If you want to run Redlib on a Proxmox container with Ubuntu Server, the cleanest path is deploying it through Docker Compose inside an Ubuntu LXC container. Redlib gives you a privacy-focused way to browse Reddit — your browser talks to your own instance instead of hitting Reddit directly.
This guide covers the full process: spinning up the Proxmox LXC container, prepping Ubuntu Server, getting Docker Engine installed, deploying Redlib, configuring environment variables, testing everything, and optionally putting it behind a reverse proxy like Caddy or Nginx.
Quick Answer: Create an Ubuntu LXC container in Proxmox, flip on nesting so Docker works, install Docker Engine plus the Compose plugin, build a Redlib stack using the official quay.io/redlib/redlib:latest image, then fire it up with docker compose up -d. Redlib listens on port 8080 internally, so you can reach it at http://container-ip:8080 or bind it to localhost and route through a reverse proxy.
What We’re Building
We’re setting up Redlib inside an Ubuntu Server LXC container on Proxmox. Here’s how the stack looks:
| Layer | Role |
|---|---|
| Proxmox VE host | Runs the LXC container |
| Ubuntu Server LXC | Lightweight Linux environment for Redlib |
| Docker Engine | Runs the Redlib container |
| Docker Compose | Defines and manages the Redlib stack |
| Redlib | Privacy-focused Reddit frontend listening on port 8080 |
Proxmox VE handles both VMs and Linux containers, and you manage LXC containers through its pct tooling from the host. If you’re already running a bunch of Docker services in your homelab, this approach keeps Redlib isolated without spinning up a full VM for one small web app. The pattern works well with other self-hosted services too, especially if you’re already using Docker stacks on Proxmox. For more on Docker isolation choices in Proxmox, check out this related guide on Proxmox LXC containers.
Before You Install Redlib on Proxmox
Before you touch the terminal, figure out how you want to expose Redlib. For a home network, direct access at http://container-ip:8080 works fine. If you want something cleaner, use a local DNS name like redlib.lan behind Caddy, Nginx Proxy Manager, Traefik, or whatever reverse proxy you prefer.
Recommended Container Resources
Redlib is lightweight. For personal use, you don’t need much.
| Resource | Recommended Value |
|---|---|
| CPU | 1 core minimum, 2 cores comfortable |
| Memory | 512 MB minimum, 1 GB recommended |
| Disk | 4 GB minimum, 8 GB recommended |
| Network | Static DHCP lease or static IP |
| OS template | Ubuntu Server 24.04 LTS or newer supported Ubuntu LTS |
Important Note About Docker Inside LXC
Running Docker inside an LXC container is pretty common in homelabs, but it’s not quite the same as running Docker in a full VM. You need nesting enabled, and depending on your Proxmox version and container config, you might also need keyctl. If this is a public-facing or high-risk workload, a small Ubuntu VM gives you better isolation. For a private Redlib instance on a trusted homelab network, an unprivileged LXC with nesting strikes a good balance.
Pro Tip: Don’t install Docker directly on the Proxmox host unless you have a really specific reason. Keeping Docker inside a VM or LXC container makes backups, upgrades, firewalling, and service recovery way cleaner.
Step 1: Create the Ubuntu LXC Container in Proxmox
You can create the container from the Proxmox web interface or the command line. The web interface is easier if you’re doing this manually.
- Open Proxmox: Head to your Proxmox web UI, usually at
https://your-proxmox-ip:8006. - Download an Ubuntu template: Go to your storage, open CT Templates, and grab an Ubuntu Server template like Ubuntu 24.04.
- Create a new CT: Click Create CT and pick a container ID, hostname, password, and SSH key if you use key-based login.
- Use an unprivileged container: Keep the container unprivileged unless you know you need privileged mode.
- Assign resources: Use at least 1 CPU core, 512 MB RAM, and 4–8 GB disk.
- Configure networking: Use DHCP with a router-side reservation or set a static IP inside your LAN.
- Finish creation: Don’t start the container yet if you still need to enable nesting from the host.
If you prefer the Proxmox shell, you can create containers with pct, but the exact storage name and template path vary between systems. For most people, the GUI is safer for the first pass.
Step 2: Enable Nesting for Docker in the Proxmox Container
On the Proxmox host, open the shell and run this command. Replace 120 with your actual container ID.
pct set 120 --features nesting=1,keyctl=1Then start or restart the container:
pct start 120If the container’s already running, use:
pct reboot 120You can confirm the setting by checking the container config:
cat /etc/pve/lxc/120.confYou should see a line like this:
features: keyctl=1,nesting=1Some Proxmox builds expose nesting through the web UI under the container’s Options or Features section. The command-line method is more direct and works well when you’re following a repeatable setup process.
Step 3: Log In and Update Ubuntu Server
Enter the container from the Proxmox host:
pct enter 120Or SSH into it from your workstation:
ssh root@your-container-ipUpdate the base system first:
apt update
apt upgrade -y
apt install -y ca-certificates curl gnupg nano ufwCheck the Ubuntu version:
lsb_release -aDocker’s official Ubuntu packages support current 64-bit Ubuntu releases including Ubuntu 24.04 LTS and newer supported releases. Using Docker’s own repository beats relying on older distribution packages like docker.io. The official Docker Ubuntu guide also recommends removing conflicting Docker packages before installing Docker Engine from Docker’s apt repository.
Step 4: Install Docker Engine on Ubuntu
Remove any conflicting Docker packages first. It’s fine if apt says some packages aren’t installed.
apt remove -y docker.io docker-compose docker-compose-v2 docker-doc podman-docker containerd runc || trueAdd Docker’s official GPG key and repository:
apt update
apt install -y ca-certificates curl
install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
chmod a+r /etc/apt/keyrings/docker.asc
tee /etc/apt/sources.list.d/docker.sources <<EOF
Types: deb
URIs: https://download.docker.com/linux/ubuntu
Suites: $(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}")
Components: stable
Architectures: $(dpkg --print-architecture)
Signed-By: /etc/apt/keyrings/docker.asc
EOF
apt updateNow install Docker Engine, the CLI, containerd, Buildx, and the Compose plugin:
apt install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-pluginEnable and start Docker:
systemctl enable docker
systemctl start docker
systemctl status docker --no-pagerTest Docker:
docker run hello-worldIf the install is healthy, Docker downloads a small test image and prints a confirmation message. Then verify Docker Compose:
docker compose versionThe modern Compose command is docker compose with a space, not the older standalone docker-compose binary. Docker documents the Compose plugin separately in its Compose plugin guide, and the repository-based install is easier to maintain because updates come through apt.
Step 5: Create a Clean Folder for Redlib
Keep your Docker stacks organized. I usually place self-hosted apps under /opt or /srv/apps. For a single Redlib instance, this structure works:
mkdir -p /opt/redlib
cd /opt/redlibCreate two files:
compose.ymlfor the container definition.envfor Redlib settings
This keeps your deployment readable and makes it easier to back up or migrate later. If you manage several Docker workloads, you might also like this related article on Docker Compose health checks, because the same Compose habits apply to smaller services like Redlib.
Step 6: Create the Redlib Docker Compose File
Create the Compose file:
nano compose.ymlPaste this config:
services:
redlib:
image: quay.io/redlib/redlib:latest
container_name: redlib
restart: unless-stopped
ports:
- "8080:8080"
env_file:
- .env
security_opt:
- no-new-privileges:trueSave the file.
This exposes Redlib on port 8080 of the Ubuntu container. If your container IP is 192.168.0.50, the service will be available at:
http://192.168.0.50:8080The official Redlib project publishes container images on Quay and documents quay.io/redlib/redlib:latest as the Docker image. Redlib’s documentation also notes that the container supports common platforms like amd64, arm64, and armv7, which is handy if you run Proxmox on x86 hardware but also test services on ARM boards.
Safer Reverse Proxy Port Binding
If you plan to place Redlib behind Caddy, Nginx, or Traefik on the same Ubuntu container, bind Redlib only to localhost:
services:
redlib:
image: quay.io/redlib/redlib:latest
container_name: redlib
restart: unless-stopped
ports:
- "127.0.0.1:8080:8080"
env_file:
- .env
security_opt:
- no-new-privileges:trueThis prevents other devices on your LAN from reaching Redlib directly on port 8080. Only the reverse proxy can connect to it locally. Redlib’s own Docker documentation recommends this pattern when a reverse proxy sits in front of the application.
Step 7: Configure Redlib Environment Variables
Create the environment file:
nano .envStart with this practical config:
REDLIB_DEFAULT_THEME=dark
REDLIB_DEFAULT_LAYOUT=card
REDLIB_DEFAULT_WIDE=on
REDLIB_DEFAULT_BLUR_NSFW=on
REDLIB_DEFAULT_USE_HLS=on
REDLIB_DEFAULT_HIDE_HLS_NOTIFICATION=on
REDLIB_ROBOTS_DISABLE_INDEXING=on
REDLIB_ENABLE_RSS=onSave the file.
Here’s what these settings do:
| Variable | Purpose |
|---|---|
REDLIB_DEFAULT_THEME |
Sets the default theme for visitors |
REDLIB_DEFAULT_LAYOUT |
Controls the post layout style |
REDLIB_DEFAULT_WIDE |
Uses more screen width on desktop displays |
REDLIB_DEFAULT_BLUR_NSFW |
Blurs NSFW media by default |
REDLIB_DEFAULT_USE_HLS |
Enables HLS video support by default |
REDLIB_ROBOTS_DISABLE_INDEXING |
Discourages search engines from indexing your instance |
REDLIB_ENABLE_RSS |
Enables RSS feed generation |
Redlib supports instance-level settings using the REDLIB_ prefix and user-default settings using the REDLIB_DEFAULT_ prefix. For example, the internal port defaults to 8080, and user defaults include theme, layout, front page, post sort, comment sort, NSFW handling, HLS, subscriptions, and other interface options.
Pro Tip: If you expose Redlib publicly, keep REDLIB_ROBOTS_DISABLE_INDEXING=on. A personal privacy frontend doesn’t need to become a public search-indexed service unless you’re intentionally running a public instance.
Step 8: Start Redlib
From inside /opt/redlib, start the container:
docker compose up -dCheck that it’s running:
docker psYou should see a container named redlib. View the logs:
docker logs -f redlibOpen Redlib in your browser:
http://your-container-ip:8080Try a subreddit path:
http://your-container-ip:8080/r/selfhostedIf the page loads, your Redlib installation on Proxmox is working.
Step 9: Make Redlib Start Automatically
The Compose file already uses:
restart: unless-stoppedThat tells Docker to restart Redlib when Docker starts, unless you manually stopped the container. Confirm Docker itself is enabled:
systemctl is-enabled dockerIf needed, enable it:
systemctl enable dockerReboot the LXC container to test the full startup path:
rebootAfter the container comes back, SSH in again and run:
docker ps
docker logs --tail=50 redlibStep 10: Optional Caddy Reverse Proxy Setup
If you want a clean URL like http://redlib.lan or https://redlib.example.com, put a reverse proxy in front of Redlib. Caddy’s a good fit because the config is short, and it can handle TLS automatically for real domains.
If you already use Caddy for homelab services, the pattern is similar to the one used in this guide on Caddy reverse proxy.
Caddyfile for a Local LAN Domain
For a local-only HTTP setup:
redlib.lan {
reverse_proxy 127.0.0.1:8080
}For a real domain with HTTPS:
redlib.example.com {
reverse_proxy 127.0.0.1:8080
}Then reload Caddy:
caddy reloadIf Caddy runs in a different container or on another host, replace 127.0.0.1 with the Ubuntu LXC container IP:
redlib.example.com {
reverse_proxy 192.168.0.50:8080
}Nginx Reverse Proxy Note
If you use Nginx, add HTTP/1.1 support above the proxy_pass line:
proxy_http_version 1.1;The Redlib documentation specifically calls this out for Nginx reverse proxy setups. A minimal Nginx server block looks like this:
server {
listen 80;
server_name redlib.example.com;
location / {
proxy_http_version 1.1;
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}Step 11: Add a Basic Firewall Rule
If you expose Redlib directly on the LAN, allow port 8080:
ufw allow 8080/tcp
ufw enable
ufw statusIf Redlib’s behind a reverse proxy on the same container and bound to 127.0.0.1, you don’t need to expose port 8080 through the firewall. Allow only the proxy ports:
ufw allow 80/tcp
ufw allow 443/tcp
ufw enable
ufw statusBe careful with Docker and firewall assumptions. Docker’s official documentation notes that Docker interacts with iptables, and host firewall rules should account for Docker’s networking behavior. If you have a more complex setup with VLANs, macvlan, or custom bridge networks, this article on Docker bridge networking may help you think through the network path.
Step 12: Update Redlib Later
To update Redlib, go back to the stack folder:
cd /opt/redlibPull the latest image:
docker compose pullRestart with the new image:
docker compose up -dRemove unused old images:
docker image prune -fCheck the logs after updating:
docker logs --tail=100 redlibIf something breaks after an update, you can inspect the image currently used by the container:
docker inspect redlib --format='{{.Config.Image}}'For a small service like Redlib, I prefer manual updates instead of automatic updates. Manual updates let you check logs right away and roll back if Reddit-side behavior changes.
Troubleshooting Common Redlib Installation Problems
Docker Doesn’t Start Inside the LXC Container
If Docker fails to start, first confirm nesting is enabled:
cat /etc/pve/lxc/YOUR_CTID.confLook for:
features: keyctl=1,nesting=1Then restart the container from the Proxmox host:
pct reboot YOUR_CTIDInside the container, check Docker logs:
journalctl -u docker --no-pager -n 100If you still see storage driver, overlay, AppArmor, or permission errors, consider using a small Ubuntu VM instead. Docker inside LXC works well for many homelab services, but a VM is cleaner when you want stronger isolation and fewer container-runtime edge cases.
Redlib Container Starts but Browser Can’t Connect
Check whether the container is listening:
docker ps
ss -tulpn | grep 8080If your Compose file uses this:
ports:
- "127.0.0.1:8080:8080"Redlib’s only reachable from inside the Ubuntu container. That’s correct for reverse proxy setups, but not for direct LAN access. For direct access, use:
ports:
- "8080:8080"Then restart:
docker compose up -dRedlib Loads but Some Reddit Content Fails
Redlib depends on how Reddit responds to frontend requests. If Reddit changes behavior, some pages, media, or comment views may temporarily fail. Update Redlib first:
cd /opt/redlib
docker compose pull
docker compose up -dThen check the upstream project’s issues and releases on the official Redlib repository. Redlib is a fork and continuation of Libreddit, which became affected by Reddit API and scraping changes; the Redlib project exists to keep a privacy-focused Reddit frontend usable after those changes.
Docker Compose Says the File Is Invalid
YAML’s sensitive to indentation. Make sure spaces are used consistently and that your file is named compose.yml or docker-compose.yml. Test the file with:
docker compose configIf Compose prints a normalized version of the config, the syntax is valid.
Port 8080 Is Already in Use
Find what’s using the port:
ss -tulpn | grep 8080Change the host port in Compose if needed:
ports:
- "8081:8080"Then access Redlib at:
http://your-container-ip:8081Recommended Redlib Compose File for Homelab Use
For a direct LAN setup, use this:
services:
redlib:
image: quay.io/redlib/redlib:latest
container_name: redlib
restart: unless-stopped
ports:
- "8080:8080"
env_file:
- .env
security_opt:
- no-new-privileges:trueFor a reverse proxy setup, use this instead:
services:
redlib:
image: quay.io/redlib/redlib:latest
container_name: redlib
restart: unless-stopped
ports:
- "127.0.0.1:8080:8080"
env_file:
- .env
security_opt:
- no-new-privileges:trueAnd keep this .env file beside it:
REDLIB_DEFAULT_THEME=dark
REDLIB_DEFAULT_LAYOUT=card
REDLIB_DEFAULT_WIDE=on
REDLIB_DEFAULT_BLUR_NSFW=on
REDLIB_DEFAULT_USE_HLS=on
REDLIB_DEFAULT_HIDE_HLS_NOTIFICATION=on
REDLIB_ROBOTS_DISABLE_INDEXING=on
REDLIB_ENABLE_RSS=onSecurity and Privacy Notes
Redlib improves the browsing path by letting you view Reddit content through an alternative frontend, but it’s not a magic anonymity layer. Your Redlib server still makes network requests upstream, and your hosting provider, ISP, DNS resolver, or reverse proxy logs may still reveal traffic patterns depending on your setup.
For a private homelab instance, I recommend:
- Keep the instance behind your LAN, VPN, or authenticated reverse proxy if it’s only for personal use.
- Use
REDLIB_ROBOTS_DISABLE_INDEXING=onunless you intentionally want a public instance. - Bind Redlib to
127.0.0.1when using a same-host reverse proxy. - Update the container regularly, but check logs after each update.
- Avoid mixing unrelated public services inside the same LXC container.
If you expose self-hosted services outside your LAN, spend time on DNS, TLS, rate limits, and service isolation. A small frontend can still become noisy if it’s indexed or abused. For broader self-hosting patterns, the article on Docker service discovery is useful if your homelab already has Pi-hole, Caddy, or multiple Docker hosts.
Final Thoughts
Setting up Redlib on a Proxmox container running Ubuntu Server makes for a solid small homelab project: it’s lightweight, easy to back up, and simple to manage with Docker Compose. The most important parts are enabling the right LXC features for Docker, using Docker’s official repository, keeping the Compose stack clean, and deciding early whether Redlib should be directly reachable on your LAN or hidden behind a reverse proxy.
For most personal setups, an Ubuntu LXC with Docker Compose, quay.io/redlib/redlib:latest, and a small .env file does the job. If the instance becomes public-facing or mission-critical, move it to a dedicated VM, place it behind a proper reverse proxy, and treat it like any other internet-exposed web service.
