Ellie, Limited EditionGit server migration to new VM complete 
For this round of minor internal infrastructure, I'm actually running all my stuff on containers inside a VM. So the VM is really just running Podman and some other stuff. Another layer of indirection, but wow it makes all this stuff easier to administer and back up.
Kat MCP(NT4) MCSE(Win2K)@tldrellie how do you deal with security maintenance..
I offload most of my app maintenance to Debian . With apt ..
I've always wondered how to do it in a docker environment
@kat The same, actually! All my VMs run Debian. Each VM also runs podman or docker, and just enough containers for one app. So my gitea VM has a gitea + mariadb container, etc.
If the containers themselves are vulnerable,,, well, hopefully the VM+Container barrier at least keeps the damage limited to one service
@tldrellie ok..is there anything like "unattended-upgrades" or whatever to make sure the containers are patched
Like for example...I have a box with a nginx proxy in docker. Is there some native mechanism I should be using rather than just docker pull ... Every so often
@kat I'm not aware of anything like that for a small setup with a lot of different containers, so I just set aside some time on my calendar every month to make sure things are updated