Some frames have small holes for drainage and air exchange so they can dry inside. I've also heard about some procedure where the inside gets waxed but I don't remember if that was for bicycles or motorcycles

Sounds very cool! If I understand correctly, you are running docker directly on the bare metal Stormux, so no VM in-between. You mentioned using some external provider for backup storage, how exactly do you do the backups themself? Do you have a script/tool that saves the config and app data for each of your services?

Cool guide, I'll keep it in mind when setting up my own Lemmy, even though I won't go through cloudflare. Some things I noticed:

• Since I didn't see you mentioning it, ufw (idk about gufw) doesn't actually block the ports opened by docker. Make sure to only forward your docker ports to localhost and only make the actual webservice available (e.g. 127.0.0.1:8888:8080 for piefed adminer), otherwise the ports will be accessible from your LAN
• In your update process, you can docker compose pull before docker compose down, makes a little difference especially on a slow connection/big images. I think you don't even need the down command since docker does that automatically if something changes (e.g. new build)

You need different Subdomains as you suggested in your first paragraph. And add a reverse proxy like nginx or caddy to the machine which then proxies the different subdomains to the respective services (e.g. lemmy.your.site to localhost:2222, mbin.your.site to localhost:3333).

Theoretically, you could put a landing page behind some SSO/iam like authentik, and then link to the subdomains from the landing page, but eventually users will need be on the subdomain to use a specific site.

Yeah, I feel like exposing ports 80 and 443 towards an up to date nginx/whatever is referred to as a super dangerous thing in this community and also the selfhosted subreddit. Recommending cloudflare is almost the default, which I find a bit sad given many people selfhost to escape the reliance on big monopolist companies.

One can add different layers of security of course, but having nginx with monitoring in it's own VM without keys to jump to another VM is enough of risk mitigation for me.

Jitsi or Element call

This sounds super cool, I've been looking for something to keep track of my plants! Gonna try this

Wait, how do you know my password?

That's actually better I think. A project with zero open issues/requests is usually dead, not fast in solving issues.

I don't notice whether communities are kbin or Lemmy, so no idea. I think many communities being on Lemmy partly comes from that being released a few years earlier.

Unfortunately not. I think some areas have hashtags for that kind of stuff and someone is working on a new platform, but it's not there yet.

https://codeberg.org/grindhold/flohmarkt

Animals are harmed in industrial farming as well. It sucks, but doesn't make wheat not being vegan.