What it is
A small Docker LXC that hosts personal coding work, Discord-side automation, and the experiments that need to stay always-on without crowding the main edge host. It started as the replacement for my old bare-process sandbox. It now runs code-server, Maestro Bot, Shirase, Forge Bot, Kanade's Discord bridge, Watchtower, and the Portainer agent.
Why I run it
This LXC exists for a specific reason: it was the last holdout in the cluster running native processes instead of Docker. The Discord music bot used to run under nohup from a long-dead shell with no auto-restart; code-server was a manual install. Bringing both under the standard Docker pattern meant the same backup, monitoring, and update flows as everything else.
The replace-don't-reform choice mattered. Migrating an in-use LXC to Docker would have meant installing Docker, dockerizing both workloads, then carefully cutting over with the original still running. Standing up a fresh LXC and migrating the data was less risky and clearer.
It has since become the cluster's small-bot shelf. Shirase handles approval-gated project notifications, Forge Bot keeps Forge's Discord status cards and replies persistent, and Kanade's Discord bridge runs there for controlled remote checks.
How I use it
Day to day it is partly a code-server tab and partly the quiet place where Discord-adjacent services stay alive. Workspaces live on the LXC's filesystem; the music bot's source is bind-mounted from the workspaces directory into the bot container, so editing the bot script in code-server and running docker compose restart maestro-bot is enough to deploy a change.
The newer services follow the stricter host-managed compose pattern: source lives in the project repo, runtime state lives under the stack directory, secrets stay out of git, and health endpoints are monitored from the homelab dashboard.
Setup notes
- Host: a 4 GB / 2 core LXC on the Optiplex node, single rootfs (no multi-disk complications).
- Stacks:
code-server(image pinned),maestro-bot(custom-built, version-tagged),shirase,forge-bot,kanade-discord,watchtower, plus the Portainer agent. - Reverse proxy: code-server's UI is behind NPM with websockets enabled (the integrated terminal needs them).
- Backups: PBS captures the LXC. The bot's
.envand the music workspaces are inside the rootfs. - Update cadence: manual.
Runbook
- Healthy looks like: code-server loads, opening a terminal in it works, the bot containers are
Up X hours, and Shirase / Forge Bot health endpoints return ready. - Bot container in
Restarting: usually a.envissue (missing or invalid Discord token) or a Discord rate-limit.docker logs maestro-bot --tail=30shows which. - Shirase or Forge Bot unhealthy: check the stack logs first, then the relevant project runbook. Most failures are expired tokens, missing bearer config, or the Windows callback target being offline.
- code-server loads but the terminal panel never connects: websockets not enabled on the proxy host.
- Bind-mounting source from the editor workspace: gives me the edit-in-place workflow but means the Docker image doesn't capture the script. The Dockerfile builds the image with everything except the bot script and
.env; those are read-only bind mounts from the workspaces directory. - Where logs live:
docker logs <container>on the host.