sugar_in_your_tea

Current setup:

• one giant docker compose file
• Caddy TLS trunking
• only exposed port is Caddy

I've been trying out podman, and I got a new service running (seafile), and I did it via podman generate kube so I can run it w/ podman kube play. My understanding is that the "podman way" is to use quadlets, which means container, network, etc files managed by systemd, so I tried out podlet podman kube play to generate a systemd-compatible file, but it just spat out a .kube file.

Since I'm just starting out, it wouldn't be a ton of work to convert to separate unit files, or I can continue with the .kube file way. I'm just not sure which to do.

At the end of this process, here's what I'd like in the end:

• Caddy is the only exposed port - could block w/ firewall, but it would be nice if they worked over a hidden network
• each service works as its own unit, so I can reuse ports and whatnot - I may move services across devices eventually, and I'd rather not have to remember custom ports and instead use host names
• automatically update images - shouldn't change the tag, just grab the latest from that tag

Is there a good reason to prefer .kube over .container et al or vice versa? Which is the "preferred" way to do this? Both are documented on the same "quadlet" doc page, which just describes the acceptable formats. I don't think I want kubernetes anytime soon, so the only reason I went that way is because it looked similar to compose.yml and I saw a guide for it, but I'm willing to put in some work to port from that if needed (and the docs for the kube yaml file kinda sucks). I just want a way to ship around a few files so moving a service to a new device is easy. I'll only really have like 3-4 devices (NAS, VPS, and maybe an RPi or two), and I currently only have one (NAS).

Also, is there a customary place to stick stuff like config files? I'm currently using my user's home directory, but that's not great long-term. I'll rarely need to touch these, so I guess I could stick them on my NAS mount (currently /srv/nas/) next to the data (/srv/nas//). But if there's a standard place to stick this, I'd prefer to do that.

Anyway, just looking for an opinionated workflow to follow here. I could keep going with the kube yaml file route, or I could switch to the .container route, I don't mind either way since I'm still early in the process. I'm currently thinking of porting to the .container method to try it out, but I don't know if that's the "right" way or if ".kube` with a yaml config is the "right" way.

Apparently US bandwidth was reduced to 1TB for their base plan, though they have 20TB for the same plan in Europe. I don't use much bandwidth right now, but I could need more in the future depending on how I do backups and whatnot.

So I'm shopping around in case I need to make a switch. Here's what I use it for:

• VPN to get around CGNAT - so all traffic for my internal services goes through it
• HAProxy - forwards traffic to my various services
• small test servers - very low requirements, basically just STUN servers
• low traffic blog

Hard requirements:

• custom ISO, or at least openSUSE support
• inexpensive - shooting for ~$5/month, I don't need much
• decent bandwidth (bare minimum 50mbps, ideally 1gbps+), with high-ish caps - I won't use much data most of the time (handful of GB), but occasionally might use 2-5TB

Nice to have:

• unmetered/generous bandwidth - would like to run a Tor relay
• inexpensive storage - need to put my offsite backups somewhere
• API - I'm a nerd and like automating things :)
• location near me - I'm in the US, so anywhere in NA works

Not needed:

• fast processors
• lots of RAM
• loose policies around torrenting and processing (no crypto or piracy here)
• support features, recipes, etc - I can figure stuff out on my own

I'll probably stick with Hetzner for now because:

• pricing is still fair (transfer is in line with competitors)
• can probably move my server to Germany w/o major issues for more bandwidth
• they hit all of the other requirements, nice to haves, and many unneeded features

Anyway, thoughts? The bandwidth change pisses me off, so let me know if there's a better alternative.

Here's what I currently have:

• Ryzen 1700 w/ 16GB RAM
• GTX 750 ti
• 1x SATA SSD - 120GB, currently use <50GB
• 2x 8TB SATA HDD
• runs openSUSE Leap, considering switch to microOS

And main services I run (total disk usage for OS+services - data is :

• NextCloud - possibly switch to ownCloud infinite scale
• Jellyfin - transcoding is nice to have, but not required
• samba
• various small services (Unifi Controller, vaultwarden, etc)

And services I plan to run:

• CI/CD for Rust projects - infrequent builds
• HomeAssistant
• maybe speech to text? I'm looking to build an Alexa replacement
• Minecraft server - small scale, only like 2-3 players, very few mods

HW wishlist:

• 16GB RAM - 8GB may be a little low longer term
• 4x SATA - may add 2 more HDDs
• m.2 - replace my SATA SSD; ideally 2x for RAID, but I can do backups; performance isn't the concern here (1x sata + PCIe would work)
• dual NIC - not required, but would simplify router config for private network; could use USB to Eth dongle, this is just for security cameras and whatnot
• very small - mini-ITX at the largest; I want to shove this under my bed
• very quiet
• very low power - my Ryzen 1700 is overkill, this is mostly for the "quiet" req, but also paying less is nice

I've heard good things about N100 devices, but I haven't seen anything w/ 4x SATA or an accessible PCIe for a SATA adapter.

The closest I've seen is a ZimaBlade, but I'm worried about:

• performance, especially as a CI server
• power supply - why couldn't they just do regular USB-C?
• access to extra USB ports - its hidden in the case

I don't need x86 for anything, ARM would be fine, but I'm having trouble finding anything with >8GB RAM and SATA/PCIe options are a bit... limited.

Anyway, thoughts?