hamsda
@hamsda@lemm.ee
- Comment on Searching advice for selfhosting critical data 1 week ago:
Just a misunderstanding, then. I did not intend to talk down on a hosting provider I don’t even know. Instead, I prioritize hetzner because I’m familiar with them and they’re based in europe.
- Comment on Searching advice for selfhosting critical data 1 week ago:
I didn’t intend to be elitist about anything and I actually fail to see the elitism by saying “that hoster is not about providing cheap storage”? Maybe there’s something in the english language I do not pickup on?
- Comment on Searching advice for selfhosting critical data 1 week ago:
Yeah, hetzner’s more about having your own servers than providing cheap storage.
- Comment on Searching advice for selfhosting critical data 1 week ago:
Proton also seems to be interesting. Privacy by default and being swiss based definitely are plus points.
Thanks for the mentions!
- Comment on Searching advice for selfhosting critical data 1 week ago:
you can run the open source control plane called Headscale instead of relying on Tailscale’s (the company) free service tier
Ah, that sounds more interesting. I still have time until I buy everything, there’s still going to be a lot of research, especially with all the ideas and feedback people have given me in this thread.
I’ll definitely try it, thanks!
- Comment on Searching advice for selfhosting critical data 1 week ago:
Thanks for the heads-up! Those sound like acceptable problems, as long as they’re temporary and my data is safe.
- Comment on Searching advice for selfhosting critical data 1 week ago:
Google is evil but I know that GDrive has pretty low prices on data storage […] Don’t forget to encrypt everything when uploading to these services!
That is what I am hoping for :) My free Google account grants me 15GB of online storage and my free Microsoft account provides me with another 5GB. The 15 GB should be enough for encrypted photo backups, while 5GB definitely is enough for encrypted calendar, contact and probably some document backups. I just need to find a way to automate backups to these.
based in the USA, priced at 3$/TB/month
If I am going to pay money for something and with how the world currently is, I’m going to use some EU based service. My only VPS resides at hetzner, if the need arises I will probably just add a storage volume to my VPS or upgrade it to the next tier.
- Comment on Searching advice for selfhosting critical data 2 weeks ago:
Up to personal preference if you trust a fork for this work
I see 3600 stars and I guess that’s kinda trustworthy :) I also do like some of the enhancements listed on the github page. I’ll try it, thank you very much!
- Comment on Searching advice for selfhosting critical data 2 weeks ago:
Then I give praise to you, for you are more prepared than any other individual I personally know of and even some smaller companies I had worked with.
- Comment on Searching advice for selfhosting critical data 2 weeks ago:
Okay so not critical, just mildly inconvenient if lost.
I wouldn’t put it at “mildly inconvenient”, as the photos I could lose can never be restored. Most of the other things can. I’d be really sad if I lost all the photos, but it wouldn’t threaten my existence in any way.
I’m sorry, I should have specified in more detail what I meant by “critical”.
It’s not life-threatening, it’s just critical to me. It’s kinda like “my priciest possession” could mean a yacht or a half-dead car, depending on the context.
- Comment on Searching advice for selfhosting critical data 2 weeks ago:
Not make or break by any means
That’s great to hear. I can always buy better hardware later and first test if things run with what I already have. I don’t like to have my IT wasting in some drawer.
Thank you for your advice!
- Comment on Searching advice for selfhosting critical data 2 weeks ago:
tailscale with headscale over openvpn
Is a vpn inside a vpn really improving security at all? Or is there a different reason to use tailscale inside a vpn?
- Comment on Searching advice for selfhosting critical data 2 weeks ago:
you can’t seem to restrict people commenting on a file you shared
That’s okay. My circle of friends I’d share files with is not all too big. So everything stays between a few people anyway.
Nextcloud often updates and sometimes breaks small things
Does breaking stuff happen often? I plan to use the docker image nextcloud:stable-fpm in the hopes of bypassing some bugged releases.
- Comment on Searching advice for selfhosting critical data 2 weeks ago:
I’ve done nothing special regarding security and have it exposed to the public internet. I intend on having fail2ban look at its logs but I’ve not yet set that up
That sounds kinda dangerous. I remember years ago, when I rented my first vcloud-server, within the first 10 minutes I had bots trying to get in via SSH. I’d be way too paranoid.
I would recommend having it entirely behind a VPN
Yes, that’s my plan. I intend to create a new OpenVPN server on my pfSense with access only to the nextcloud VM. This would also allow me to share the vpn config files with my friends without a password, as the authentication is done by inline-cert vpn config.
- Comment on Searching advice for selfhosting critical data 2 weeks ago:
Memos is pretty usefull for me. App on fdroid momemos is superb. Syncthig takes care of google drive ish needs. Immich for photos. Mealie keeps food interesting.
I’m going to have to test a lot of new android apps, I guess. Thanks for the mentions!
Regarding syncthing, according to gedaliyah’s answer here, syncthing will be dropping the android app :(
- Comment on Searching advice for selfhosting critical data 2 weeks ago:
Thank you for answering!
Good to know that most things I would need seem to be already working nicely in nextcloud :)
It should respect permissions though, so if you share a file with read access only, they won’t be able to edit it in the editor.
I’ll definitely have to try that before trying to send out links.
- Comment on Searching advice for selfhosting critical data 2 weeks ago:
Thanks for the tipp!
I’ll definitely try the native file editor and collabora, just to see how they compare for me. I even found a tutorial by nextcloud on how to integrate collabora (see this post)
- Comment on Searching advice for selfhosting critical data 2 weeks ago:
Except for maps. Man, there just is no substitute especially when mobile.
I thought there was an android app for open street maps, but I couldn’t find any on play.google.com either.
I do not recommend an external enclosure […] you’ll come to hate it for lack of ability
I feel kinda the same, but on the other hand, having a full-blown ATX system running in my living room isn’t going to be my first choice. If I can’t manage with the zotac mini PC, I can still take the drives out of the enclosure and put them in a full ATX case.
A docker AIO version of nextcloud running on as close to bare metal as you can is probably the best option for performance.
I’m not worried about performance all too much. The only thing constantly connected will be my phone, for syncing contacts, calendars and, every now and then, a new photo or two. Sometimes I open the calendar in my browser on my desktop or laptop to add / change an event. I really don’t use it too extensively.
And to aid in CPU and performance of the VM, I can always have a VM with the “host” CPU type, which should forward CPU capabilities and features to the VM.
- Comment on Searching advice for selfhosting critical data 2 weeks ago:
Thank you for the tipps!
A quick google search even reveals a nextcloud tutorial on how to install it . I’ll definitely try that out.
- Comment on Searching advice for selfhosting critical data 2 weeks ago:
DAVx5 basically acts as the connector between your server and your calendar/contacts/files apps
Thank you for the explanation. I’ll probably be testing a lot of FOSS apps on my current android before I make the switch, so it’s good to know that I have to look out not just for usability, but also connectivity!
- Comment on Searching advice for selfhosting critical data 2 weeks ago:
You’ve got a point, but now I gotta ask: Where do you store your original paperform documents? You know, the real-life critical things. Maybe I’m wrong, but I feel like most people store these things at home, possibly tucked away in a neat, little, sorted folder, for preservation. Which would be a nightmare for all the same reasons, but seems strangely accepted and widely practiced.
No data I own is life-or-death critical. Losing everything would be really bad, but many things can be restored in alternative ways, except the photos.
Also, I may be able to backup the most important stuff (which would only be a few GB at most) to an offsite server, as long as nextcloud (or an alternative) is able to export contacts, calendar and photos, or I can single these out in some other way. As long as this somehow works, I can rent a cheap hetzner server with a few GB of storage and have that be the backup target for the most critical stuff.
- Comment on Searching advice for selfhosting critical data 2 weeks ago:
Yes, you’re right. As David From Space said in this comment, the real critical data is far less then all of the backed up data.
So I definitely can have an offsite-backup, it just depends on if I can single these things out in nextcloud, possibly via regular export to the filesystem.
- Comment on Searching advice for selfhosting critical data 2 weeks ago:
If you really mean life-or-death critical
No data I own is “life-or-death” critical.
I can ask around for contact info again, same with calendar events I had planned. Some documents can be restored via the original service or by paying a fee to get a new original document, I still have folders full of originals in paper form. Some info can be restored by looking through my bank account or online buying activity. Losing my photos would be really sad, but nothing of that will kill me or destroy my life.
But I definitely can save the most critical stuff (probably a few GB only), if nextcloud (or some alternative) has the ability to regularly export these to an on-disk location. This way, some backup utility like restic or rsnapshot shoud be able to do the job.
- Comment on Searching advice for selfhosting critical data 2 weeks ago:
Now, just to throw it out there, my actual ‘critical data’ is way smaller than my total backed up data
That’s also the case for me. I’d probably count a few GB as critical. Contacts, Calendar, some photos, some documents.
If nextcloud (or some other alternative) has the ability to regularly export these things to an on-disk location, I could definitely backup that to some cheap hetzner server. This will not be a pbs backup, but I can get by with an offsite-backup done by something like restic or rsnapshot
Thank you for your advice!
- Comment on Searching advice for selfhosting critical data 2 weeks ago:
Thank you for sharing your experience of the process!
On my phone, I use DAVx5
I’m a little confused after looking at the website. What exactly does DAVx5 do? The regular re-sync of contacts, calendar and files itself? Shouldn’t that be done by the contacts app / calendar app on regular intervalls?
with Fossify apps
I just downloaded fossify calendar on my android a few days ago to test it and got to see the other fossify apps :)
syncthing phasing out android support
Oh man, I already use syncthing for ~5 GB of files and I use it on my android too. Seems I’ll be trying syncthing-android-fdroid in the future then.
There are tons of notes apps
There really are a lot! NotallyX looks nice and simple, but memos also looks very interesting. And thank you for the link, I’ll go dive into that tomorrow.
The one Google feature I am not able to reproduce is Google Messages
I do not need RCS-compatible messengers. What I send via SMS is nothing more than pure text, also no group chats. I use signal and element for my “fancy” messaging needs :)
I use Tailscale
I’ll look into it some more over the next days, but on a quick glance, this seems like it is an online service where you need an account? If that’s the case, I’d prefer using my already running OpenVPN server to do the job.
- Comment on Searching advice for selfhosting critical data 2 weeks ago:
Thank you for the tipp!
Though I gotta ask: would ZFS still bring an advantage, considering that the RAID is going to be managed inside the external RAID enclosure, so ZFS would never see the actual disks? Or did I misunderstand how these enclosures work?
- Comment on Searching advice for selfhosting critical data 2 weeks ago:
Are the documents you edit with the online editor files which are visible in the online drive? Does nextcloud use the open document specifications for saving documents (e.g. .odt, .ods)? Can you view these files without opening them in the editor (like the preview in google drive)?
If so, that is acceptable. The document thing is more for completion, I don’t handle documents all too often. And if the online editor is bad or not working but the files are visible and offline-syncable in the drive to some desktop client and they are using the open document format, I can edit them with libreoffice.
Thanks for the heads-up!
- Comment on Searching advice for selfhosting critical data 2 weeks ago:
Oh, it’s nice to hear somebody already did that, thank you!
Did you have any hiccups or general problems with nextcloud or calendar/contacts/photos sync? Did you do any specific thing to harden security, other than using
ufw
,fail2ban
and changingsshd
config? - Comment on Searching advice for selfhosting critical data 2 weeks ago:
Thank you for your input!
I also thought about the 3-2-1 backup rule, but am unsure if that is overkill.
My VM-backups and file-level-backups are proxmox backup server (pbs) backups. Meaning, to have them offsite, I’d need to rent a dedicated root server on which I am able to install pbs to act as an offsite sync-target. With TB of backups, this is gonna get very costly very fast.
I thought about regularly exporting encrypted calendar and contacts onto some free online storage, hoping I can automate this process.
With what I have layed out in my post, to lose contacts and calendar events, both my intel NUC and the zotac mini-PC have to be corrupted at the same time. Or both RAIDs simultaniously failing both drives. Am I not paranoid enough or is that an acceptable level of failure-safety?
- Submitted 2 weeks ago to selfhosted@lemmy.world | 69 comments