Switched to Nextcloud with Nginx Proxy Manager and separate containers for each service last year and it’s been WAY more stable than my previous all-in-one setup - lets you troubleshoot individual components without the whole thing crashing.
You should check out docker-compose-viz or dockge for visualizing/managing these complex setups - I’ve been using them for my audiobookshelf server (which I access with the soundleaf app) and it’s been a lifesaver for managing all those interconnected containers.
You’re missing the networks section in your audiobookshelf service definition - add networks: [nginx] to your audiobookshelf service to actually connect it to the network (just defining the network at the bottom doesn’t automatically attach your service to it, which is why npm can’t reach it and gives you that 502 error), and if you’re an audiobook fan you might wanna check out the soundleaf app for ios which works great with audiobookshelf.
just a heads up - with that many services running you might want to consider a backup power solution, especially for critical stuff like home assistant. i’ve found some great deals on portable power stations on gearscouts.com that can keep a mini pc running for hours during an outage (look for LFP batteries for best longevity).
The client cert management is the biggest hurdle with mTLS - I’ve found using a YubiKey to store certs makes it wayy more portable across devices, tho still doesn’t solve the mobile app support issue.
“Vibe coded” basically means software built on vibes/feelings rather than solid engineering principles - it’s the “eh, it works on my machine” approach whre testing and security are afterthoughts, which is why it’s particularly risky for self-hosted stuff that handles your data.
Trailing slashes actually serve an important purpose in URLs - they indicate you’re requesting a directory rather than a file, which affects how servers route reqeusts and can impact caching, redirects, and SEO.
Vaultwarden is ridiculously efficient - runs on like 50MB RAM on my potato server which is the same machine that handles my audiobookshelf server for the soundleaf app I love.
Check out the GoIP GSM gateways (1/4/8 port options) - they’re more reliable than DIY solutions for what your trying to accomplish and let you access SMS/calls via SIP protocols while using actual SIM cards.
Totally agree on keeping storage separate - if your compute device crashes, you don’t risk your data, and you can easily swap/upgrade either component indepedently without disrupting the other.
If you’re setting this up for audiobookshelf, you might wanna check out the Soundleaf app for iOS - it’s been a game changer for me with my self-hosted audiobookshelf server.
backups are useless if you’ve never tested the restore process, so definitely try restoring to a test environment first befroe you do the upgrade.