Elvith Ma'for

You state that you did use the install script, but also that you want to run it with docker. Did you follow the instructions in their docker repository? It’s quite easy to get it running - they included a complete docker-compose, a Caddyfile and all you need.

https://github.com/searxng/searxng-docker

Edit, I’m dumb, I misread.

There’s a light! Over at the Frankenstein place.

Came to suggest this. I ran into the same problem when I tried to host Jellyfin at home. Also I was fed up with all those certificate warnings, depending on which device I used. Since I was already using pihole in my home network, I just went and looked at all the DNS plugins for certbot to learn which provider allows for easy DNS challenges. Then I researched a bit and stumbled upon a provider that was running a sale - so I got a domain for less than 5 bucks/year.

I set the public A record to 127.0.0.1 and configured certbot to use their API. This domain is now used internally in my network exclusively and I just added some DNS entries for several subdomains in pihole, so that it works for every device at home (e.g. jellyfin.example.com / dockerhost.example.com / proxmox.example.com / …).

When I’m away, I shouldn’t be able to resolve the domain, and even if DNS were hijacked, the TLS certificate will protect me from connecting to $randomServices. Also my router is less restricted, which means that I can just use it’s VPN server to connect directly to my home network, if I need to access my server or need to troubleshoot things when away.

I… Feel called out

I’m currently experimenting if I can convert my stack to rootless podman.

I found in my notes, that

A user-mode networking tool for unprivileged network namespaces must be installed on the machine in order for Podman to run in a rootless environment.

Podman supports two rootless networking tools: pasta (provided by passt) and slirp4netns.

Could this be your problem?

Taken from https://github.com/containers/podman/blob/main/docs/tutorials/rootless_tutorial.md

If done correctly, those may only be open from the internet, but not from the local network. While SSH may only be available from your local network - or maybe only by the fixed IP of your PC. Other services may only be reachable, when coming from the correct VLAN (assuming you did segment your home network). Maybe your server can only access the internet, but not to the home network, so that an attacker has a harder time spreading into your home network (note: that’s only really meaningful, if it’s not a software firewall on that same server…)

Instead of thinking with layers, you should use think of Swiss cheese. Each slice of cheese has some holes - think of weaknesses in the defense (or intentional holes as you need a way to connect to the target legitimately). Putting several slices back to back (in random order and orientation) means that the way to penetrate all layers is not a simple straight way, but that you need to work around each layer.

…But will it run DOOM?

They’re pronounced differently (although there’s a difference between British English and American English but for these that difference is quite consistent and you just omit the r):

horse [hɔːs]/[hɔːrs] - worse [wɜːs]/[wɜːrs]

cord [kɔ:d]/[kɔːrd] - word [wɜːd]/[wɜːrd]

There are a few of them. There’s also

Phoney Phonetics.

One reason why I cannot spell,
Although I learned the rules quite well
Is that some words like coup and through
Sound just like threw and flue and Who;
When oo is never spelled the same,
The duice becomes a guessing game;
And then I ponder over though,
Is it spelled so, or throw, or beau,
And bough is never bow, it’s bow,
I mean the bow that sounds like plow,
And not the bow that sounds like row -
The row that is pronounced like roe.
I wonder, too, why rough and tough,
That sound the same as gruff and muff,
Are spelled like bough and though, for they
Are both pronounced a different way.
And why can’t I spell trough and cough
The same as I do scoff and golf?
Why isn’t drought spelled just like route,
or doubt or pout or sauerkraut?
When words all sound so much the same
To change the spelling seems a shame.
There is no sense - see sound like cents -
in making such a difference
Between the sight and sound of words;
Each spelling rule that undergirds
The way a word should look will fail
And often prove to no avail
Because exceptions will negate
The truth of what the rule may state;
So though I try, I still despair
And moan and mutter “It’s not fair
That I’m held up to ridicule
And made to look like such a fool
When it’s the spelling that’s at fault.
Let’s call this nonsense to a halt.”

- Attributed to Vivian Buchan, 1966

When the English tongue we speak.
Why is break not rhymed with freak?
Will you tell me why it’s true
We say sew but likewise few?
And the maker of the verse,
Cannot rhyme his horse with worse?
Beard is not the same as heard
Cord is different from word.
Cow is cow but low is low
Shoe is never rhymed with foe.
Think of hose, dose,and lose
And think of goose and yet with choose
Think of comb, tomb and bomb,
Doll and roll or home and some.
Since pay is rhymed with say
Why not paid with said I pray?
Think of blood, food and good.
Mould is not pronounced like could.
Wherefore done, but gone and lone -
Is there any reason known?
To sum up all, it seems to me
Sound and letters don’t agree.

- Lord Cromer, 1902