1·
26 days agoI’ve been using “passwords” on nextcloud for a few years now. Minimal issues with the app, moving apps, and browser extensions. Not perfect, but hey it’s self hosted and reliable.
Mikelius
Old Profile: https://beehaw.org/u/Mikelius
- 0 Posts
- 3 Comments
Joined 2 years ago
Cake day: September 14th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
My personal advice, secure it down to only permitting what needs it, regardless of your trust to the network.
Treat each device as if they’ve been compromised and the attacker on the compromised device is now trying to move laterally. Example scenario: had you blocked all devices except your laptop or phone to your server, your server wouldn’t have been hacked because someone went through a hacked cloud-connected HVAC panel.
I lock down everything and grant access only to devices that should have access. Then on top of that, I enable passwords and 2FA on everything as if it were public… Nothing I self host is public. It’s all behind my network firewall and router firewall, and can only be accessed externally by a VPN.
If you go for btrfs, be careful going backwards on kernel versions.
I had upgraded my kernel on Gentoo, which also happen to include a btrfs update. Booted up and found the latest kernel didn’t like something about my full disk luks encryption with RAID mirror setup (for the root partition, and unrelated to btrfs), so I decided to go back to the previous kernel. Big mistake.
My entire root partition got corrupted to hell. It mounted read only at first so I decided to try to go through regular repair steps. It got worse. Got to an eventual step that someone said could take a few weeks to restore (forgot the commands). This isn’t an option for my server. So with snapshots broken, unable to use the old and now new kernel due to corruption from attempting to go back to a previous kernel, I had to restore with a full partition clone backup I had created prior to the kernel upgrade… Also went back to ext4 again afterwards.
Btrfs treated me really well for a few years, and snapshots and performance are great, but once it hits a hiccup, you might in a world of trouble. Don’t think I’ve ever run into such a thing with ext4 over the years, which is why I reverted to it - not saying it’s immune to such things, but this is just me.
Not sure if zfs would have such a dramatic situation, but maybe something to consider about btrfs if you ever decide you’ll need the ability to go back a kernel version due to whatever reason.