I would go with a managed Nextcloud provider, it’s such a pain to manage self hosting Nextcloud specifically.

Be extra vigilant with your backups though, free stuff always has a higher chance of weird stuff happening, once they just removed my VPS after my trial ended and told me to re-create it.

Dynamic DNS is free generally, for example if you put your domain on Cloudflare or another DNS host with an API that is supported you can just update the A records automatically on IP change.

Yeah they get a lot of users due to the free plans they offer, so I imagine there’s just a lot of reviews as a result, both good and bad.

Also due to the free plan and being commonly used by home lab groups or small businesses, I think there are a lot of users that don’t fully understand what they’re getting into with CF and may be upset when they find out later on.

If you follow their ToS and understand what cloudflares proxy is doing to your traffic then it all works just fine.

I imagine trustpilot is where people go to vent about bad service because it’ll come up when you search for cloudflare reviews.

Yeah, and it allows directly passing through storage, otherwise I use VMs if I don’t need to do that.

I do LXC, just seems easier since I can mess with things and use Cockpit or whatever to manage it, without worrying about the host system.

Debian is my vote, that’s what I run on all of my servers, containers, and VMs.

Are we acting like Linux couldn’t have the same thing happen to it? There are plenty of things that can break boot.

IIRC it also stores your account password server side and stores your emails there too, it’s literally just webmail.

Bitwarden + Vaultwarden server. Or KeepassXC.

I don’t recommend using the browsers password manager.

With vaultwarden it’s very easy, just change the port map in the docker compose file on the host side. No idea how to do it with the official server stack.

It can be done if you implement a reverse proxy in front of the services.

IMO backups on the same provider aren’t really backups. Good that they had some at a different one.

if I want to use noreply[at]mydomain.com with mailgun, I need to click a link sent to that address, which to me feels like a catch-22. How can I receive that email if I don’t have the email service set up yet?

In this case mailgun is a email sending service, so no matter what you’d need another email service to receive email.

Hmm maybe these are outgoing traffic in that case, does it tell you the src/dst info?

It’s normal to get scans/attempts on any public IP.

That said, malwarebytes is usually run on personal computers, do you have ports forwarded to your PC from the internet?

Haven’t used it myself, but this supports some of them: https://github.com/openshwprojects/OpenBK7231T_App

This might cover it for non ESP devices: https://github.com/openshwprojects/OpenBK7231T_App

You could run pixelfed without federation enabled: https://pixelfed.org/

It’s like instagram, so should be good for sharing photos and stuff with space for comments.