• 1 Post
  • 2 Comments
Joined 1 year ago
cake
Cake day: June 27th, 2023

help-circle
  • Yeah, Podman is definitely one of those things I would say to do the latter with. It’s functionality is the same as Docker though (commands work almost 1:1, and even docker-compose works with Podman), it has better integration with other system components (like automatically creating systemd services to start containers when a computer is restarted), and it gets you away from Docker as a company while still being able to access their containers on Docker Hub.
    In the end though, I’d recommend sticking to what you’re familiar with. It’s always better to administer commands to your server that you know will work rather than learning as you go and hoping something doesn’t break.


  • I may not be able to answer some of the more security-oriented questions, but one of the things I recommend is using a proxy to “hide” your home IP address. IP addresses can contain a lot of information including location data, so it’s a good idea to make things harder for attackers to figure out where you live. I’m pretty sure you can do this with a basic VPS setup, but I know for sure you can do this with Cloudflare (as I have it enabled on my server).

    As for getting reverse proxies set up from your Docker containers to the outside world using Apache, I can help. I use (rootless) Podman on my Raspberry Pi, meaning when I expose ports from my containers I have to choose port numbers greater than 8000. Once I have a port (let’s say 8080), and a subdomain (I’ll use subdomain.example.com), I just need to create a file in /etc/apache2/sites-available/ which I’ll call site.example.com.conf. The content usually looks something like this:

    
      ProxyPreserveHost On
      ProxyRequests Off
      ServerName subdomain.example.com
      ServerAlias subdomain.example.com
      ProxyPass / http://localhost:8080/
      ProxyPassReverse / http://localhost:8080/
    
    

    Then you just need to enter the commands sudo a2ensite subdomain.example.com and sudo systemctl reload apache2 and you should be able to access your container as a subdomain. You should just need to forward port 80 (and 443 if you want to set up Let’s Encrypt and HTTPS) on your router.

    Hope this helps!