Thanks for your input!

That looks cool, but as you said maybe a little overkill, hehe. I’ll still check it out in more detail, in any case good for later!

For installing plugins, I am fine with it, but would not want any telemetry being sent somewhere without my knowledge. The data collected should stay on my server.

Thanks for the recommendation! I’ll check it out. Simple sounds good for mye use case.

Thanks for the recommendation, I’ll check that out in more detail!

Ah, I see. What kind of disk usage are we talking about over e.g. one month? I am (at least for now) not necessarily interested in long term storage (but the data hoarder in me might quickly change that).

What are you looking for in a host?

Hm, after the initial upload, it shouldn’t really generate much traffic if I can only manage to upload the diff, so it might not be much of an issue for me. I am not yet really familiar with tools like rsync and rclone, and also don’t know how the changes are stored in the Borg repo (e.g. if I move a 1 GB file from one folder to another, does that get picked up as a 1 GB change by the syncing tools?), so I would need to do some more research to see if that would be achievable.

Hetzner also looks nicely priced, but it would’ve been nice if I could choose an even cheaper tier with less storage, as 1 TB is quite overkill for this particular use case. I could of course use it to backup other things.

Not a requirement that it is E2EE, as the Borg repo is already encrypted. Guess my knowledge of these services is biased towards E2EE from previous research for use cases where that was a requirement.

Thanks for the tip, hadn’t hard about Backblaze before. Very reasonable pricing. Would a good strategy then be to schedule rclone to have it synced, or are there other ways that would be better?

This is probably where my lack of knowledge in networking shines through more than ever, but I kinda thought that local IPs would be handled locally and not depend on which DNS servers I use? But I guess that if VPN is active and has not been explicitly told to allow local connections through split tunneling, then it actually do make that request with whatever DNS server I use, which obviously couldn’t resolve some random local hostname?

Nice!

Ah, that would explain it. I could set up split tunneling on a per app basis only in my current VPN, and not IP, but it works. However, I am in the process of migrating to ProtonVPN now. Here the “per app”-permission also works, and it does have the option to allow certain IPs, but I was not able to get it to work.

Just checked this, and “Allows local access” is checked in the VPN application, and “Block all non-VPN traffic” is unchecked in Android settings.

About potentially overlapping IPs: I did check, and they were all different (server, laptop, phone).

They are different, but share the first three numbers.

Thanks for the tip. I will be looking into setting up SSH keys fairly soon, and look more into strengthening ciphers et al.

From a practical point of view, what is the likelihood of a brute-force login attempt to succeed? There are plenty of login attempts, but most of them are for root, and as I’ve disabled root-login that will fail no matter what. Other attempts are typically for generic other names such as ‘admin’, ‘user’ and ‘test’ that has no associated user on the server, as well as some weird choices that I can only imagine comes from some database breach.

That sounds convenient, and having looked at some videos, it seems very nice. I can see myself using this for things that I need to work properly, like Nextcloud, and maybe host other services in a more complicated way, to be able to learn more.

A log is a very good tip - I’ll definitely start with that.

Thanks for the description, I’ll look closer into this and see if I can get this to work (on a test server at home first… :)).

This thread is the first I’ve heard of Podman - is this something I should look into in favor of Docker, or would you say it is more a case of “pick one and stick to it”?

Great tip - I don’t see myself running multiple servers, and I will be the only user needing access to them, so I guess ssh keys are sufficient.

Thanks, I’ll look into it. Is it primarily ease of use that makes you prefer this over running Docker on a more standard distribution?