N0x0n

I though that the recommended swap partition was to double until 16 GB? So at 32GB of ram use 32GB of swap?

Production is my testing lab, but only in my homelab ! I guess I don't care to perfectly secure my services (really dumb and easy passwords, no 2fa, not hiding plain sight passwords....) because I'm not directly exposing them to the web and accessing them externally via Wireguard ! That's really bad practice though, but any time soon will probably clean up that mess, but right now I can't, I have to cook some eggs...

There are 2 things though I actually do have some more complex workflow:

• Rather complex incremental automated backup script for my docker container volumes, databases, config files, compose files.

• Self-hosted mini-CA to access all my services via a nice .lab domain and get rid of that pesky warning on my devices.

I always do some tests if my backups are working on a VM on my personal desktop computer, because no backup means that all those years of tinkering for nothing... This will bring up some nasty depression..

Edit: If have a rather small homelab, everything on an old laptop, still quite happy with the result and works as expected.

If you change your mind someday, just send me a PM !

Just create a wildcard domain certificate !

I access all my services in my lan through https://servicename.home.lab/ I just had to add the rootCA certificat (actually the intermediate certificate) into my trust store on every device. That's what they actually do, just in automated way !

Never had an issue to access my services with my self-signed certs, neither on Android, iOS, windows, linux ! Everything served from my server via my reverse proxy of choice (Treafik).

However I do remember that there was something of importance to make my Android device accept the certificate (something in certificate itself and the extension).

If you're interested I can send you the snipped of a book to fully host your own CA :). It's a great read and easy to follow !

Ohhh thanks for the clarification ! As you guessed I'm not into dev/programming so I wasn't aware of this kind of detail !

Thank you :)

Edit: Now semver makes sense !

I mean, where else should they show that warning? It's also posted in the forum. They also edited the documentation page.

Maybe you're more into mailing list or the like? I'm genuine curious on what/ how/ where you expected getting this kind of information.

Really cool stuff !! Something I need to try out for sure !

Just to bad they didn't add a multiuser setup example :( !

If you are doing any kind of multiuser mail node, you should have a separate SMTP system in front of this one that performs any necessary validation.

Maybe something worth a shot is a direct Wireguard server/client connection. While I don't know how it works with double NAT (wireguard client with double nat) making your home server act as a direct tunnel would solve all your issues.

• Access your services from everywhere without middleman.

IIR, tailscale uses wireguard under the hood and you're already hosting things on your home server, so maybe this could be worth a try :) !

Hahaha dark humor, nice !

Haha, some kind of dead DE pixel ? 😅

That's similar as the saying:

Give them fish, and they will have something to eat for days. Teach them how to fish and they will have something to eat for a lifetime.

Something along the line 😅

I mean... My Mac M1 doesn't allow right-click create a new file. 😮‍💨 ! Also, if I recall correctly, there is a similar thing that made me go crazy on Gnome DE.

Nowadays, people hate to get everything neatly separated in a nice and well ordered directory structure. They throw everything in the same directory and use the find/search function, for what it's worth.