dfense

Can second Pangolin, switched from cloudflare tunnels to it a couple weeks ago and I am very happy with it. Latest version now supports external OIDC!

Wow, thanks for all the great answers so far. As for why not latest:

1. Read a lot online and read multiple times it's "bad practice"
2. Own experience: had latest on an app which crashed and wouldn't come up again. Got the backup of the persistent volume back and then had the problem that latest at that point is not the same as latest when I spun it up. Actually had no idea which version I was running last and consequently what I would need to pull to fit my backup. In case I have to restore my cluster, this problem is multiplied.
3. I run NixOS on everything, so I am clearly biased towards reproducibility.
4. I am running Services for family and a fire brigade (nothing mission critical, just support stuff, but still...). Stability is important, as sometimes I do not have the time to immediately react to an issue. I prefer a lazy Sunday morning to update/fix and then leave it alone and stable.

So, probably a combination of latest for low criticality and pinned on critical stuff (e.g. authentication, access, etc.)

At the end of the day you have to trust someone (Bitwarden, Hoster, Hardware Manufacturer...). It comes down to your threat profile and what you personally accept as a risk vs. effort (or convenience). For me Bitwarden was acceptable, but I switched to self hosting Vaultwarden ca. 3 years ago. Main reasons being the advanced features (sharing some passwords with the family, setting up a tech savvy friend to take over my vault should I get hit by a bus, etc.). I did not have any relevant downtime of that service in years.

Just a quick update and shout-out to a cool project. After trying cloudflared, but not getting it to run stable, I ended up using Pangolin, a tunneled Mesh reverse proxy.

Currently trying to step up my game bv setting up kubernetes. Cluster is running, but I am really struggling getting the combination domain name, let's encrypt and traefik, but without a cloud load balancer, to work. I feel like I went through most tutorials available, but it seems each one is missing a crucial part. Gonna invest some more hours today...

I heard from a gas guy that this is to ensure that only connectors made for gas usage are used and people don't build crazy contraptions with plumber gear for flammable gases.... Kinda makes sense.

I do not know Airtable too well, but n8n might have a connector for it. Then you could use the rest. good luck!

I am using appsmith for the app, with a pgsql db. Then n8n to query pgsql with its JSON functions and finally sending it to apitemplate.io to generate a PDF from the JSON and a template. The PDF then goes into nextcloud. With apitemplate you get 50 executions a month for free, which is enough for my use case. Hope this helps. (The use case is an equipment maintenance tool for the SCBAs of our fire brigade, where I need reporting for proving that maintenance was carried out)

You are welcome!

Try Threema... Open source, Swiss based, audited. As you and your data are not the product of this company, it costs 5 bucks. Less than a Starbucks coffee, but I still have a hard time convincing my peers to switch. (Not affiliated with Threema, just a fan)

26 cantons (states, its a confederacy), four languages, many dialects. You could fit nearly 17 Switzerlands into Texas. (Not nearly as much if you press it flat first ;-) )

I use restic with resticprofiles (one config file), notifications via (self hosted) ntfy.sh and wasabi as backend. Been very happy, runs reliably and has all the features of a modern backup solution, especially like the option to mount backups as if it were a filesystem with snapshots as folders, makes finding that one file easy without having to recover)