This should help
This should help
Vaultwarden itself is actually one of the easiest docker apps to deploy…if you already have the foundation of your home lab setup correctly.
The foundation has a steep learning curve.
Domain name, dynamic DNS update, port forwarding, reverse proxy. Not easy to get all this working perfectly but once it does you can use the same foundation to install any app. If you already had the foundation working, additional apps take only a few minutes.
Want ebooks? Calibre takes 10 mins. Want link archiving? Linkwarden takes 10 mins
And on and on
The foundation of your server makes a huge difference. Well worth getting it right at the start and then building on it.
I use this setup: https://youtu.be/liV3c9m_OX8
Local only websites that use https (Vaultwarden) and then external websites that also use https (jellyfin).
Futo voice to text works nice and fast on my pixel 8 pro. Fractions of a second slower than google. Also that’s with the slower English 74 library (more data point, slower). They have an even larger one but the default is the smaller and faster English-39 model
And borgmatic makes retention rules with automatic runs super easy. It basically a wrapper that runs borg on the client side.
I’ve been using this for a few months now. Its really great.
Same with jellyfin.
They basically don’t accept recurrent donations on purpose
I’ve got multiple apps using LDAP, oauth, and proxy on authentik, I’ve not had this happen.
I also use traefik as reverse proxy.
I didn’t manually create an outpost. Not sure what advantage there is unless you have a huge organization and run multiple redundant containers. Regardless there might be some bug here because I otherwise have the same setup as you.
I would definitely try uploading everything to the latest container version first
For people wanting the a very versatile setup, follow this video:
Apps that are accessed outside the network (jellyfin) are jellyfin.domain.com
Apps that are internal only (vaultwarden) or via wireguard as extra security: Vaultwarden.local.domain.com
Add on Authentik to get single sign on. Apps like sonarr that don’t have good security can be put behind a proxy auth and also only accessed locally or over wireguard.
Apps that have oAuth integration (seafile etc) get single sign on as well at Seafile.domain.com (make this external so you can do share links with others, same for immich etc).
With this setup you will be super versatile and can expand to any apps you could every want in the future.
The same as for anything else if your phone gets stolen. You restore from backups.
Aegis allows you to make a backup that you can keep yourself on your computer, your own cloud storage etc.
Every OS has some kind of built in vault/encryption feature. Put the file in there. It only needs to be updated when you add another 2fa account (so very infrequently)
Don’t use cloud based 2fa and you won’t need to wonder about this.
Aegis is one of several opensource 2fa apps you can use instead.
Not using cloud based 2fa which is dumb to begin with
FWIW collabora and open office can integrate with other clouds like Seafile and owncloud Infinite scale. So even without NextCloud it can be used. It can also be used stand alone.
I don’t remember all the details. They never went closed source, there was a difference in opinion between primary devs on the direction the project should take.
Its possible that was related to corporate funding but I don’t know that.
Regardless it was a fork where some devs stayed with owncloud and most went with NextCloud. I moved to NextCloud at this time as well.
OwnCloud now seems to have the resources to completely rewrite it from the ground up which seems like a great thing.
If the devs have a disagreement again then the code can just be forked again AFAIK just like any other open source project.
Oh never mind, I saw this finding announcement for 6M and assumed it was the same company. Looks like they have many corporate investors…doesn’t inspire too much confidence.
Although they are still using the Apache 2 license and you can see they are very active in github. It does look like it’s a good FOSS project from the surface.
Ya it was bought by kiteworks which provides document management services for corps (which explains why that mention traceable file access in their features a lot).
That being said, they bought them in 2014 it seems and it’s been a decade now
Correcting: they were bought very recently, they have been accepting corporate funding for more than a decade however. That’s not bad in and of itself.
Thank your for providing first hand perspective. I’ll probably try to spin up a docker deployment for testing.
I don’t really plan to use many of the plugins since I think that was the down fall of NextCloud. Trying to do everything instead of doing it’s core job well.
Did not know this. Thanks!
Looks like Kiteworks invested in OwnCloud in 2014 and they still seems to be going strong with the OSS development which is a good sign.
This probably explains why there are so many active devs on the project and how they got a full rewrite into version 4 relatively quickly.
Already seems to have more features than Seafile.
I had NextCloud on a Ryzen 3600 with NVME zfs array. While faster that my previous Intel atom with HDD + SSD cache, Seafile blows it away in terms of speed and resiliency. It feels much more reliable with updates etc.
True, but the downside of cloudflare is that they are a reverse proxy and can see all your https traffic unencrypted.
If you use a KDE desktop
https://github.com/Bismuth-Forge/bismuth
Many tutorials available for this