Shameless self-plug here. I wrote a blog post to document my methodology after having some issues with publicly available examples of using Podman and traefik in a best-practices config. Hopefully this finds the one other person that was in my shoes and helps them out. Super happy for feedback if others care to share.
Your blog is awesome. I have always wanted someone to break down RF homelabbing for me and I think as your blog progresses I will find such content.
I’m also looking for blogs/material on OS hardening (Linux/*nix), do you plan to write on that (and any recommendations)?
What nice feedback to read. I think you and I are aligned in what this will hopefully become. I really just wanted to start publicly sharing my hobby notes instead of holing them up in a local Joplin file or something, so that’s what I’m going to do. We may have similar hobbies though, which sounds like it’ll benefit you. Haha.
You got an RSS feed for me?
Okay, rudimentary RSS feed added! It’s available in the navbar, and autodiscovery with your RSS aggregator should work from any page. Let me know if you have issues.
No, and that’s a deficiency. Thank you for asking. I totally had this on the roadmap but let it slip. I’ll work on finalizing that right now. Much appreciated!
Very helpful. I was just looking at this the other day.
Ah yes, those examples were helpful and definitely helped inspire this. Glad you found some value in the ramblings. Post 2 will be up soon.
Excuse the ignorance, what am I actually reading about here?
I read the first few paragraphs and an out of my league.
What are ‘we’ trying to achieve?
The other poster here is correct, this is just an account of my journey through self hosting traefik, and ultimately headscale, without the hurdles along the way. I tried to include a few links to unclear terms along the way in the narrative, maybe those would help you figure things out. Unfortunately I can’t write for an audience of everyone, but hopefully you can still gain some value or learn some new things! Thank you for the feedback.
Just a guide on how OP selfhosts headscale using postman with a few nice features enabled
What’s the advantage of socket activation? Is it more secure than exposing a docker port?
For anyone who reads this post and sees the mention of headscale – that was the overarching goal here but the blog post started getting long so I decided to chunk it up. As soon as I polish up the headscale writeup I’ve got drafted and get that posted, I’ll drop a link here just in case anyone is interested.
Thanks, I’d be interested in the next part of your Headscale write up!
Excited to compare this with my setup (also Quadlet and Traefik-based)!
Excellent! Leave a note somewhere on how it measures up, I can always use more ideas!
