This may be a long shot, but it’s what I do, so it might be an option: Set up a crypto gateway like CipherMail which will automatically decrypt inbound email and sign/encrypt outbound. The result is that your Thunderbird will never get to see an encrypted email, decryption is handled transparently before it hit’s your inbox. Obviously, if you don’t trust your email provider, this is not an option.

This isn’t simple and hence not for everyone, also comes with dependencies on your email provider, but it works flawless for me ever since I set it up. I run my own email server, hence adding in CipherMail wasn’t a big deal.

You would expose the port to your host which makes the db acessible by anything running on the host, docker or native. Something like

`port

• 5432:5432 `

But I would recommend running a dedicated db for each service. At least that’s what I do.

• Simpler setup and therefore less error-prone
• More secure because the db’s don’t need to be exposed
• Easier to manage because I can independently upgrade, backup, move

Isn’t the point about containers that you keep things which depend on each other together, eliminating dependencies? A single db would be a unecessary dependency in my view. What if one service requires a new version of MySQL, and another one does not yet support the new version?

I also run all my databases via a bind mount

`volume

• ./data:/etc/postgres/data…`

and each service in it’s own directory. E.g. /opt/docker/nextcloud

That way I have everything which makes up a service contained in one folder. Easy to backup/restore, easy to move, and not the least, clean.

For me it’s Borg backup for Nextcloud an all the other servers

Turns out there are no more http websites out there, at least I couldn’t find any. Good for our security, bad for my demo :-)

I herewith grant you the official title of a real hacker :-)

That’s the tool I was looking for, thanks a lot!

Wireshark is my backup plan for a text based demo. Unless I am missing something pictures in Wireshark will just be binary stuff across multiple packets which won’t work for a demo. The tool I am looking for managed to identify which packets contains image data and showed them in a grid

I did indeed, and I have to say I am impressed from what I see so far! A really nice and complete tool you created. Thanks a lot for putting in the hours 👍

For a while it’s just data in, which it handles really well. But it really started to shine for me when I needed to find some of the documents. OCR and their search works very well for me.

There are also some interesting thoughts in here: https://skerritt.blog/how-i-store-physical-documents/

What’s the error?

Can you run docker-compose logs

Here’s mine: https://cloud.zell-mbc.com/s/Ac5KQTTxcWNYbNs

I tried to add file it to this post but formatting got completely messed up, hence a link.

Before you run docker-compose you need to change the paperless-app volumes to fit your requirements and set up the variables in .env

Device is a HP Pro 9010 Printer/Scanner with a local SMB folder set up as scan target. Paperless monitors the share and picks up everything someone (I) put in there. Scanner, PC, phone, anything which can connect to the SMB share. Dead easy and works reliably.

Let me throw in Paperless NGX, https://github.com/paperless-ngx/paperless-ngx

:-)

But seriously, I was wondering about the requirement to shutdown the VM’s and couldn’t come up with a solid reason? I mean, even if QEMU/KVM/Kernel get replaced during a version upgrade or a more common update, all of these kick in only after the reboot? And how’s me shutting down VMs manually different from the OS shutting down during a reboot?

I know I am speculating and may not have the fill picture, probably a question for the Proxmox team, there may be some corner case where this is indeed important.

By the way, Mexican or US black strat? :-)

I have been looking into Mastodon a while back but found it way too complex for my single user use case. I ended up with Akkoma running on Docker which seems to be a much better fit for this requirement. I also set up Lemmy on Docker a week ago or so which seems to run fine as well. I noticed the comment here that the Lemmy documentation for Docker is incomplete, which I noticed as well. But I figured it out, so if you hit a road block I may be able to help.

Like you I have OPNsense in a VM on one of my PVEs. But I only made sure the nigthly VM back up ran and didnt even bother shutting down the VMs during the upgrade. The VMs got restarted during the final reboot, as the would with every other reboot, and I was back in business.

Well, depends on what your client OS is I guess. There’s a cli tool called proxmox-backup-client which allows you to back up OS level, I use this to back up the host OS of my PVE server. I am not sure if this tool is available for Windows/Mac though.

I have 2 PVE servers and on one I have installed PBS in parallel, which works fine. Just a different port to get to the UI: PVE: https://pve2:8006 PBS: https://pve2:8007

You didn’t say what you are using for your scheduled backups. If it’s something like Borg backup you got a similar level of functionality, CLI instead of a nice UI though.

I have been using Borg for years and recently also installed PBS. What I do like about it is that the UI is similar to PVE and that it nicely integrates the backup prcess into the UI which makes handling easier and in the end less error prone when it comes to restores I guess. From where I stand right now I will likely keep PBS for things which run on PVE, Borg for the rest of the world.

KeePassXC and Nextloud to sync things between devices…

KeePassXC for me…

I used this guide when setting up my self hosted email: https://workaround.org/ispmail/buster/big-picture/

I also added in Ciphermail for email encryption and it’s been almost hands off ever since.

Granted, there were quite a few things to digest until things were working as I wanted.

I set mine up with the 0.17.4 and got it working, but like you wrote the the instructions have changed, all the detail is gone so I can only guess. Are there any volume statements in the new (v. 0.18) docker-compose.yml for the proxy container which would point to a local file? Mine has got this:

    volumes:
      - ./nginx.conf:/etc/nginx/nginx.conf:ro

and I had to set up the local nginx.conf file.

edit: I just had a similar conversation in the Lemmy Matrix channel, it looks like the official documentation for some reason doesn’t specify the content of the nginx_internal.conf file any longer. After adding the v. 0.17 nginx content to this file that instance was working.