It's fine. Super flexible platform for any development environment. I'd take it over Notepad++.
avidamoeba
joined 1 year ago
Agreed. This is why I looked at Headscale before relying extensively on Tailscale.
Yes, Headscale would run anywhere. For the highest versatility you would run it in the cloud but it's not necessary. If all you'd want to connect to is your server and it's mostly up. If you had other machines that you might want to talk to even if your server is down, then having it in the cloud makes that possible. Personally I tried it on the smallest DO droplet.
It is but by default it operates as a "split-tunnel." That is, only traffic directed to a machine on your Tailscale network is routed over the underlying WG tunnel. In practice it creates "an overlay network." It will require installing a client on every end point. If you want a setup-free solution, then you have to do some sort of authentication that you trust to be secure. E.g. rely on each app's authentication, front all apps with an http proxy that has authentication. Personally I wouldn't trust that. I'd probably use ssh which also requires some setup on the client. And that brings me back to Tailscale. 😂
You could theoretically have a firewall rule that only allows the IP address from which you're currently originating. You'll have to figure out a way to reconfigure the firewall as you move from one place to another. I've done this using ipsets and dynamic DNS. It works fine for static locations. It wouldn't work as well for a moving target as DNS records can be slow to update. I'm not using that method anymore because Tailscale is simpler and allows for more uses cases and I have no problems installing it on my machines and devices.
Finally you could probably setup Tailscale on a small router outside the device you're using then connect the device through that router. It might be possible to access your tailnet this way without setting up a Tailscale client on the device. I haven't done this but it's probably possible.
For the disks, I'd use ZFS because it's easier to use and it's got data integrity checking. Choose how many disks you want to be able to lose and use raidzX where X is that number. E.g. raidz2 will allow you to have the same space as your raid10 but any 2 drives can fail and you'd still have your data. Dropping it down to raidz1 will give you the space of 3 drives at the expense of having only 1 redundant drive.
If you decide to stay ZFS-free, LVM has a built-in function to create raid. Look up the LVMRAID man page. It allows you to setup an LVM-managed mdraid and use volumes on it in one go.
For outside access, Tailscale is probably the easiest option. It has a fully open source upgrade path. Tailscale's clients are open source. The server infrastructure isn't, but there's an open source project called Headscale which can replace Tailscale's server. I've tested it briefly and while not as convenient to setup, it seems to work about as well.
Did you say you're running docker in LXC? So container in a container? If yes, that's generally an anti pattern.
Biz leaders optimistic it can reduce living, breathing cost centers... er, valued workers
And aggregate demand needed to buy the shit they produce. But that's not this corpo's problem. Not until most corpos are doing it.
Definitely don't put everything in a single docker-compose file. For one compose files change from the developer to add/adjust things. You want to make updating to the latest one as easy as copying it over the existing one with minor changes if any, ideally none. For another, you shouldn't rely on running any of it manually. If you want to chuck it in a corner, write some systemd unit files to start and restart the docker compose services for you. Finally, it's not too difficult to find what compose files you have once you've forgotten them. Use docker compose ls, plain docker and if all else fails find, grep, ps. Also you can always write what you did and how to find it in a README.md file. Print it and stick it to the box if you have to. The point is to leave breadcrumbs and be able to follow them, not remember shit you can't possibly remember for a long time.
Read more about docker and compose. They're extremely powerful and some of the most important tools out there. They're also very easy to use but you can't just figure them out beyond the absolute basics, you have to RTFM for how to do things. If something looks difficult, read to see what's the best way to do it. Chances are it isn't. At some point you'd be wondering how you've lived without docker. 😂
They are the only thing running in that container/compose environment. That's one of the main points of containerization! If you need to connect it to something else, like a reverse proxy, have it run in its own compose network and connect the two networks together.
In Canada, probably a Pixel 8. You can find new ones for cheaper on Marketplace. The upcoming 8a might be a good deal too.
I tell my young developers - the primary goal in software engineering is maintainability. Code reuse, encapsulation, abstraction, and myriad other concepts all contribute to ease of maintaining source code over the long term. Maintainability allows for easier, predictable feature addition and removal, with fewer changes, and by different people. You're also a different person than the one you were months or years ago when it comes to software.
I don't like having to unplug my computer to exit the IDE. Takes a while and I often lose my changes.