1.1 USD/mo for 2TB is basically a giveaway or free plan, i.e. you’re the product not the customer. So I’d be suspicious. How much storage are you looking for? Hetzner unfortunately jumps from 3.2 euro/1TB to 11 euro/5TB. So 2TB is kind of a bad spot on that scale. But if google drive is working for you and your stuff is encrypted, why not keep it?
Tbh you get jerked around less with paid plans. I’m happy with Hetzner Storage Box. I have 5TB there for 10 euro/month. I’d never use Google Drive. borgbase.com has a 10GB “free forever” plan and I could see parking some stuff there, but 10GB is pretty small and IDK the conditions. Why not use a VPS provider with better storage options?
It was ok at the time, and if it isn’t ok now, that means you want to run something that is too bloated for its own good.
Really though, special hardware for this doesn’t make too much sense. A raspberry pi with two ethernet interfaces would be great, but if you can live with ethernet plus wifi, the current rpi’s will do it. Otherwise there are lots of similar boards that really do have two ethernet.
I have not really felt much use for self hosted server hardware at home. I use VPS’s for that and it’s less hassle. Maybe it doesn’t count as completely self hosted, but conceptually it’s a miniature colo box.
Thanks!
Mind saying why? No I don’t want to watch a video to find out.
militarized upgrades
Extension cords that reach all the way back to HQ?
Oh man, what a mess. It is just not worth it if you’re only adding 1 or 2 TB. Also you don’t say what kind of data you want to store on this system. If it’s media files (static once written) that can simplify things.
I’d say don’t mess with external drives at all. Your simplest path is upgrade your 1TB internal SSD to 2TB or 4TB. Those aren’t too expensive, and you get SSD storage. Yes you may as well use LUKS unless you want to get fancier. I have some thoughts about key management but haven’t implemented them in practice, so talk about that would be theoretical.
RAID is for when you have data that changes, like databases where you frequently add rows or do updates, so you are up to date if a drive crashes just after an update. It also lets you keep the system running while you hot swap the crashed drive. If you don’t mind taking your storage offline while you restore from a backup, and you don’t mind having to recreate the most recent data, you don’t need RAID.
I simply keep my static stuff and backups on a Hetzner StorageBox, encrypted with Borg Backup. That eliminates all the hassles of RAID, buying hardware and keeping it at home, etc. I can remote mount it (read only) with sshfs with all cryptography happening on the client side (in practice I don’t do that very often). There’s no need to use an encrypted file system on the server, or for the server to ever see plaintext. Of course StorageBox is not self hosted, but you could do something similar with a bare iron storage server. Anyway I think it’s difficult to beat this for economy until you have tens or maybe 100’s of TB of data.
That’s if you have a regular domain instead of.internal unless I’m mixing something. Topic of thread is .internal as if it were something new. Using a regular domain and public CA has always been possible.
Right, main point of my comment is that .internal is harder to use that it immediately sounds. I don’t even know how to install a new CA root into Android Firefox. Maybe there is a way to do it, but it is pretty limited compared to the desktop version.
Yeah I know about that, I’ve done it. It’s just a PITA to do it even slightly carefully.
Browsers barf at non https now. What are we supposed to do about certificates?
If the problem is intermittent then longer run has better chance of catching it, but 2 hours with no errors is a good sign, with regard to the memory.
Do encrypted backups with Borgbackup or similar. That means the server never sees the plaintext or the decryption keys. The encryption happens on the client. Since it’s public-key encryption (separate keys for encryption and decryption), the client doesn’t need the decryption key either, except when restoring. So your backup can be automated without secret keys.
Try running memtest86 for a few days to test memory. That is fairly easy to do though it involves booting from a flash drive. Web search should find info.
I don’t understand the bonus question, and there are a lot of subtlties to multi-person secure chat. Does the user agent really have to be a web browser instead of, say, an ssh terminal? What do you expect to use instead of web sockets, in a browser?
On different occasions I’ve used irc or nextcloud chat, neither of whichis ideal. Plus ytalk but that is 2-person only. There used to be fairly busy discussion on the moderncrypto.org messaging forum but I think that is quiet now.
/u/positive_intentions@lemmy.ml might be interested too.
Stop the whole VM during snapshots.
Borg backup?
I don’t remember the format codes but they are generally pretty stable across a given host like youtube. The trouble is that not every video has all of the formats. You might have to just find the nearest one and convert with ffmpeg.
I wouldn’t count on google drive doing anything in particular after expiration, unless that is expressly part of the product description. Just because you can observe it happening now doesn’t mean you can expect it to keep happening. For that matter, Google cancels products all the time. So I wouldn’t even rely on the paid plan not being withdrawn at some inconvenient moment. If you really want to use it, then best strategy is probably use it as long as it lasts, but have some plan B in mind if it goes away.
Oneprovider.com shows lots of offers in Istanbul, though servers are expensive there compared to a place like Hetzner:
https://oneprovider.com/search?&cities[]=62&price=0&price_max=9999999999999999&price_any=0