I host mine (for two users + WhatsApp bridge) on a 4gb 1vcpu vm. When I was using a smaller vm with only 2gb of ram it would hang frequently due to memory exhausting and swapping. I’m using a debian image, and the different components of matrix are containers.

one a VM, the other a container, with different upstream targets. I have to schedule maintenance when everyone is asleep or out of the house. I’ll swear one day I’ll have a proper (raspberry pi) cluster with KVM, I just need to finish implementing the other million things I find when I research it.

And it’s really easy to set up

I assume you have configured raspberry to start the desktop environment when at boot. Also, that this is on the internal lan only. You can run raspiconfig and enable vnc. Then from your laptop run a vnc client and connect to the server.

I don’t use ebook readers, just a tablet or my phone, so it was better for my use case.

Yep, hosted via docker, for epub, mobi and pdf. Works great with the librera reader as well.

I’ve blocked outgoing port 53 udp/tcp for all subnet except pi-hole. If I can’t trust a device to use the DNS I configured I can’t trust it to go on the internet, and it goes on my list of devices to replace.

I use fstab, seems cleaner instead of relying on podman. Otherwise can you give the podman user permissions to mount volumes?

looking at the install instructions it doesn’t say you have to use CF cert, only the api token in the conf.env file. So if you have done that you should be ok.

I’m curious about the DNS thing from your registrar. If they are the authoritative DNS, even putting the right records in CF won’t make a difference. But maybe you can tell your registrar that CF DNS is authoritative, by creating a SOA DNS record in your registrar, pointing at CF DNS (I can only fnid references to 1.1.1.1 or adam.ns.cloudflare.com).

Looking at the deployment templates it doesn’t say that you have to use ANY certificate. I think caddy generates one (or import one from CF) at deployment. If I was you I’d start from scratch with a new OS installation WITHOUT nginx/apache. Base OS, docker/docker-compose, and run the script again (after you fixed the DNS). If you want to find who is the SOA for your domain I think the command should be dig @9.9.9.9 SOA youlemmydomain.com

That should answer with the CF DNS you configured.

Also a dig @9.9.9.9 youlemmydomain.com should answer with the A records you configured in CF.

As other people said, there is already a process running on port 80. To find what exactly you can use the command sudo ss -lptn 'sport = :80' or sudo netstat -nlp | grep :80 (both require)

Also, what do you mean by

I have SSL pre-isntalled with the server

It’s a self-signed cert or letsencrypt (or similar)?

Looking at the Ubergeek77 method, I can see in the docker-compose that they have specified to use caddy to run on port 80 and 443. So my guess is that you don’t need neither nginx nor Apache (caddy is a reverse proxy as well) . Also, why have you installed both? I guess you selected “web server” during the OS installation.

So remove apache and nginx, and try running the install script again.

If you want a gui to manage your containers, I use portainer (with debian as OS).

Joke’s on you, I login as root (no I don’t, but I do sudo -i instead of each command)

TECHNICALLY (yes, I’m fun at parties) you need 3 commands, as you also need to do an “apt update” after adding the repo. But we can chain commands of course. Do chained commands count as one? We could debate that for hours. Like why I prefer vi.

My point? None really, just having fun.

You have to set up proper routing, so the two vlans (your mobile/pc wifi vlan and the tv vlan for example) can communicate. But you don’t give Internet access to the tv/thermostat vlan, so they can’t “call home” and send all kinds of tracking back home.

The ultimate boss fight is hosting your email server AND making your family use it