midnight

joined 1 year ago
[–] midnight@infosec.pub 5 points 1 year ago (1 children)

Not saying I don't believe you, but do you have any examples where changing the external port causes an issue? I change the port on almost every single docker container from what the default is. To be clear, I'm referring to the left side of the colon in the port declaration:


ports:
      - 12080:80

I should also clarify I don't use LXC containers. My background had me more familiar with VMs so I went that route. I've never felt like I'm performing surgery when deploying containers, but I have seen other complaints around docker networking that I've apparently been lucky enough to avoid.

Like I said though, do what works best for you. I don't mind tinkering to get things tuned just right, which causes some friction with unRAID. I've invested enough time an energy for this where I just have to spin up a proxmox VM and pass the IP to a few Ansible playbooks I wrote to get to a healthy base state and then start deploying my docker containers. I recognize not everyone wants to do this though.

[–] midnight@infosec.pub 6 points 1 year ago (3 children)

I'm confused on why you need a unique IP per VM/container. You can change the "external" port in your docker compose and be fine.

I initially tried unRAID on bare metal but hated not being able to use versions of docker I wanted and using stuff that wasn't in the community repo.

I currently run unRAID as a proxmox vm (passing through my lsi card and USB for the OS) and it works flawlessly. I didn't even have to reinstall since I passed through the necessary components it used when it was bare metal.

Ultimately, use what works best for you but I do have to disagree that proxmox/docker is inferior.

[–] midnight@infosec.pub 3 points 1 year ago

+1 on tailscale. I used to push it through cloudflare but with tailscale has been much simpler and doesn't run afoul of cloudflare's TOS

[–] midnight@infosec.pub 1 points 1 year ago

IR dude with ~10 years experience across different infosec disciplines. Currently working toward making the jump to offsec/pen testing. Privacy advocate. Trying out Lemmy because of Reddit's 3rd party API shenanigans.