I don’t know how much hackery and fuckery there is with docker specifically. The majority of what docker does was already present in the Linux kernel namespaces, cgroups etc. Docker just made it easier to build and ship the isolated environments between systems.

I assume portainer communicates via the docker socket? If so, couldn’t you just point portainer to the podman socket?

As a Brit… … yeah actually

Ah, I’m not giving a full picture there. Technically you can use layered encryption like tor uses on the clearnet. Tor additionally exposes tor-only services that route exclusively via tor’s onion routing (not just http wrapped inside an encryption onion).

i2p works differently under the hood, but the shared piece is exclusive services, only accessible through a non-standard protocol. That’s how you’d get a different web. Unless we’re talking physical layer stuff.

Basically. Look up onion routing (tor protocol).

Still doesn’t stop them being used against you. If they’re published by “choice” I think that’s easier on the soul, if still painful.