thomas

This may be a long shot, but it's what I do, so it might be an option: Set up a crypto gateway like CipherMail which will automatically decrypt inbound email and sign/encrypt outbound. The result is that your Thunderbird will never get to see an encrypted email, decryption is handled transparently before it hit's your inbox. Obviously, if you don't trust your email provider, this is not an option.

This isn't simple and hence not for everyone, also comes with dependencies on your email provider, but it works flawless for me ever since I set it up. I run my own email server, hence adding in CipherMail wasn't a big deal.

You would expose the port to your host which makes the db acessible by anything running on the host, docker or native. Something like

`port

• 5432:5432 `

But I would recommend running a dedicated db for each service. At least that's what I do.

• Simpler setup and therefore less error-prone
• More secure because the db's don't need to be exposed
• Easier to manage because I can independently upgrade, backup, move

Isn't the point about containers that you keep things which depend on each other together, eliminating dependencies? A single db would be a unecessary dependency in my view. What if one service requires a new version of MySQL, and another one does not yet support the new version?

I also run all my databases via a bind mount

`volume

• ./data:/etc/postgres/data...`

and each service in it's own directory. E.g. /opt/docker/nextcloud

That way I have everything which makes up a service contained in one folder. Easy to backup/restore, easy to move, and not the least, clean.

For me it's Borg backup for Nextcloud an all the other servers

For a while it's just data in, which it handles really well. But it really started to shine for me when I needed to find some of the documents. OCR and their search works very well for me.

There are also some interesting thoughts in here: https://skerritt.blog/how-i-store-physical-documents/

What's the error?

Can you run docker-compose logs

Here's mine: https://cloud.zell-mbc.com/s/Ac5KQTTxcWNYbNs

I tried to add file it to this post but formatting got completely messed up, hence a link.

Before you run docker-compose you need to change the paperless-app volumes to fit your requirements and set up the variables in .env

Device is a HP Pro 9010 Printer/Scanner with a local SMB folder set up as scan target. Paperless monitors the share and picks up everything someone (I) put in there. Scanner, PC, phone, anything which can connect to the SMB share. Dead easy and works reliably.

Let me throw in Paperless NGX, https://github.com/paperless-ngx/paperless-ngx

:-)

But seriously, I was wondering about the requirement to shutdown the VM's and couldn't come up with a solid reason? I mean, even if QEMU/KVM/Kernel get replaced during a version upgrade or a more common update, all of these kick in only after the reboot? And how's me shutting down VMs manually different from the OS shutting down during a reboot?

I know I am speculating and may not have the fill picture, probably a question for the Proxmox team, there may be some corner case where this is indeed important.

By the way, Mexican or US black strat? :-)

Like you I have OPNsense in a VM on one of my PVEs. But I only made sure the nigthly VM back up ran and didnt even bother shutting down the VMs during the upgrade. The VMs got restarted during the final reboot, as the would with every other reboot, and I was back in business.