78

With the recent Proxmox 9 release, many of us have the upgrade ahead or already done. What about you, and how do you generally approach updating your services? Which other updates are you looking forward to or is it just an annoying chore?

Also the usual - let us know what you are currently working on, what problems you are encountering and what you are excited about.

As for updates, I update my machines semi-regularly with Ansible. The Proxmox 9 update was unspectacular (good thing!), I just had to change some things in my Promox-post-install automation (nag bar removal and package sources). I still plan to get a merge request based update process for my containers as mentioned here but I'm just not there yet. That guide was also posted on reddit recently and got some traction.

I also spent some time yesterday to organize my nginx logs, they basically all got their own folder in /var/log/nginx with their own access log file by adding access_log /var/log/nginx/$server_name/access.log vhost_combined; to each config. Error log file paths can't contain variables so I kept them in the default file so far.

Recently enabled wireguard (easy setting in my FritzBox router) and stopped exposing some of my services to the internet. That process isn't finished yet though as I'll need to switch to wildcard certificates in order to keep valid SSL for the now local-only services.

you are viewing a single comment's thread
view the rest of the comments
[-] tofu@lemmy.nocturnal.garden 1 points 2 months ago

I need to check what exactly I need to expose. I had 80 and 443 exposed but limited the access to local IPs in nginx like this:

    allow 192.168.x.0/24;  # Allow FritzBox subnet
    allow 10.0.0.0/24;       # Allow OpnSense subnet
    deny all;                # Deny all other IPs

I still have some services I want to expose so generally I'll keep the ports open.

this post was submitted on 16 Aug 2025
78 points (100.0% liked)

Selfhosted

52505 readers
711 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS