I switched a year ago to podman and had some trouble to get everything running. But it is possible. I’m not running anything rootful and everything works.

Read the docs, use podman-compose (this sadly has no good docs, but works quit well when you got it) and get ready to play around with permissions and file ownership.

Podman does not start your containrs on boot. You need to do some magic yoursefel. Like a cronjob that starts all containers at boot.

As far as I know, you’ll have a last syched copy in your cache. Test it with no internet con! Try to export your data without internet.

I’m using vaultwarden for like 4 year now, but on my personal server at home. Btw a raspberry pi is enough to run vaultwarden.

You could take a look at reverse proxys and dyndns services (like duckdns -> free). I started like this. Now I have my own domain, but that is not mandatory!

I’m adding AntennaPod for Podcast.

I’m very happily running openhab!

Very nice write up. Thank you for sharing. One thing I like to add.

I’ve personally moved away from nginx proxy manager, because I read an article that it has some vulnerability that don’t get fixed in time. Also there are a ton of issues open on git hub. So I move to caddy, witch also is super easy to set up.

I use tandoor, try it. I like it very much.

So if I selfhost an instance the proxy setting still would hit my hosted ip?

Audiobookshelf is quite nice too. The ebook reader isn’t quite there yet, but it develops very fast. Also apps for Android and iOS

I’ve got myself a second router and created a second wifi and lan with it. All my smart home devices are in there and also the tv.

I found it. It’s in the Account settings, under pin settings.

I’ve just posted a little example. I’d recommend doing it this way. No more thinking about what port is allready exposed etc

Caddy would have the bridge proxy network and the port 443 exposed.

version: "3.7"

networks:
  proxy-network:
    external: true
# needs to be created manually bevor running (docker create network proxy-network)
services:
  caddy:
    image: caddy
    container_name: caddy
    restart: unless-stopped
    ports:
      - 80:80
      - 443:443
    volumes:
      - ./data:/data
      - ./config:/config
      - ./Caddyfile:/etc/caddy/Caddyfile:ro
    networks:
      - proxy-network

Other services:

version: "3.7"

networks:
  proxy-network:
    external: true

services:
  app:
    image: app
    container_name: app
    restart: unless-stopped
    volumes:
      - ./app-data:/data
    networks:
      - proxy-network

Caddy can now talk to the app with the apps container_name.

Caddyfile:

homepage.domain.de {
    reverse_proxy app:80
}

So the reverse proxy network is an extra network only for containers that need to be exposed.

If the containers are all in the same network. You dont need to expose a port.

Lets assume you create a docker network called reverse_proxy and add all your contaiers that you want to be accessed by the reverse proxy to that network (including caddy).

Then you can address all containers through the hostname in you caddy file and the port would be the default configurated port from the container.

So in the end you just expose the caddy container and nothing more.

Does it need to be selfhosted, or is an open source app okay? Okay I’ve not red all your post… there is no ios client for aegis… I use aegis: https://github.com/beemdevelopment/Aegis

Invidius user here. But will check this out.