• 0 Posts
  • 5 Comments
Joined 1 year ago
cake
Cake day: November 1st, 2023

help-circle
  • One warning: in my experience, you can not jump two major versions. Not just it won’t work, but that if you try it everything will break beyond repair and you’ll be restoring from a backup.

    Two major versions can sometimes be a matter of a few months apart, so make sure you have a regular update schedule!

    (Also, people say never update to a X.0 release, the first version of a major release often has major bugs).

    TL;DR don’t take too long to update to new releases, and don’t update too quickly!

    Also, the docker image is often a day or so behind the new release, soNextcloud tells you an update is available but often you then need to wait until the next day to get the updated docker image. I guess this is because (as I’ve just learnt) the image is built by Docker not Nextcloud.




  • Unlike most here, I’m not as concerned with opening things up. The two general guidelines I use are 1. Is it built by a big organization with intent to be exposed, and 2. What’s the risk if someone gets in.

    All my stuff is in docker, so compartmentalized with little risk of breaking out of the container. Each is on it’s own docker network to the reverse proxy, so no cross-container communication unless part of the same stack.

    So following my rules, I expose things like Nextcloud and Mediawiki, and I would never expose Paperless which has identity documents (access remotely via Tailscale). I have many low-risk services I expose on demand. E.g. when going away for a weekend, I might expose FreshRSS so I can access the feed, but I’d remove it once I got home.