Yeah, I did not know it is that bad....

You don't want the nextcloud to be public for everyone, then I'd go the tailscale route without a vps. Just connect your Server and phone.

If you want it to be public, then I'd still use tailscale and do it like the other comment suggested.

Reverse Proxy on vps connected to tailscale, proxzies the traffic through the tailnet to your server. That's what I'm doing btw.

Alles gute!🔥

Danke für 🥗🍵, sehr lecker.

https://lemmy.world/comment/10089750

This is how I did it.

I recommend this: https://www.zigbee2mqtt.io/guide/installation/20_zigbee2mqtt-fails-to-start.html#method-1-give-your-user-permissions-on-every-reboot

with that and also read the tipp after that I was troubleshooting my permission issues.

This should apply to gpu too.

But does this matter if you just want this to be locally accessible and you're running your own dns?

You need a wildcard cert for ypur subdoman:

*.legal.example.com

Then point that record to 127.0.0.0. This will not resolve for anyone. But you'll have an internal dns enty (useig pihole/adguard/unbound) that redirects to your reverse proxy.

You could also point to your revers proxy internal address instead of 127.0.0.0.

This video could help you: https://www.youtube.com/watch?v=qlcVx-k-02E

Sorry I have no idea how traefik works, but I've seen that this new video ist out. It might help you.

https://youtu.be/n1vOfdz5Nm8

Yes... That is also my understanding.

I do. If you run caddy with network_mode: hostor better with network_mode: "slirp4netns:port_handler=slirp4netns" it should work.

also adding:

cap_add:
      - net_admin
      - net_raw

Podman + Caddy does it for me.

You need to adjust the "minimum" port a user can bind. Podman tells you how to do it (or a quick google search).

I played with this problem too. In my case I wanted a zigbee usb to be passed through. I'm not sure if this procedure works with gpu though...

This was also needed to make it work: https://www.zigbee2mqtt.io/guide/installation/20_zigbee2mqtt-fails-to-start.html#method-1-give-your-user-permissions-on-every-reboot

devices:
      # Make sure this matched your adapter location
      - "/dev/ttyUSB.zigbee-usb:/dev/ttyACM0:rwm"

Also I passed my gpu to immich. But not 100% sure it is working. I've added my user to the render group and passed the gpu like the usb zigbee stick:

devices:
      - "/dev/dri:/dev/dri:rwm"  # If using Intel QuickSync

The immich image main user is root if imI remember correctly and all permissions that my podman user 1000 has are granted to the root user inside the container (at least this is how I understand it...)

For testing I used this: https://www.zigbee2mqtt.io/guide/installation/20_zigbee2mqtt-fails-to-start.html#verify-that-the-user-you-run-zigbee2mqtt-as-has-write-access-to-the-port It should be working with gpu too.

I can test stuff later on my server, if you need more help!

Hope this all makes sense 😅 please correct me if anything is wrong!