u/mouif-mouif

I used to have the following setup:

• a domain, let's say mydom.com
• Cloudflare resolving DNS names for my web services, say https://grafana.mydom.com.
• Containers on my server. None of them is exposing ports except nginx.
• nginx redirecting services, https://grafana.mydom.com to the container htpp://grafana:3000
• Cloudlfare providing the SSL certificate
• nginx being the ssl termination.

I moved to Tailscale, and without realizing it, I got rid of nginx and Cloudlfare:

• my containers are now exposing their ports to 127.0.0.1
• tailscale serve is configured to make the link between https://mymachine.tailnet.ts.net:3000 and http://127.0.0.1:3000
• tailscale managing ssl
• no need of Cloudlfare DNS, CF SSL, nginx

The only inconvenience is the domain name, from https://grafana.mydom.com to https://mymachine.tailnet.ts.net:3000, not very friendly name (if somebody has a hint to make it better, I'm all ears).

Security wise, do I miss something? I feel it was such an easy and smooth transition, I am afraid something is wrong.

Hi,

I'm currently testing different solutions to have a cloud storage for my photos/videos.

The goal is to move from G.Drive/Onedrive to a more privacy oriented solution.

So far, I like immich as a frontend (visualization of the photos). I run immich on my VPS. And immich has an exernal library feature, so I can mount any cloud storage, and I can use immich to vizualize, or even delete pictures (the file deletes will move to immich trash, then when removed from the trash will be removed from the cloud storage).

For the storage, I am looking as Filen, as it is end-to-end encrypted and works well with rclone.

I want to use the android app so that when I take a pic it is uploaded to filen (and therefore available for immich).

For the upload to work, the app needs to be opened (and active if I'm not wrong). I can live with that, I know that from time to time, I need to "run a backup" = open Filen app.

But I just realized that when I remove a photo from Filen, and the file is still on my phone, then the Filen app will upload it again. And this seems like a no go to me. Do I miss something? Is that Filen app so bad (at least for my needs)?

I checked also:

koofr: works well with rclone, android app is OK, but no end-to-end encryption

infomaniak kdrive: no rclone (I didn't check the rest)

proton drive: encryption fine, but rclone does not access the proton Photos folder

pcloud: only litetime plan (I didn't check the rest)

ente photos: didn't check (not in Europe so I didn't consider that solution)

edit: https://foldersync.io/ could be a solution for me to replace the file upload feature of Filen app.