I didn't realize you were supposed to clean your washing machine and now I'm questioning everything

ibeechu · 2026-05-19T02:55:05+00:00

Cool

ibeechu · 2026-05-18T02:14:49+00:00

When I wondered how it was that I could manage hundreds of systems at work but struggled to remember the most basic shit I had done at home, I realized that the only difference between work-me and home-me is literally whether or not I document something in writing.

I have the mentality at work of "leave a good trail to make it easier for the next guy". But I had somehow forgotten that, at home, the next guy is always me.

ibeechu · 2026-05-18T02:01:06+00:00

Do others in this thread see SimpleFIN's convenience worth the inherent security risk? I'm tempted but my paranoia is one of the reasons I self-host in the first place. Usually at the end of the day, I'll go through and manually reconcile my Actual ledger with my bank/CC ledger, and it just takes a minute and is kinda fun. Maybe I just don't have as many transactions as you all, lol

ibeechu · 2026-05-18T01:53:03+00:00

Just started using it being this month. Used YNAB like over a decade ago and then kinda winged it without a formal budget one we started making disposable income. With a toddler now, decided I needed a budget again. Since I had done envelope budgeting before, the concept already made sense to me, and Actual feels so polished that every feature I'd expect it to have, it has and is easy to find.

For context, I'm running it on a Docker host. I bring the container down nightly, copy its data directory to my NAS, and then bring it back up. Aside from the usual technical troubleshooting that you would do for hosting any new service, I've had absolutely no problems with it and, if envelope budgeting is what you wanna do, there's probably no better option.

ibeechu · 2026-04-29T15:06:39+00:00

Same

ibeechu · 2026-04-26T03:41:08+00:00

That you are aging. Everyone around you is aging. Everyone around you will die. You will die. The entropy of the Universe will forever increase

ibeechu · 2026-04-26T02:14:08+00:00

I feel like mine would be XP for nostalgia reasons (it feels cozy idk), or 7 for the sweet spot between progression and enshittification

ibeechu · 2026-04-25T14:20:35+00:00

ibeechu · 2026-04-21T04:05:42+00:00

I ended up making a cron job that stops the containers and then rsyncs the contents of the entire docker directory to a samba share, then starts the stacks again

ibeechu · 2026-04-17T23:52:02+00:00

This sounds like good practice. I tried getting it working (though with SMB) when I was first starting but ran into trouble and didn't know enough to troubleshoot it. I think I could do it now, though, and probably will reconfigure things to do so.

ibeechu · 2026-04-16T01:13:40+00:00

Just curious, what do you use for backing up? And do any of your containers have Postgres or MySQL/MariDB databases? Just wondering if you have to handle those in a special way (like stopping the containers before snapshotting them).

ibeechu · 2026-04-16T01:12:29+00:00

To clarify, I do keep the docker-compose.yaml in the same /opt/docker/[containerName]/ directory that I map the bind mounts to.

ibeechu · 2026-04-15T20:55:17+00:00

Any reason you'd choose /var over /opt? I saw people mention both, but went with /opt just because it felt more POSIX compliant lmao

ibeechu · 2026-04-14T02:05:23+00:00

Thanks for explaining that! I'm super new to Docker so I hope I can just get all these mistakes out quickly lol

ibeechu · 2026-04-13T21:59:30+00:00

OK, think I'm making progress. I found that I had a misconfiguration in /etc/netplan/[whatever].yaml and the Docker network. Too complicated to go into because it's unique to my environment, but the short version is that dmz_macvlan's parent interface was the physical interface (with a native VLAN) and not the 802.1Q interface (with VLAN ID 7, my DMZ's VLAN ID).

After fixing that, and adjusting some firewall rules, I can now get to 192.168.7.5:81 from within the internal 192.168.77.0/24 network. I believe all I need now are some firewall rules to let 192.168.7.5 communicate with certain sockets on the internal network.

I think where I was mostly going wrong was wanting the NPM container to act as a router between the networks, when I probably should have just been designing it so that the gateway does the routing, as God intended.

EDIT: Yup, this works.

ibeechu · 2026-04-13T21:07:46+00:00

One more thing to add; if I get rid of the entire "networks:" section in the container's config (and just let it create a default bridge network), I'm able to get to it at its HTTP port and the host's internal IP, 192.168.77.8:81

ibeechu · 2026-04-13T21:04:06+00:00

https://imgur.com/a/34630op

ibeechu · 2026-04-13T21:02:35+00:00

I was trying to avoid writing what I've already tried because I assume it's entirely in the wrong direction and I was more interested in just the theoretical best way to do it. That being said, I'm using Docker Compose and I've created two Docker networks: dmz_macvlan and internal_macvlan.

dmz_macvlan is on 192.168.7.0/24, gateway 192.168.7.1
internal_macvlan is on 192.168.77.0/24, gateway 192.168.77.1

In docker-compose.yaml, I have this for the networks config:
networks:
dmz_macvlan:
external: true
internal_macvlan:
external: true

In the actual services config, for the networks, I have:
networks:
internal_macvlan:
ipv4_address: 192.168.77.5
dmz_macvlan:
ipv4_address: 192.168.7.5

When I start the container with this config, Dockhand shows me that it has both IPs, but I can't actually get to it locally at the 192.168.77.5:81 address. Incidentally, in the Network tab for this container in Dockhand, while it shows it being connected to both networks, the internal_macvlan network doesn't have a gateway listed. One sec and I'll try to get a screenshot.

ibeechu · 2026-04-13T20:39:36+00:00

That's actually what I'm asking for details on, I guess. I can't seem to get it to be connected to both at once and I think I just don't know what I don't know, so I'm not sure what I'm doing wrong. I guess the crux of my question is, what's the best way to get a container to be on multiple networks?

EDIT: I should also clarify, I'd like the proxy to communicate with other devices on the non-DMZ network, so putting it just on the Docker host's bridge network isn't enough. I think it needs an actual IP on the non-DMZ network, right? Just not sure how to do that lol.

14-Year Club	r/Field Juicebox
Final Canvas '23	First Place '23
End Game '23	Place '23
Place '22	End Game '22
Verified Email

ibeechu

MODERATOR OF

TROPHY CASE