Sparking

My advice: only forward ports 8080 and 443, then make sure that you have fail2ban or crossed properly set up on your reverse proxy. After that, you are pretty much fine as long as you keep on top of updating your containers.

I would be careful about which apps you proxy. Idk why you need to access the admin portal for pi hole worldwide. If you really want to do that, you should set up a vpn.

Apple probably just lets it happen.

People are saying that it is a cloud managed reverse proxy, but I would not recommend using it like this. You should be running a reverse proxy on your own hardware, imo.

It is still useful because you can use it as just a proxy. You can point your dns to your cloudflare tunnel endpoint and cloudflare will screen all traffic going to your server. I’ve actually stopped using it, but it is a decent way to auto feel all the random internet traffic pitfalls like portscanning bonnets. Also putting something between your server IP and your domain is nice.

Oh, are you using Podman on windows? Yeah, it needs a virtual machine because it has to load the linux kernel. I would definitely believe that the windows version (or mac, I guess) of podman is way heavier than the alternatives on those platforms, but on linux it just ends up using the host kernel.

If you are doing this on linux, and still need to load a vm to use podman, that would be interesting. I haven’t run across that, but I haven’t been able to use podman too much.

Wow, 4 watts? That’s a lot. Any insight on what is taking up all this extra energy? I thought that podman would be thinner than docker honestly.

I love porkbun, but I am currently having an issue with their 2FA implementation. Their customer service is very responsive however.