It just sounds overly complicated.

I make a unique user for each VM - root account is secured with SSH login disabled and a unique password, which is stored in my password manager.

Also, don’t use Virtualbox. It’s Oracle garbage. Use virt-manager instead.

What else could that possibly mean?

I do both - older vehicles always needing attention, and self-hosting shit

Linus is fairly vocal over what is and is not allowed into the Linux Kernel. Pretty sure he has the final say on every commit.

My problem isn’t directly with the programs - my problem lies with VC funding in general. Because they will come back for their money, and the project will inevitably enshittify and shove out enthusiasts in the never-ending search for infinite money.

The solution is getting rid of VC bullshit entirely. But we all know that will never happen.

Tailscale uses WG though, so it’s fundamentally the same thing. Like you said - just do Headscale on a VPS.

The problem, though, is that VC-funded projects bite off way more than they can chew from the start and have to enshittify to keep shareholders happy at that level.

Growth for the sake of growth is a fundamentally broken concept. Tailscale provides a free service that many use. They already offer a paid support tier for companies, like other certain FOSS projects do, so why not call it good there? Grow based on actual customer needs, instead of shareholder bullshit “needs” (line must go up 🙄).

Tailscale never sat right with me. The convenience was nice, but - like other VC-funded projects - it followed that ever-familiar pattern of an “easy” service popping up out of nowhere and gaining massive popularity seemingly overnight. 🚩🚩🚩

I can’t say I’m surprised by any of this.

Why are we running Docker inside LXC? That’s not a wise decision, and is specifically stated as a big “no-no” by both Docker and Proxmox devs.

VMs don’t use as much resources as you realize. I’ve got multiple VMs full of Docker stacks (along with other VMs running various game servers, and several LXCs for various “not set up for Docker” services) spread across three i7-7700T servers; none of them are even close to being taxed.

Proxmox w/VMs for Docker, per your original plan (don’t use Portainer, use “Dockge” instead). You can also use small LXCs for services that aren’t set up for Docker, and Proxmox offers turnkey LXC images to make it that much easier.

I discovered it a couple weeks ago. Love it.

Use btop, it’s even better

Hell yeah. I don’t normally simp for companies, but I will happily support locally owned alternatives to big, faceless corporations, even if it costs a bit more. Usually.

I pay $89/mo total for symmetrical gigabit via UTOPIA, no monthly cap, and my static IP. I was paying Comcast a hair over $60/mo before this for 400/20 via cable w/1.2TB cap.

Absolutely worth it.

My ISP is a local deal, well-known for protecting privacy, and run by an absolute nerd (in the best way possible, also outspoken about privacy, FOSS, and other such things). Their customer service is second-to-none; I had an issue with my static IP a couple years back, and had an actual engineer on the line within a few hours. On a weekend.

It’s XMission. I dropped Comcast for them once they were in my area. Comcast can climb up a cactus.

spoon fed software

That’s a new one. I like it.

Right, but asking for 2-4 drive bays…

🤔

A PCI-E expansion board full of M.2 NVME drives might do the trick.

I’d argue for something a bit bigger, physically. The Optiplex SFF systems don’t have a whole lot of interior space for hard drives, in fact the 7050 SFF can only handle a single 3.5", a single 2.5", and a single NVME.

I have an older HP Elitedesk 8300 SFF that can handle 3x 3.5" drives, 2x 2.5" drives, and boot from an M.2 NVMe on a PCIE adapter card (I modded the BIOS). But that’s limited to 3rd gen Intel 🫤

I use Planka pretty regularly to track some of my projects. They just pushed out a release candidate for v2 a few weeks ago, which brought some nice features.