I switched from nextcloud to seafile. Their app has paid file search for android app. Also full text search is paid. The docker also seems to crash a lot.

I’ve been testing owncloud ocis and it works really well. Just trying to figure out a few things for single sign on, but the app otherwise works really well.

The android app has had downloads for years, they just download the entire file to your phone.

Streamyfin is a newer android app that also works very well with downloads.

Borgbase is remote

I used to use a docker container that makes db dumps of the database and drops it into the same persistent storage folder the main application uses. I use this for everything in docker that had a db.

Immich as recently integrated this into the app itself so its no longer needed.

All my docker persistent data is in a top level folder called dockerdata.

In that I have sub folders like immich which get mounted as volumes in the docker apps.

So now I have only 1 folder to backup for everything. I use zfs snapshots to backup locally (zfs auto shot) and borgmatic for remote backups (borgbase).

All my dockers all compose files that are in git.

I can restore he entire server by restoring 1 data folder and 1 compose file per stack.

this is great info, thanks. I don’t think its the issue right now, I think I need to define the roles in owncloud which I tried to do but it still doesn’t work. I’ll ask on the owncloud forums but these custom scopes might still be needed at some point. thanks.

tried this and also tried making a role in authentik assigned to the group called ocisAdmin and added the admin user to it, it still gives the same error. Seems like I need to define a proxy.yaml file in owncloud with the roles, I did this and it still doesn’t work.

tried this, created a group called ocisAdmin and added the admin user to it, it still gives the same error. Seems like I need to define a proxy.yaml file in owncloud with the roles, I did this and it still doesn’t work.

Its an automation software for borg backup to run on a schedule and keep a certain number of backups while deleting old ones etc.

All persistent storage from my dockers are in a folder. All I have to backup everything is backup this one folder along with my docker compose files (in git).

Locally there are zfs snapshots (autosnapshot) and for remote I use borgmatic.

Borg to :

1. Local server
2. Friends server
3. Borgbase

I would but the other side isn’t zfs so I went with borg instead

Local zfs snap every 5 mins.

Borg backups everything hour to 3 different locations.

I’ve blown away docker folders of config files a few times by accident. So far I’ve only had to dip into the zfs snaps to bring them back.

Most reverse proxies can only do http traffic. Traefik can do TCP and UDP, the camera is probably UDP

Yes, hairpin can make it work but some routers don’t seem to do it well.

The other issue is that on wireguard by DNS is set to pi hole and without doing this my internal stuff wasn’t working without doing this

Others have already answered but this might help understand.

On cloudflare DNS, I set my domain to point to external IP address my ISP gives me for my router. Ie example.com points to 107.474.274.12

Within my network, my internal DNS (pi hole) is set to point to the internal IP address of my server. Ie example.com points to 192.168.1.23

Note that in the first example, the router has port forwarding so that all https traffic (port 443) is forwarded to the internal IP of my server, 192.168.1.23. I’m both example, the traffic ends up in the same place but the route it takes depends on if the traffic starts inside my network (example 2) or outside of the internet (example 1).

Just as an FYI its done like this because its vastly faster than flat files.

This is also the reason why NextCloud has lots of complaints about speed and files getting locked and not syncing properly.

Apps that are way faster (seafile, owncloud GO) use proprietary file stores.

Obsidian Live sync works extremely well and quickly to the point that the update speed is almost like a google docs with multiple editors. Couchdb is why.

Lol at the obsidian criticisms in the self hosted community :)

Couchdb is like 20 years old and not exactly ‘novel’

I setup a docker for his like 2 years ago and did nothing other than update once in that time. Live sync has otherwise been rock solid on multiple devices.

Obsidian not being open source is very valid criticism. The above 2 things really aren’t.

What was wrong with obsidian?

The self hosted live sync plugin has been rock solid between my windows, Linux and android clients.

I do exactly this with traefik.

ie: Seafile.domain.com

Vaultwarden.local.domain.com

I followed this guide: https://youtu.be/liV3c9m_OX8

I suspect most people open it via subdomain or cloudflare tunnel and it seems secure enough. Haven’t seen reports of people getting hacked left and right.

VPN Certainly is more secure and works for a few people but becomes annoying if you have users that don’t want to mess with a VPN. It also helps if you want to make a public share link to someone without an account.

Wireguard uses public and private keys which are designed from the ground up to be used over plain text to establish the handshake so it isn’t an issue. Same idea with ssh keys and ssl keys