this post was submitted on 27 Oct 2023
10 points (100.0% liked)
Self-hosting
2778 readers
3 users here now
Hosting your own services. Preferably at home and on low-power or shared hardware.
Also check out:
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I've watched several videos on the topic and nobody has so far managed to explain to me why I want to use Docker. Okay, to keep them isolated, but why do I want this? I'm just a noob and the depths of server administration are beyond me. At this point from what I understand it just seems to install another layer of something on top of something?
@schmorpel It's about defense in depth. If you are running an application inside of a docker container, it's much more difficult for it to interact with or compromise other applications running in other containers or on the host system. So if I'm running a bookwyrm instance and a mastodon instance in separate containers, and there's a security flaw in bookwyrm that someone exploits, that doesn't mean they automatically get access to the mastodon stuff too.
@schmorpel additionally, using containers allows for wrapping of dependencies. If I have one application that uses python 2.7 and another that uses python 3, installing both versions on the host system could cause conflicts. But containers have separated file systems, so they can each have their own dependencies without conflict. Mastodon runs a web service to serve http content, a database, various workers etc that can all run together on an separate network stack from other containers.
Docker makes it easy to set up and remove apps. Simply (a) create folder, (b) download/copy-paste the docker-compose template into the folder, (c) run 'docker-compose up -d' and watch the magic happen. And if you want to remove the image just do a 'docker-compose down' followed by 'docker system prune -a' and poof, it's gone (although this command will remove any docker container that's not running, so be careful! (Otherwise remove manually with 'docker ps' and then 'rm name-of-container'). I'm in a similar boat to you and my L2 now runs Plex (media), Immich (photos), Mealie (recipes), Kavita (books), OwnCloud (files), PaperlessNgx (important documents) and Joplin (notes). It also runs Nginx Proxy Manager so I can access some of these apps outside my network (you can grab free domains from duckdns.org), and the others I access via Tailscale for extra security (highly recommend looking it up). Enjoy your journey. It gets very addictive!