Enshittification is the norm for all for profit endeavours. Exceptions to this are exceedingly rare and usually just a matter of time rather than truly being an exception.
Thank you for including oAuth options for sign on. Makes a big difference being able to use the same account for all the things like freshRSS, seafile, immich etc.
The general principle is called single sign on (sso).
The idea is that instead of each all keeping track of users itself, there is another app (sometimes called an identity provider) that does this. Then when you try to log into an app, it takes to the to login of your identity provider instead. When the IP says you are the correct user, it sends a token to the app saying to let you access your account.
The huge benefits are if you are already logged into the IP on a browser for example, the other apps will login automatically without having to put in your password again.
Also for me the biggest benefit is not having to manage passwords for a large number of apps so family that uses my server have 1 account which gives them access to jellyfin, seafile, immich, freshrss etc. If they change that password it changes it for everything. You can enforce minimum password requirements. You can also add 2FA to any app now immediately.
There’s good guides to settings it up with traefik so that you get let encrypt certificates and can use traefik for proxy authentication on web based apps like sonarr. There are many different authentication methods an app can choose to use and Authentik essentially supports everything.
SSO should really be the standard for self hosted apps because this way they don’t have to worry about ensuring they have the latest security for user management etc. The app just allows a dedicated identity provider to worry about user management security so the app devs can focus on just the app.
I’ve been running nextcloud since before it was nextcloud. Was owncloud then moved to next cloud.
Another user put it best. It always feels 75% complete. Sync isn’t fast, gives errors that self correct when restarting the all. Most plugins are even more janky or feel super barren.
I wanted to like it so much but I stopped being able to trust most plugins which meant I had dedicated apps for those things and used nextcloud only for file sync.
If you only want file sync then seafile is vastly superior so that’s what I now have.
Borg (specifically Borg Matic) has been working very well for me. I run it on my main server and then on my Nas I have a Borg server docker container as the repository location.
I also have another repository location my on friends Nas. Super easy to setup multiple targets for the same data.
I will probably also setup a Borg base account for yet another backup.
What I liked a lot here was how easy it is to make automatic backups, retention policy and multiple backup locations .
Open source was a requirement so you can never get locked out of your data. Self hosted. Finally the ability to mount the backup as a volume / drive. So if I want a specific file, I mount that snapshot and just copy that one file over.
CloudFlare is a good place for beginners to start. Setting up a reverse proxy can be daunting the first time. Certainly better than no reverse proxy.
That being said, having your own reverse proxy is nice. Better security since the certificates are controlled by your server. Also complex stuff becomes possible.
My traefik uses keys encrypt wild card domains to provide HTTPS for internal LAN only applications (vault warden) while providing external access for other things like seafile.
I also use traefik with authentik for single sign on. Traefik allows me to secure apps like sonarr with single sign on from my authentik setup. So I login once on my browser and I can access many of my apps without any further passwords.
Authentik also allows oAuth so I can use that for seafile, freshrss and immich. Authentik allows jellyfin login with LDAP. (This last paragraph could be setup with CloudFlare as well).
I have 3 14tb exos drives. I have them in a Roswell 4u hotseap chassis. Running unraid.
It’s nearly inaudible over the very reasonable case fans. No grinding noises. I can hear the heads moving a bit but it’s quite subtle. Not sure why people have such different experiences with these
Is UI mimics ms office and has comparability with word files.
Not open-source and has some limitations without paying but works on windows and Linux. Can even be self hosted yourself to provide a web UI for access to your own files Google docs style.