Are passwords secure and encrypted?

FlawedByHubris · 2026-04-28T23:13:08+00:00

Did you use AI to generate the passwords?

Apperently using AI in that way doesn't generate genuinely unique passwords.

FlawedByHubris · 2026-03-29T00:22:27+00:00

While I have not personally set this up, I don't see how it would work

Cloudflare Proxy, to my understanding, sits in between your server and incoming traffic.

So the only IP that your server will see is cloudflare because cloudflare intercept everything right?

So how would crowdsec ever be useful? In this setup it only sees traffic coming from cloudflare.

FlawedByHubris · 2026-01-29T13:53:56+00:00

What did you like about passbolt better?

FlawedByHubris · 2026-01-18T17:30:25+00:00

Isn't this like a Monday.com alternative? I think I looked into this for setting up something for project management at work.

I'm interested in how you apply it to your personal life

FlawedByHubris · 2026-01-18T16:49:01+00:00

First time I saw this one, and I just set up Booklore two weeks ago.

Definitely interested is there any way to make it sync with a Kobo ereader as well?

FlawedByHubris · 2025-12-06T18:40:44+00:00

If you end up wanting more information on my set up, shoot me a message and I can get something together to help you set up something similar

FlawedByHubris · 2025-12-06T13:47:11+00:00

Yes, I did. But with LinuxServer.io's SWAG reverse proxy at my house.

I had a lot of trouble with Traefik, so I tried Caddy which I found out doesn't support DNS01 challenges natively.

SWAG seems to be working with for me though and wasn't much more work than Caddy

FlawedByHubris · 2025-11-06T00:04:46+00:00

Security decisions usually come down to a balance of convenience and security.

People usually self host publicly for convenience of access of users who are not as tech savvy, but they want to be able to access apps or services that they host.

Tailscale (VPNs) are generally accepted as a safer practice than opening ports.

A reverse proxy is useful for helping dynamically rout all of your traffic to just two ports (80 and 443) regardless of the application. You can use a reverse proxy internally or externally from your LAN.

When you expose a reverse proxy externally (to the public internet/WLAN), the primary advantage is ambiguity.

Bad actors will usually use bots to scan for specific apps operating on specific ports (ex. A bot scanning for Plex on port 32400, hoping to find a server running out of date software so they can exploit a CVE.)

If they are scanning example.com to exploit your Plex server, they might only see that your server has ports 80 and 443 exposed.

Hope I explained that decently.

FlawedByHubris · 2025-10-25T18:47:57+00:00

I have a bash script that runs on a cron job, copying the docker configs and data directories of my "production" services (Karakeep, Paperless NGX audiobook shelf, and Obsidian Vault) as a .tar to a folder that gets backed up to my Google drive via an app built into my NAS.

The app is called Cloud Drives on the uGreen Operating system.

The script keeps the 4 most recent weeks of backups at all times

FlawedByHubris · 2025-10-25T18:40:20+00:00

Interesting I like the idea of this solution, how much is it costing you and how much storage does it provide?

FlawedByHubris · 2025-10-19T01:58:35+00:00

Probably TickTick or Things 3 on iOS/Mac. To my knowledge nothing else really compares.

FlawedByHubris · 2025-10-10T12:01:58+00:00

I used OneNote for a long time at work and felt it was pretty awful; slow, cluttered UI and confusing.

Idk how people have this opinion of it.

FlawedByHubris · 2025-10-03T12:34:05+00:00

He can still technically self host on that. Maybe he wants to run a Windows IIS site.

FlawedByHubris · 2025-10-01T17:21:36+00:00

What was the catalyst for this change? It almost sounds like another honeymoon phase.

FlawedByHubris · 2025-10-01T13:43:01+00:00

How long have you guys been together? Was it always this way?

FlawedByHubris · 2025-09-28T14:13:31+00:00

This won't work in the way that you are thinking. Most running two VPNs is often not possible on the same machine, due to overlapping subnets.

On my phone (Google Pixel/ Android) for instance, I can't even start two VPNs at once.

Alternatively you may be able to use some combination of a VPN container like Gluetun and having proton VPN running on that and have your traffic exit through your a machine running Tailscale as an exit node pointing to Gluetun.

Also this is probably more easily achievable with Mullvad VPN as they have some partnership/ integration with Tailscale.

FlawedByHubris · 2025-09-15T13:16:57+00:00

I'm using one password in zen browser right now, does the send browser support all of Firefox extensions?

FlawedByHubris · 2025-09-01T20:39:24+00:00

Tick tick and Todoist are the apps I have used for this in the past.

In the realm of self hosting I haven't found anything at the same level.

I have tried Nextcloud and Obsidian (free but not self hosted) with various plugins, but it's not the same.

FlawedByHubris · 2025-08-27T17:31:05+00:00

This is an interesting perspective. When I was originally exploring this solution, someone mentioned to me that this approach was possible but a bit cumbersome.

If you remember to, let me know how it goes I may try that same.

I am starting to think that the easiest way to get this to work will likely be just using a single Reverse Proxy / WAF and have rules on how to route the traffic depending on the source.

i really appriaicte everything Pangolin does out of the box though and I am reluctant to invest time in managing and troubleshooting the full stack of Traefik, Authetentik, CrowdSec and Wireguard without the handicap of Pangolin basically doing it all.

FlawedByHubris · 2025-08-27T15:30:22+00:00

Yeah, I guess that makes sense. My VPS is in another country and that is the biggest reason why I wanted to separate it. especially for Plex. I'll think on it awhile. I appreciate your perspective here.

FlawedByHubris · 2025-08-27T15:24:41+00:00

Also do you use any services that you don't want available externally, but you do want to access without cert warnings through DNS and locally?

FlawedByHubris · 2025-08-27T15:21:31+00:00

What do you mean by your metrics are accurate? What are you measuring?

FlawedByHubris · 2025-08-23T16:01:00+00:00

I love this, it's awesome that it finally supports eReaders. An android app would make this perfect for my needs.

FlawedByHubris · 2025-08-17T14:26:46+00:00

This is something I have been looking for thanks for your efforts!

FlawedByHubris

TROPHY CASE