My backups are all automated using Macrium Reflect with Macrium Site Manager aucustrating all of it. I used to work in IT doing networking, servers, and security. It's a real nice setup. Yes I'm moving a lot of data and all I do is read he daily reports that flag any problems. The full backup of my photo and video library takes about 10 hours at 4-Gb. As the library is always growing, I'm careful about affecting performance. At some point I'll have to move to synthetic full backups yet I'm not fond of them due to the risk of bit rot. I do defend against this now running periodic scrubs and of cause multiple copies are kept.
hm, so what does exposing /dev/net/tun into the lxc do wrt to docker?
i also found this guide on exposing gpus into lxc containers for transcoding: LXC GPU Access | swigg
That may work, but I went down many dead ends in passing through Intel Quicksync to an unprivileged LXC. This guy's GitHub page proved to be the most useful to me:
And, these were the additions I made to the <id>.conf file for the Channels LXC I used this on, mostly based on his write-up:
lxc.cgroup2.devices.allow: c 226:0 rwm
lxc.cgroup2.devices.allow: c 226:128 rwm
lxc.mount.entry: /dev/dri/renderD128 dev/dri/renderD128 none bind,optional,create=file 0, 0
lxc.mount.entry: /dev/dri dev/dri none bind,optional,create=dir
lxc.hook.pre-start: sh -c "chown -R 100000:100000 /dev/dri"
lxc.hook.pre-start: sh -c "chown 100000:100044 /dev/dri/card0"
lxc.hook.pre-start: sh -c "chown 100000:100105 /dev/dri/renderD128"
On the Proxmox host it looks like this:
root@pve0:~# ls -la /dev/dri
total 0
drwxr-xr-x 3 root root 100 Mar 4 12:05 .
drwxr-xr-x 19 root root 4740 Mar 4 12:05 ..
drwxr-xr-x 2 root root 80 Mar 4 12:05 by-path
crw-rw---- 1 root video 226, 0 Mar 4 12:05 card0
crw-rw---- 1 root render 226, 128 Mar 4 12:05 renderD128
And, on the Docker host it looks like this:
root@channels0:~# ls -la /dev/dri
total 0
drwxr-xr-x 3 root root 100 Mar 4 18:05 .
drwxr-xr-x 8 root root 520 Mar 20 23:05 ..
drwxr-xr-x 2 root root 80 Mar 4 18:05 by-path
crw-rw---- 1 root video 226, 0 Mar 4 18:05 card0
crw-rw---- 1 root render 226, 128 Mar 4 18:05 renderD128
1 Like
I'm glad you asked that question -- as I had to think about it for a few minutes. 
It's actually not for Docker, it's for Tailscale, which I use in pretty much every one of my LXCs and VMs.
I typically use the containerized version of Tailscale, though there are some limitations to that, as a container can't modify resolv.conf on the Docker host. For Docker hosts where I need the best possible Tailscale support, I install it on the Docker host itself.
I’ve been on proxmox for years and wouldn’t have it any other way. like @bnhf said, the only thing really missing is more storage / share management features.
I wish that would come to pass, but right now they’re feverishly trying to absorb footprint from all those abandoning vmware.
would love it if we were to start up a proxmox subthread with specific topic tags like docker in lxc, gpu passthru, unprivileged tips, file share, etc
I have been on proxmox for probably a year now. I have Channels on a Synology NAS and use a Minisforum UM790 Pro that also connects to a mount using SMB to the NAS. That way I can run two Channels DVRs and use the same storage. That way I can have my Channels DVR and the miss can have hers. I don't transcode anything so AMD has worked fine for me. The Proxmox Server has Debian in a LCX container. I run Channels, Docker, Plex, and Portainer. Then on another virtual machine I run Home Assistant. By having this setup since the storage is all on the NAS, making backups of the LXC container and Home Assistance only takes 5 minutes and the backups can be automated to the Synology NAS.