![](/static/66c60d9f/assets/icons/icon-96x96.png)
![](https://programming.dev/pictrs/image/8140dda6-9512-4297-ac17-d303638c90a6.png)
Adding a Turing award to your profile is certainly one way to flesh it out
Adding a Turing award to your profile is certainly one way to flesh it out
Not a monetary one, no.
* (there might exist some business power tariffs that coincidentally benefit from this but nothing you’d use at home)
I started out with WireGuard. As you said its a little finicky to get the config to work but after that it was great.
As long as it was just my devices this was fine and simple but as soon as you expand this service to family members or friends (including not-so-technical people) it gets too annoying to manually deal with the configs.
And that’s where Tailscale / Headscale comes in to save the day because now your workload as the admin is reduced to pointing their apps to the right server and having them enter their username and password.
Sorry I don’t have a recommendation for you but this question often comes up in the Home-Assistant (local-first home automation software) community. So maybe have a look around those channels as well.
Getting the configs to work with my personal devices was already a little finicky but doing that for not-so-technical family members was starting to be a bit too much work for me.
I’m hoping that Headscale will cut that down to pointing their app at the server and having them enter their username and password.
Was running Wireguard and am now in the process of changing over to Tailscale (Headscale).
It uses Wireguard for the actual connections but manages all the wireguard configs for you.
Nextcloud is just a web service. How he or anyone can access it is not determined by nextcloud but by the routers, firewalls, vpns and potentially reverse proxies that are routing the traffic to nextcloud.
With the proper configuration of all traffic handling services it will not be possible to access anything other than the intended endpoint i.e. nextcloud.
Within nextcloud any user can only access their own files plus anything that is explicitly shared to them.
Might not fit into your plans but if you run Proxmox you can easily backup to an offsite computer (or VM) running Proxmox Backup Server (PBS).
From their website:
By supporting incremental, fully deduplicated backups, Proxmox Backup Server significantly reduces network load and saves valuable storage space. With strong encryption and methods of ensuring data integrity, you can feel safe when backing up data, even to targets which are not fully trusted.
Are there any implementations of this out there or is this purely theoretical (at this point in time)?