• 0 Posts
  • 9 Comments
Joined 2 months ago
cake
Cake day: September 21st, 2024

help-circle

  • pipeline schedules. once a month I clone the remote repo into a local branch, and push it back to my repo with an automatic merge request assigned to me. review & merge kicks off build pipeline.

    I also use pipeline schedules to do my own ddns to route 53 using terraform. runs once every 15 minutes.

    also once a week I’ve got about 50 container images I cache locally that I build my own images from.







  • IMO this is the best OS way, but without nix it’s a pita to maintain through restores/rebuilds. personally I never fully comprehended how to properly configure iptables/routes (I did try though, so nobody can blame me lol).

    however, a major benefit to using a contained VPN or gluetun is that you can be selective on what apps use the VPN.

    I host 12 other containers (with nas mounts) on the same host outside of the three that need to use a VPN, so this is why the solution I described works for me. and should I ever need to use routes for more advanced network filtering I still have it available without adding the complexity of splitting normal traffic vs VPN traffic.


  • I’ll ask this question because it might be something you didn’t think of.

    What happens to your network connection if the VPN fails? will it continue to connect without a VPN?

    I had a similar case of that happening, and ended up causing me to get some shame mail from my ISP.

    now I run my VPN inside docker, and any containers that need access to it are configured as network slaves to it. VPN goes down? container reboots, all the others reboot after connection is restored, but will have no connection while it’s down.

    it’s all in a well designed system of healthchecks and container configuration.