docs: Add lessons on network stack and Podman debugging.

2025-09-04 03:31:44 +02:00 · 2025-09-04 03:31:44 +02:00 · 807bf616e5
commit 807bf616e5
parent 6bb2e95890
1 changed files with 2 additions and 1 deletions
--- a/lessons_learned.md
+++ b/lessons_learned.md
@ -36,4 +36,5 @@

 *   **Networking & Cloud Considerations:**
    *   Host firewall (`firewalld`) rules are separate from cloud provider security rules (e.g., Oracle Cloud Network Security Groups/Security Lists). Both layers must be correctly configured.
-    *   Ansible playbooks typically cannot manage cloud provider firewalls without specific cloud collections (e.g., `oracle.oci`).
+    *   Ansible playbooks typically cannot manage cloud provider firewalls without specific cloud collections (e.g., `oracle.oci`).
+*   **Combined Networking Stack:** For services that are tightly coupled (like Nginx and Wireguard in a reverse proxy/VPN setup), it is often best to manage them within a single Ansible role and a single Podman Compose stack. Separating them can break intended network sharing and complicate debugging.