• 0 Posts
  • 6 Comments
Joined 1 year ago
cake
Cake day: November 2nd, 2023

help-circle


  • well, there are many things to consider. TrueNAS’s ZFS is memory hungry, and is best used on it’s original BSD. Also, you may need SMART directly in your NAS, then you’ll need to PCI passthrough the disk controller if you are on proxmox. With that said, either directly running TrueNAS Scale or TrueNAS Core on proxmox isn’t ideal. Also, running database storage over NFS has great disadvantages, so I would really advice against going proxmox+truenas route.

    IMO, a mature NAS system is only useful as it is designed to be: bare metal system for your disk management. If you really wanna ZFS, then use TrueNAS Scale. If you are a guru and can or are willing to setup things yourself and doesn’t care about RAID5/6, just use regular linux + docker/podman + btrfs.


  • if I’m understanding your question correct, you are trying to use tls on containers that may not have tls libraries?

    there are two ways to that. one is to rebuild every container by yourself modifying its services to contain tls. the other is to use a pod. you put your service container and a reverse proxy into the same pod, setup that reverse proxy correctly as an edge proxy terminating tls, and expose only the reverse proxy’s port. that way, it will just look like a service with tls enabled.

    since you are considering tls for everyone, I assume that you don’t care about overheads. adding a reverse proxy in front of every container is like 10-50MB of additional memory, and it won’t matter on modern systems.



  • well I’ve been using both for quite a while. If you just want something that works, stick with docker. There is nothing wrong with docker in the homelab scenario and podman has rough edges that cringes you. If you are a control freak like me who wants to control every aspect of container running, then podman is a great tool that forces you into the habbit of learning and tinkering. It helped me understand a hell lot of things.