cross-posted from: https://programming.dev/post/1429257
It has an ‘App store’ that’s been growing a lot lately. Writing new docker-compose.yaml files is easy (see: https://www.runtipi.io/docs/contributing/adding-a-new-app ), and exposing them behind NAT, e.g. from home it’s easy too (see: https://www.runtipi.io/docs/guides/expose-apps-with-cloudflare-tunnels )… But my favorite perk is the folder structure (see: https://www.runtipi.io/docs/reference/folder-structure ), and the fact that ‘media’ is shared between apps.
I’m intrigued. How do you deploy apps in your homelab, presumably with some needing access externally, and still maintain privilege separation for each of them?
I use containerization as the new chroot jail, as well as for rapid (re)deployment capability. I can easily spin up or tear down services I might want to test or play with, and having separate containers for everything means I can create very specific rules and routes for each service as required.
In fact, a lot (not all) of my services are docker stacks running in their own LXCs on Proxmox. Containerception.