• 0 Posts
  • 13 Comments
Joined 1 year ago
cake
Cake day: October 20th, 2023

help-circle


  • There’s a number of reasons. I would guess for most people here it’s really about control of their data, which is a form of privacy. Making sure it stays on their network (ie: in their control) unless they approve it to go somewhere else.

    There can be financial reasons (eg: backing up 10s or hundreds of terabytes to the cloud can get expensive), practical reasons (poor Internet access, especially internationally), latency/performance reasons (home automation). Sometimes you’ll also get better interoperability with selfhosted stuff since exporting data is usually trivial and there’s no walled garden lockin. And that’s not everything, just a few reasons I can think of off the top of my head.

    But you’re right that some of these are often not the case. It can easily become more expensive (depending on how you account for things), it’s definitely more work & it’s never as easy as “just install and app and create an account”.

    Finally we can’t forget that a not insignificant number of people here are aspiring (or actual) sys admins. This is a GREAT way to learn the trade if that’s your thing.





  • Mostly it depends on the size of your pool and the type.

    My TL;DR is that enterprise drives are likely overkill and aren’t worth the extra cost (yes I can construct a cornercase where they prevent data loss but you’d need it to happen on multiple disks simultaneously, if you’re that worried spend the money on extra backup!). Anything marked RAID or NAS is fine. Don’t put anything designed to save energy into a NAS (eg: WD greens).


  • Permissions are a great example of they’re impossible until they’re easy.

    The reason you’re seeing people say they’re easy is because they get permissions. They mindset where linux permissions has clicked for them, and once that happens it actually becomes difficult to remember why things are hard.

    The secret is, that’s basically everything in this hobby/field. I’ve spent months trying to understand things that are now trivial to me.

    The best thing I can say is Google, talk to friends, play around with them–not just ‘this container’ but make your own user (or many users), try and do things, and/remove permissions until it changes. Make predictions as you do this and see ahat you can understand and what’s still confusing you. Others have recommended chatGPT, and that’s fine too as a source to hopefully give you insight–much like a random blog explaining permissions.

    Best of luck, the only thing I can say is don’t give up for good but definitely don’t worry about giving up for the weekend to give yourself a break! You’ll get there and one day it’ll be easy.


  • TL;DR: Probably not, but you may find it useful for other reasons.

    Full thoughts: VPNs and Reverse Proxies are different things, a Reverse Proxy doesn’t replace a VPN but can supplement it.

    VPN connects you to a network that you’re not physically on, encrypting your traffic along the way. Once traffic hits the network, the VON has done it’s job. Think of it as a limo. You can’t tell what’s inside but it gets you there safely.

    A Reverse Proxy has no effect on traffic until it’s at your network. It’s like a directory listing in a shared building, you can have 10 offices in a building with 1 door but you need a way to get to the offices once you go through the main door.

    So what does that have to do with security? Well, first of all a reverse proxy is specifically designed to be internet facing, not every other webservice is…so things like malformed HTTP traffic will be dropped before it gets to the web service you’re running. Reverse Proxies also handle redirects, HTTPS (some webservices can handle TLS but it’s often put off to the proxy), and plenty of other features. Of course a VPN has all that same security (being designed to be webfacing).





  • There’s two options that are popular, as you may have guessed from the comments.

    Vaultwarden is (my guess) the more popular one with a server & web interface managing your password database on that server.

    KeePass is a standalone tool that relies on a local database file. You’ll see other names like KeePassXC as that’s the Linux client, anything that’s roughly KeePass is all the same concept --and importantly, compatible with the same encrypted database file of passwords.

    It’s worth noting that Vaultwarden stores your passwords locally in case you can’t get to your server, and KeePass has very good built-in syncing over files. And since KeePass is just dealing with that file you can easily get it to your phone (or even in a browser) with something that does file sharing over the web like Nextcloud. Anything webdav or syncthing will work for sharing the file but Nextcloud has a great plugin to ALSO let you use the KeePass file directly in nextcloud web interface.

    Personally I use KeePass as I hadn’t heard of Vaultwarden when I started but with the file sync on save feature I have KeePass syncing to my NAS from both laptop & desktop. With NC I have it syncing to the web using the NC file/folder sync tool. With thr NC app I can use it on any browser. With the Android app I can sync the database from NC to my phone. I’ve got copies of the database everywhere and I can’t imagine losing it (exactly what I want with everything, but especially passwords).