• Hexarei
    link
    fedilink
    English
    arrow-up
    2
    ·
    4 months ago

    Ah, I’ve generally run my VPN primary exit node in a public cloud infrastructure host like Digital Ocean or AWS in order to provide a separate public IP from the rest of my stuff, and not give out my home IP to public Wi-Fi and such.

    I like docker, as long as you use a good orchestration tool it’s a good way to declaratively define what should be running on your server, using a compose file or similar. There are a lot of benefits to the overhead of learning it, including running multiple instances of the same service on one machine without conflicts, and the ability to force your hosted apps to store all of their data in nice neat packages you can easily back up with something like Duplicity or Volumerize.

    I actually run my containers on a small kubernetes cluster using VMs running k3s atop Proxmox, with persistence handled by a hyperconverged ceph cluster. All probably very overkill but it’s fun to play with and performs incredibly. Most folks can get away with a single server running containers with simple docker compose.