Yes, hairpin can make it work but some routers don’t seem to do it well.

The other issue is that on wireguard by DNS is set to pi hole and without doing this my internal stuff wasn’t working without doing this

Others have already answered but this might help understand.

On cloudflare DNS, I set my domain to point to external IP address my ISP gives me for my router. Ie example.com points to 107.474.274.12

Within my network, my internal DNS (pi hole) is set to point to the internal IP address of my server. Ie example.com points to 192.168.1.23

Note that in the first example, the router has port forwarding so that all https traffic (port 443) is forwarded to the internal IP of my server, 192.168.1.23. I’m both example, the traffic ends up in the same place but the route it takes depends on if the traffic starts inside my network (example 2) or outside of the internet (example 1).

Just as an FYI its done like this because its vastly faster than flat files.

This is also the reason why NextCloud has lots of complaints about speed and files getting locked and not syncing properly.

Apps that are way faster (seafile, owncloud GO) use proprietary file stores.

Obsidian Live sync works extremely well and quickly to the point that the update speed is almost like a google docs with multiple editors. Couchdb is why.

Lol at the obsidian criticisms in the self hosted community :)

Couchdb is like 20 years old and not exactly ‘novel’

I setup a docker for his like 2 years ago and did nothing other than update once in that time. Live sync has otherwise been rock solid on multiple devices.

Obsidian not being open source is very valid criticism. The above 2 things really aren’t.

What was wrong with obsidian?

The self hosted live sync plugin has been rock solid between my windows, Linux and android clients.

I do exactly this with traefik.

ie: Seafile.domain.com

Vaultwarden.local.domain.com

I followed this guide: https://youtu.be/liV3c9m_OX8

I suspect most people open it via subdomain or cloudflare tunnel and it seems secure enough. Haven’t seen reports of people getting hacked left and right.

VPN Certainly is more secure and works for a few people but becomes annoying if you have users that don’t want to mess with a VPN. It also helps if you want to make a public share link to someone without an account.

Wireguard uses public and private keys which are designed from the ground up to be used over plain text to establish the handshake so it isn’t an issue. Same idea with ssh keys and ssl keys

Split tunneling with wireguard is probably the best way for this.

There are many tutorials, here’s an example: https://ssh.sshslowdns.com/wireguard-split-tunnel-config/

This will let you have some things on wiregusard and some not

You do not need anything else. DNS requests are all sent over Wireguard with encryption

Use ddns on your router with a domain so you can then get something like wireguard.example.com and then use that as the endpoint in your wireguard.

Set the wireguard DNS as your pihole.

To make life easier set your home network IP space to something that another WiFi would never use, ie 192.168.46.xx

That way it will never conflict if you are on a public WiFi and you can access anything on your home lab when you need.

I’ve been using this setup for years on laptop, phone etc

I haven’t tried them but some people have made templates for obsidian

https://github.com/martinjo/obsidian-gym-log

I did an inplace upgrade of gitea to forgejo. No issues.

I’ve been self hosting this for 2 or 3 years now.

There has been zero maintenance other than the occasional update button

I use it for my docker compose files that portainer pulls from with the click of the button to update my containers when needed.

I edit the files in VS code with the git plugin and it works without issue

Btrfs only has issues with raid 5. Works well for raid 1 and 0. No reason to change if it works for you

Never done it myself but I think this example goes over the mounting

https://owncloud.dev/ocis/guides/migrate-data-rclone/

FWIW the file system it uses ‘decomposedfs’ can be read by other applications like rclone if needed.

Also ocis is working on a ‘normal’ file system with a few tradeoffs:

https://owncloud.dev/architecture/posixfs-storage-driver/

Freecad in a VM with a remote viewer like guacamole?

Not sure what you mean by expects oauth.

I’ve been testing it and it works very well so far in my tests with just a normal user name and password to login.

I’ve actually been meaning to work on getting oauth connected to my authentik but haven’t gotten around to it yet

So far the server seems very solid and the clients for android and windows also seem very good.

See also the linkdroid app on f-droid so you can use the share button to add links from your phone quickly. Works really well and I use it with single sign on as well.

IOS has an app as well lol

The vast majority of selfhosters probably don’t but if you want its called a private repository

https://www.digitalocean.com/community/tutorials/how-to-set-up-a-private-docker-registry-on-ubuntu-20-04