What is n8n?

I’ve read the article you pointed to. What is written there and what you wrote here are absolutely different things. Docker does integrate with firewalld and creates a zone. Have you tried configuring filters for that zone? Ufw is just too dumb because it is suited for workstations that do not forward packets at all, so it cannot be integrated with docker by design.

If you mean HTTP server, what you need is a reverse proxy and name-based virtual hosts. I usually use nginx for such tasks, but you may choose another web server that has these features.

There’s no any solution. It is impossible to convert from PDF to any editable format correctly. The exception is a “hybrid PDF” that has an embedded editable document. If you need to edit PDFs that you created yourself, store them in hybrid format.

No, not 30 minutes. For the first time I spent couple of weeks just for reading documentation and experiments. It was about 8 years ago IIRC. But since that time when I need something more complex than install a package or copy a file, I feel myself like a 30-minutes user because it does not work as I expect.

No, I can’t. I use it only occasionally, so I don’t remember everything. But many times configurations didn’t work as described in documentation and I had to find a different way to achieve a required result. Sometimes this behavior changed from release to release. This thing doesn’t seem something that I can rely on. But we use it in our company many years, so switch to another tool would be painful.

You will need many iterations of trial and error. No way.

You can speed up testing your playbook by using molecule or something similar. Don’t touch your working VMs until you get a service set up correctly in your test environment. If you need to set up multiple services in a single VM, you can automate their deployment sequentially, of course.

P. S. I don’t like Ansible and won’t recommend it because it is full of bugs and non-obvious behavior. However I didn’t investigate alternatives and can’t suggest a better one.

Full code audit is very time consuming. It’s impossible to audit all software someone uses. However if I know nothing about project, I do a short look at the code to understand if it follows best practices or not and make some assumptions about the code quality. The problem is that I can’t do this if I’m unfamiliar with the programming language the project is written in, so in most cases I try to avoid such projects.

Just checked one more time that emails from my server are accepted by Gmail. What am I doing wrong?

the list of the daemons running in docker-mailserver

Awful. Who heeds both rspamd and spamassassin simultaneously? fetchmail and getmail6? More than a half of these components are not required to get a working mail server. But I agree that setting up the another half is rather complicated. So I’m planning to give a try to mox when I’ll need to set up a new mail server.

Why not OpenWrt?

Yes, you select projects that you participate in by yourself.

You may install BOINC and contribute to scientific computations.

The best way is to disable password login and use SSH keys only. Any further steps are not required, but you may additionally install fail2ban or sshguard.

It asks for a path to a root directory of a bootstraped container. You can create it with debootstrap, rinse, pacstrap, alpine-chroot-install, virt-bootstrap etc.

virt-manager is able to work wit lxc. Add a new connection of type Libvirt-LXC.

Yes, you can.

Do you really need OPNsense? Buying a OpenWrt capable router would save your money, place and silence.

Well, I don’t use proxmox, however docker coexists with libvirt and other virtualization systems. If there are overlapping networks that docker ant proxmox attempt to manage, they are configurable.

Snapshotting in docker is as easy as docker commit. After that you can back it up with docker save. Then move to another host, but not without downtime.

However normally you need to backup/move only volumes attached to containers. If that’s not the way how you like to organize your services, you likely don’t need docker.

What’s the purpose of running container in a container? Why not install docker on your host machine?