Do you host all services just from your root account with docker or do you seperate the services between user accounts with rootless docker?
Do you use podman or docker?
It’s easier to just host everything from root with normal docker, but seperating services into special user account is probably way saver, at least as far as i know. Do you think ist worth going the extra step or do you just trust docker and your containers to not get exploited?
Last but not least do you use an automatic update service for your host system and your containers?
Currently, I’m just using my root account with Docker and update everything manually. I have dockcheck-web installed to check whether any updates are available (https://github.com/Palleri/DCW). From the outside everything is only accessible using Wireguard and connections have to go through a Caddy proxy in order to reach a container. Curious what other peoples setup is.