How so? I have HTTPS on internal sites, I just use DNS validation to get the certificate.

What is the security risk of adding HTTPS to a site going via VPN?

I highly recommend spinning up a Nextcloud AIO instance. It’s the recommended and supported method, and it will likely run a lot nicer because all the database, redis, etc tweaking are done for you in a known good setup.

If you try that and it’s still no good, then OCIS might be worth trying depending on exactly what you are trying to achieve.

I’m also here on AIO with a great experience. It’s snappy and the website loads faster than Onedrive ever did.

I had a docker install prior to AIO being available, and there was a lot of tweaking to get it running nicely (though it did run nicely). AIO takes care of it all for you.

Others might have suggestions. I run everyhting in docker. I then use Traefik as the reverse proxy in docker, where you add labels to the containers you want it to handle and it works things out on it’s own. I have also configured it to do certificates automatically, including automatic domain validation using a Cloudflare API.

Caddy and Nginx Proxy Manager are other popular ones that can configure HTTPS certificates for you.

You don’t have to overthink it. Choose a reverse proxy you like. If it does automatic certificates, that’s great. If not, Let’s Encypt (which most of these services use for the free certificates) have a certbot program you install and run on a cronjob to renew certificates.

Owncloud Infinite Scale was a rewrite of the codebase to get away from PHP. In theory this should be better able to run on lower end hardware. People tend to say they use it if they are only wanting the file part and not all the apps. Personally I use Nextcloud because I want the apps.

Automatic certificate renewal is built into many reverse proxies, and can be done for free, so I don’t see a reason not to do it.

Nextcloud has federation of some features so I’d guess that would be a key reason you can’t change the domain (you also can’t change a Lemmy domain once set up). However, you’re using it for file sync for yourself, right? Regardless of what you pick (even Nextcloud), you could surely just set up a new instance under the new domain then move all your files over.

I don’t think it’s really true these days that it needs a lot of config. Maybe reverse proxies will do it for you automatically without much setup.

I am curious what the security risks are for HTTPS for a service that will already be accessible remotely?

OwnCloud Infinite Scale might be the option you missed?

Nextcloud was forked from the PHP Owncloud some years back, and they added all the apps and things. But Owncloud is like Nextcloud but focused only on the files.

I am a bit concerned that you’re talking about not wanting HTTPS and see it as a bad thing that something requires it. Given you can get free certificates these days, why would you not want a secure connection? Even if you’re accessing via a VPN to server tunnel, I see no reason not to have it.

I’m sure you have a backup and that you’ve tested restoring it. Just have another machine that is available in the case something happens to the first.

E.g. I somehow fried the motherboard of my server while cleaning it. It took me days to troubleshoot the issue.

But I also have an old laptop strapped to the back of my TV that is used to stream media using Kodi. When this event happened, I installed a more appropriate OS on the TV laptop and restored my backup and was up and running in an hour or two. Then I could take the time to troubleshoot my issue and resolve it on my main server.

I’m starting to wonder if a mailpit instance is a bad idea. Just a page you go to where any email goes, make sure it’s not externally accessible.

I do nightly borg backups of much more than 200gb. The idea of incremental backups is you’re only doing the changes, and photos don’t tend to change.

What challenge did you come across with a 200GB backup?

Looks like it’s one of those sites that let you easily host an instance of various sites, one of which includes Lemmy.

I’m not sure who will be affected but if it’s anyone, probably mostly single user instances.

Well according to the OP, it’s a list they offer for free and it’s integrated with many browsers including Firefox…

If I’m on my local network hosting my locally hosted services, I do.

Can confirm, I’ve recently got some cameras and set up Frigate and it’s been great. Not using Reolink but the ones I have work well enough. I have a TPLink that I like, and a Hilook starlight camera that I am not convinced on as it doesn’t seem to have auto-exposure adjustment. Both work well for object detection, though there’s a bit of a learning curve with frigate needing to be configured via YAML for a lot of things.

I’ve also started playing with Frigate’s face detection but I don’t think the cameras are really positioned for it. It probably makes more sense for a front door camera getting a good view of the person.

I’ve also got Home Assistant picking up the frigate camera streams which works well too.

Yup, seems the issue for this is still open.

I have local storage for my photos, then backup to object storage using Borgmatic and Rclone to B2. But you’re right, you can’t directly use object storage with Immich.

Local storage on a VPS is expensive, and I’ve never been happy with a lower powered server serving media. Personally I self-host and send a backup to Backblaze B2 for offsite (using Rclone).

I use Borgmatic for incremental, deduplicated backups but make sure you save your encryption key somewhere you can access it if your house burns down.

I think you might be right. Others are talking about a rocky start but reading through the recent release notes it seems like a potentially unrelated issue with a release of a new timeline.

I’m really happy to see this post acknowledge speed issues where there are many items, 100k+. I have around this and have always found Immich to be laggy, while others say how it’s the fastest ever.

I will have to give it another go.

Made up spellings are bad, but good luck searching for anything that isn’t a made up spelling or two words put together.