1. Forum
  2. DOVE-Net
  3. Internet

  • Re: Someone should make that happen..

    From Tracker1@VERT/TRN to poindexter FORTRAN on Fri Sep 3 18:43:50 2021
    On 7/20/2021 6:54 AM, poindexter FORTRAN wrote:
    If you like the Google Drive approach, Nextcloud would also work, pluss
    it has its own integrated password management solution via plugins.

    If I ever move back to a "real" ISP, the first thing I'll do is put a box on a UPS at my house and go back to self-hosting. I did that way back when on a server-friendly ISP and enjoyed running my own services.

    I could put it on a VPS, but the data would be (I think) unencrypted and in the cloud - unless I'm mistaken. If there was a way to encrypt data at rest, I'd be all over that.
    If you self-host in the cloud, you can use an encrypted volume if you
    like, but given that volume can boot without a passphrase, it doesn't
    provide *that* much security. A few people will use FUSE mounts for the
    likes of S3 or similar, then encrypt that data... it'd be at rest across
    a different system than the server itself, which is slightly better.

    Getting my pihole and wireguard setup this weekend, at least that's the
    plan.
    --
    Michael J. Ryan - tracker1@roughneckbbs.com
    ---
    þ Synchronet þ Roughneck BBS - roughneckbbs.com
  • From Arelor@VERT/PALANT to Tracker1 on Sun Sep 5 08:29:35 2021
    Re: Re: Someone should make that happen..
    By: Tracker1 to poindexter FORTRAN on Fri Sep 03 2021 06:43 pm

    On 7/20/2021 6:54 AM, poindexter FORTRAN wrote:
    If you like the Google Drive approach, Nextcloud would also work, pluss >> it has its own integrated password management solution via plugins.

    If I ever move back to a "real" ISP, the first thing I'll do is put a box a UPS at my house and go back to self-hosting. I did that way back when on server-friendly ISP and enjoyed running my own services.

    I could put it on a VPS, but the data would be (I think) unencrypted and i the cloud - unless I'm mistaken. If there was a way to encrypt data at res I'd be all over that.
    If you self-host in the cloud, you can use an encrypted volume if you
    like, but given that volume can boot without a passphrase, it doesn't provide *that* much security. A few people will use FUSE mounts for the likes of S3 or similar, then encrypt that data... it'd be at rest across
    a different system than the server itself, which is slightly better.

    Getting my pihole and wireguard setup this weekend, at least that's the plan.

    A good way to store data safely in a Virtual Private Server is a FUSE encryption layer such as Cryptomator. I am not a big fan of Cryptomator but the concept is neat. Your file synchronization tool only sees encrypted files, and your VPS only sees encrypted files. However, in your own computer you work with unencrypted files in a transparent manner.

    Much better than using a Veracrypt volume or similar solution, for file sync tools at least.

    --
    gopher://gopher.richardfalken.com/1/richardfalken

    ---
    þ Synchronet þ Palantir BBS * palantirbbs.ddns.net * Pensacola, FL