Some commands:

```console
$ lxc image alias list images:
$ lxc info <name>
$ lxc config edit <name>
$ lxc config show <name>
$ lxc exec <name> bash
# Some limits
$ lxc config set <name> limits.memory 512MB
$ lxc config set <name> limits.cpu 2
$ lxc config set <name> limits.cpu.allowance 50%
$ lxc config set <name> limits.memory.swap false
$ lxc config device set <name> root limits.read 30MB
$ lxc config device set <name> root limits.write 10MB
$ lxc config device set <name> root limits.read 20Iops
$ lxc config device set <name> root limits.write 10Iops
$ lxc config device override <name> root size=20GB
$ lxc profile device set default eth0 limits.ingress 100Mbit
$ lxc profile device set default eth0 limits.egress 100Mbit
# Port isolation make the container unable to see other containers that are also in port_isolation mode
$ lxc config device set <name> eth0 security.port_isolation=true
$ lxc profile device set default eth0 security.port_isolation=true
$ lxc 
$ lxc launch images:debian/11 <name>
$ lxc config set <name> environment.LC_ALL=en_US.UTF-8
$ lxc list
$ lxc storage volume list <storagename>
$ #mode privileged
$ lxc launch ubuntu:20.04 test -c security.privileged=true -c security.nesting=true
$ lxc config device add test ssh proxy listen=tcp:0.0.0.0:2222 connect=tcp:127.0.0.1:22
$ #Create a backups volume in the local (default) pool (ZFS) and use it for backups
$ lxc storage volume create local backups
$ lxc config set storage.backups_volume local/backups
$ #Create a images volume in the local (default) pool (ZFS) and use it for images (containers images downloaded)
$ lxc storage volume create local images
$ lxc config set storage.images_volume local/images
$ lxc config device add $containerName $deviceName disk source=/home/foo path=/home/foo
$ lxc config device add $containerName $deviceName disk source=/dev/<disk> path=/home/foo
```

Path:

- /var/lib/lxd/
- /var/snap/lxd/common/lxd/


Entering LXD namespace managed by snap (to access ZFS mount points for example):
```console
# nsenter -t $(cat /var/snap/lxd/common/lxd.pid) -m
```

Some packages I like to install on fresh containers install:
```
vim
postfix
logrotate
etckeeper
iputils-ping
dnsutils
```

Some initial steps:

- Enable journald
- Set hostname (create /etc/hostname on Archlinux!)
- Configure postfix

Disable getty for old containers images:
```console
# sed -i 's/^tty/# tty/g' /etc/inittab
# systemctl disable getty@tty{1..4}
# reboot
```

Nginx memo:
```nginx
set_real_ip_from W.X.Y.Z;
#real_ip_recursive on;
real_ip_header X-Forwarded-For;
log_format custom '$http_x_forwarded_for - $remote_user [$time_local] '
  '"$request" $status $body_bytes_sent '
  '"$http_referer" "$http_user_agent"';
access_log /var/log/nginx/access.log custom;
```