The warning is about using portainer to initially setup the container, not using it to manage it once setup
If you use docker compose, or even straight docker commands, to initialise the container, it's then fine to use portainer to monitor the status and restart it and things like that.
So without even reading the article you stated something incorrect as if it was fact?
He will release it in 2 weeks, along with that healthcare plan that's coming in 2 weeks
I'm curious who is the arbitrator for what's a valid security concern or not. If it's done by an independent group, it might make it harder to get around. If it's self disclosed, then yeah nothing will change
Thanks :) it's my first time actually trying to plate up a meal properly haha so it's really nice to hear this!!
Glad you got it sorted
Oooh this setup just got installed on a highway in my town, I've been wondering what it was since it was installed just past one of the vehicle counting strips they use
So are caves, yet humans can very easily cause damage to them accidentally, let alone deliberately
first your questions
Yes but also no. the tldr is It will work, but video streaming is against CloudFlare rules. I ran this way for about 2 years with Plex just for my own use, so for about 15 hours a week on 480p and I never got my service suspended, but I've heard stories of others getting suspended.... So just know it's a risk
That's a good use of tunnels
You can definitely run both solutions (tunnel points to npm, npm towards to all other services), and it saves you setting up tunnels for each service
Now for my 2 cents
As others have suggested, tailscale funnel is a valid option. A reverse proxy using a VPS is also a valid option. And as I pointed out, doing the CloudFlare tunnel is an option if you're willing to accept the risk.
My current setup is using a free Oracle VPS with a small nginx docker container forwarding all port 80 and 443 traffic through a tailscale. On the other end is a nginx proxy manager docker container that points to all my services across the network. I have my CloudFlare details configured in nginx proxy manager to generate a wildcard SSL certificate that I apply to all my local services
Inside the network, I use adguard to redirect the domain to the local LAN IP of the nginx proxy manager server to avoid traffic going through the internet.
Then all you need to do is point the domain on CloudFlare dns to the Oracle server, and you'll have several layers of separation between the internet and your local LAN , as well as SSL certs both internally and externally on any services you share
It might not be the most elegant setup, but I share my Plex server (as well as about 30 other things) with several other people and can handle multiple 1080p streams going through it without any issue and it's been nice and stable for over a year without any issues