NcAIO, Docker, Nginx Reverse Proxy, working great, questions

Hey folks, gotta few fiddly little questions. Overall I’m quite pleased with how things are working.

I work in tech (IT & Python Dev, flexibly) and things came up pretty predictably for this setup - I most followed AwesomeOpenSource on youtube as my basic model of deployment, but a number of differences - I have a DigitalOcean droplet running nginxProxyManager, vague plans to downsize that to vanilla Nginx eventually, but part of good IT is choosing which yaks to shave on any given day. I initially got it up and running on that droplet, but quickly realized my desire for bells and whistles would murder the little thing, so in the end I installed the AIO docker image onto an i5 with 16GB here in my own home and proxied the domain here. This is far from ideal, as I am on Starlink until the man in the coverall comes to drill a hole in my wall and pass the fibre on in. I can verily smell those photons beating against the dead end of the fibre in that box on my outside wall.

Somewhere along the line I read that with all the subcontainers enabled, which I did, you should have at least 5GB ram, but my running instance ate up 12GB, though it seems to be holding steady from there. The system is also managing a 5-disk RaidZ array and I’m a bit worried about the ram actually. This is also definitely not the long-term home of things.

I kept seeing that my address has been identified as, which is one of the Docker networks, so I added it to the brute force whitelist, which seems safe - I assume that some other subnet’s 172.19 is not able to reach through our NATs.

Syncs are very slow, even when going from our local lan to our local lan, which makes me wonder if it’s going up and through the proxy. I once had a CCNA but it’s been a long time since I chased packets around so not sure what is up there. This is far, far from a dealbreaker.

Primary goals of this server are:

Grocery Lists that work at the same level as Google Keep - QuickNotes seems to be close or possibly better, we haven’t tested latencies or note sharing yet. Notes worked, sort of, but I have not been able to move a shared file into my Notes folder, so while my wife has a proper Note to work with, I need to directly edit the file from my Shared folder. According to some Googles I should be able to do it. We’ll see how QuickNotes goes.

Instant uploads of (ideally) all data from phones in an easily-browseable way. This is already going strong on my phone, we’re still getting my wife’s iphone setup. She is game but gets frustrated easily so I’m in full helpdesk mode a lot of the time. Worth it to get out from under Google.

Ideally I would like to replace Firefox’s password manager, which I have been lazily trusting for a long time, with something hosted on the NC. Wife uses OnePassword, which she got as a bonus from our kid’s account, and I’m happy to let that be for her until I’m very comfortable with whatever I adopt. I don’t wanna store my passwords anywhere but here, in the end. Some, such as my bank websites and stuff, never get digitally stored at all.

Other than that it’s optional creature comforts, like I’ll probably start using the recipes app on this, where I would simply never have bothered with a “cloud” version.

In the interest of life being even marginally convenient, I plan to keep my gmail account as a buffer for trashy web accounts and stuff, at least until such time as they change their motto again, this time to “Well, Let’s Give Evil A Chance To See What It Can Do For Us.”

That said, I registered my own domain in all this and I plan to start using that address for my communications with other humans. At the moment we’re using the One Year Free that Gandi threw in with my domain name, but does anyone have suggestions for a good host to use instead? RMS uses ProtonMail so they’re the current front runner.

So as I said, overall it works great, very stable relative to what I was prepared to accept for the price, I am very impressed. I’m pretty impressed with Docker as well, but now I’m wondering, since I am good at Linux and capable of reading system logs and diagnosing errors and stuff, how much of a price am I paying in terms of performance for using this in containers? I don’t relish the thought of doing a bunch of manual labour that others have already done, and I reeeeeally hate dealing with web servers and certificates, BUT if it means the system will likely run faster, more snappy webUI (the UI is quite sluggish on my current deploy, though the machine’s CPU is far from busy), etc, I am 100% prepared to do all the necessary steps to have a well-tooled, efficiently-deployed system.

Cheers, might think of some other questions but wanted to get a few thoughts down where people who know might see them.

Edit: Just remembered, I’ve been trying to run the occ command to download the ML models for Recognize, but it consistently times out. I wonder if this is the same problem causing my syncs to be slow.