I only had issues with the latest tag when dealing with the community apps. Some of them would randomly break and I’d have to roll back. Once I manually configured the docker settings using normal file mounts things were plenty stable. I think the issues were with the k8s community charts not with the underlying software. And that was fixed by just configuring it manually like however the dockerhub docs suggest.

I would still have the occasional issue where a container would freeze and a force stop wouldn’t work, and spinning up a new one wouldn’t work because the ports were still used. But I traced that back to a bad ssd with write timeouts. I still think truenas’s k8s wrapper is buggy. Even if a container crashes hard, I shouldn’t have to reboot the system to fix it. I switched to unraid and have been blissfully happy since.

Not sure if you were aware of the recent (last year) drama with a major contributing group to the community apps. TrueCharts I think they were called? I had some truecharts containers and some straight truenas containers. Then TrueCharts ragequit and took down their repo. I ended up reinstalling all those apps manually because for the life of me I still couldn’t get the dumb truenas versions to work. Also, I wasn’t a fan of the pvc (or whatever it was called) storage containers that got used by default. Made eveverything more difficult. My advice is to use the truenas community apps as a learning tool to configure your own properly with the truenas software. I noticed the community apps would seriously take around a minute to restart, but the ones I made manually would takes seconds. Same docker image, never figured out why, maybe a k8s thing?

Might need more info about your setup. The reverse proxy probably has some logs you aren’t looking at. Most bots from what I’ve seen do ip:port scans hitting every ip and every port. Nginx reverse proxy manager or something similar isn’t going to forward ip:8123 to home assistant. A straight router port forward will, but the reverse proxy manager will look at the domain GET request for https://ha.hit_the_rails.net to your LAN ip:port. It’s a little security through obscurity as they have to know your sub+domain.

For a time I had port 22 open and forwarded directly to a server. Constant bot traffic. Changed the port, put an ssh honeypot on 22, and it almost completely went away. Sure the bots could be smart enough to scan and find another open ssh port, but they rarely did. I assume because anyone savvy enough to change the ssh port is savvy enough to not allow default logins like ubnt:ubnt and root:1234 which were by far the most common logins I got in the honeypot.

I’m not sure what all data they get if you self-host their controller. I’m pretty sure you don’t have to make a unifi cloud account at setup, you can make a local one. You can turn off the collection of diagnostic data at setup. Now that’s not to say they don’t send it anyway,

The root folder error for collections. I think I know this one. You need to go into every movie and update the filepath to the use the new root folder. Radarr isn’t smart enough to do that automatically for you. Though you’d think they’d have $rootfolder as a var, but no.