It seems like self-hosting is quite complicated. I’m wanting something that “just works”, but there seems to be a lot of maintenance work involved with self-hosting, and I even heard that there are privacy and security risks with self-hosting (correct me if I am wrong).
Should I just wait for Proton Drive to become more developed and switch to that when it does?
What would the difference between self-hosting Nextcloud and Proton Drive be in terms of privacy and security?
I never want to outright discourage people from attempting to self-host, as it can be a fun discovery and something that may work perfectly for their needs. But given what you’re sharing, I’m not sure if NC is the way to go.
Nextcloud gives you data ownership, but it barely has functioning E2EE, and like you’ve stated - it’ll require some maintenance, and yes there’s a risk of human error which can open you up to other issues.
If you want a middle-ground option in the meantime:
You can also just start using Proton Drive now and work with its limitations (if that’s possible, which it probably isn’t given the tone of your post)
Use age to encrypt your files and upload it to Dropbox Google whatever cloud service you want. You get more space to upload for free.
Thank you.
Why does E2EE matter if you are the one hosting it?
I’m considering using this. Do you think you would ever consider putting it on Techlore’s resources page? MacOS is on it, so I’m wondering if iCloud would fit in there too.
It’s just a good security practice that ensures your data safety to some extent even if you’re server were to get snooped on by intrested parties.
Does that mean that even if you were to self-host Nextcloud, your security could be lower compared to if you were to use other cloud storage solutions like iCloud?
There are two reasons why you may want to use E2EE even if you are self-hosting Nextcloud.
First, you may be concerned about the physical security of your server. Maybe you are worried that someone will break into your house and get physical access to your server hard drive.
Second, maybe you self-host on a VPS and you don’t want to even give the option to your hosting provider to look at your data. Which is something they typically don’t do since that is not their business model but still.
At the end of the day it all depends on your threat model and what you’re trying to protect against.
If not correctly configured, yes. The probability of that happening is quite high even if you were to be an amateur network engineer. One wrong config and you have your data on onion sites.
This isn’t scaremongering. Feel free to self host your data. I am warning about the possible dangers of self hosting. The best of the network engineers make mistakes(which is why you see these hacks happening). Just don’t store any sensitive data on it.
it might look complicated but honestly its really not, nextcloud also has a snap which sets up everything, including ssl as well, so literally all you have to do is sudo snap install nextcloud && sudo snap start nextcloud && sudo nextcloud.enable-https self-signed and you’re done, it’s accessible over https://your-private-ip-here
The only difficult part is making backups really. As for security, just dont open it publicly, host a vpn using wireguard, and access it behind that and you’re fine. The pivpn script makes this pretty easy, (even if you’re not using a raspberry pi)
If you dont want to selfhost, i’d recommend any free cloud storage + rclone crypt/cryptomator or veracrypt depending on your needs, this way you have certainty that only you can access files, and it’d be cheaper than stuff like protondrive.
Some VPS providers also provide one-click installations. But still if you don’t know anything about maintaining Linux servers you should be careful. Definitely spend some time in learning about all this stuff so at least you have an idea of what runs under the hood.