fsebugoutzone.org:9999

       Post Anf3nt2bbcSBQSKlVY by secretbatcave@don.secretbatcave.co.uk
 (DIR) More posts by secretbatcave@don.secretbatcave.co.uk
 (DIR) Post #AncwK0jpKs5ccCRBuS by stfn@fosstodon.org
       2024-11-02T08:48:14Z
       
       0 likes, 0 repeats
       
       Continuing my #LXD journey: I realized that in order to reach lxd containers from other computers on the LAN, I can setup a reverse proxy on the lxd host that will forward traffic to the container. For example in Caddy that would be:http://container.homelab.local {reverse_proxy 10.54.60.25:80}I wonder if that&#39;s a good practice or am I doing something very wrong :D
       
 (DIR) Post #AncwkrQE54izXZ4Y1A by stfn@fosstodon.org
       2024-11-02T08:53:05Z
       
       0 likes, 0 repeats
       
       @bekopharm ok, why two? :)
       
 (DIR) Post #Ancx7yhTBeyum1A3LU by stfn@fosstodon.org
       2024-11-02T08:57:16Z
       
       0 likes, 0 repeats
       
       @bekopharm Right, that makes sense. Doesn&#39;t apply to me, as I don&#39;t expose anything local
       
 (DIR) Post #AncyBgdQOYRfrEbLea by secretbatcave@don.secretbatcave.co.uk
       2024-11-02T09:09:07Z
       
       0 likes, 0 repeats
       
       @stfn it certainly provides a level of isolation, its basically how kubernetes does it. I don’t think LXD supports macvtap devices, only bridge network.  it’s possible to assign an ip/hostname via dhcp to containers, but I’m not sure if the host has to do it, or it’s visible on the wider network. I suppose for ipv6 support it ,it’s be visible on the wider network
       
 (DIR) Post #And1sqO6JGKgQ6hjKi by stfn@fosstodon.org
       2024-11-02T09:50:34Z
       
       0 likes, 0 repeats
       
       @secretbatcave &quot;macvtap devices&quot; I have no idea what those are, eh, another point on my &quot;to learn&quot; list 😅
       
 (DIR) Post #Anf3nt2bbcSBQSKlVY by secretbatcave@don.secretbatcave.co.uk
       2024-11-03T09:21:28Z
       
       0 likes, 0 repeats
       
       @stfn macvtap are quite new, and aren’t as well documented. Basically it’s a bridge interface with one adaptor so it looks like a single virtual Ethernet adaptor for your container/vm. I’m not sure it’s the best system as the host can’t talk directly to the device. But the configuration is really simple.
       
 (DIR) Post #AnivQnc5b6yYvlFcR6 by stfn@fosstodon.org
       2024-11-05T06:06:32Z
       
       0 likes, 0 repeats
       
       @secretbatcave thanks, will investigate