For me it is writting docker compose files describing my services. I like to test them on my machine before pushing them to the server(s). But I guess that’s my own fault for not using something like portainer or even SSHFS.
What’s the most annoying / painful step for you?
My biggest fear is thinking my network and server is secure. But missing something. If anyone has any tips. I’m all ears.
Just make sure general network (i.e home public* wifi/wired) are properly spararated from lab net, also make sure to have different mgmt net, have a different wifi/wired net just for you, monitor & firewall those correctly (including outbound connections), keep software up2date, isolate servicies, rootless & ditroless & read-only containers, and read common daily secnews (bleeping computer, hackernews, seclists & fulldisclosure, …) you should be good.
*public in this context doesn’t mean passwordless, but rather being used by others than you (wife, kids, friends)