice, can't tell you right now.

$ for i in /dev/disk/by-id/ata-WD*; do sudo smartctl --all $i | grep Power_On_Hours; done
  9 Power_On_Hours          0x0032   030   030   000    Old_age   Always       -       51534
  9 Power_On_Hours          0x0032   033   033   000    Old_age   Always       -       49499

Follow the official documentation, nothing else comes close.

I have automated this process in my nextcloud ansible role

• simple: rsyslog: all local logs to a central syslog file (using the imfile module), all syslogsfrom all server to a central rsyslog server (over TCP/SSL, example here). Use lnav or something similar to consume the logs
• more complex, resource-heavy: Graylog Open as a replacement for the central rsyslog server, setup pipelines/alerts/whatever... Currently considering replacing my Graylog instance with Wazuh but I don't know yet if it will be able to replace it completely for me

security

with containers, software maintainers also need to keep their image up-to-date with latest security fixes (most of them don't) - whereas these are usually handled by unattended-upgrades or similar in a VM. Then put out a new release and expect users to upgrade ASAP. Or rebuild and encourage redeploying the latest image every day or so, which is bad for other reasons (no warning for breaking changes, the software must be tested thoroughly after every commit to master).

In short this adds the burden of proper OS/image maintenance for developers, something usually handled by distro maintainers.

trivy is helpful in assessing the maintenance/vulnerability level of OCI images.

https://lemmy.world/comment/13349298

homebank (desktop app) + weekly import of new transactions using woob/bank and a basic shell script. Homebank database synced via Nextcloud.

Please not these posts again

This thread is pinned for a reason: https://lemmy.world/post/60585

You are right. Quadlets require 4.4, Debian 12 has 4.3