OpenHAB was OK the last time I used it. I’m not sure what other big options there are.

You can use docker exec with garage docker image.

I’m on mobile but I think you just need something like: docker exec containerid ./garage stats

Garage is the simplest of the three imo.

I’ve only used it in a cluster, but it should be even simpler for one instance

A subscription is required??

What mobile issues do you have? I use it both on desktop and mobile with sync mode turned on in the PWA.

I like it, it seems pretty stable to me. I didn’t use it much before the query/template stuff was changed. I think both are fine right now, but don’t really know what it looked like before.

There’s also “space-script” now which is basically like mini javascript plugins you can write inside your notes. It’s what drew me away from trilium in the end.

I don’t blame you for taking a break if you ran into breaking changes though. That’s one benefit to keeping your notes in regular markdown files too.

Any comparisons to SilverBullet.md? It’s my favorite so far

What you read online may have been referring to how cloudflare itself can always see the unencrypted traffic?

Cloudflare tunnels are encrypted, but inside of that encrypted tunnel could be a regular http stream.

Restic with rest-server is great.

Kopia is a little newer and has an actual web ui, so may be a good choice too.

I still use restic on all of my severs, but have started using Kopia for my non server machines.

Both support compression, encryption, and deduplication.

Thanks for the recommendation, I’ll take a look at some of his videos. I managed to get the un/pw on one page, but haven’t done much with webauthn/passwordless stuff yet so that might be useful too.

Thanks! I managed to get user/pass on the same page and it works great with the compatibility mode

That’s essentially what I am doing. Everything is on the LAN by default. I have two instances of Traefik. One that runs only on internal VPN ips, and another on remote servers using public ips. So I can choose which services are accessible over lan/vpn or public (routed through a vpn to lan).

That doesn’t solve the authentication problem if I want to expose something to the internet though, or even sso inside the lan.

You can change the logon flow to make the username and password on the same page There is a comparability button as well on the login flow that allows bitwarden and other to auto fill correctly.

Thanks for the tips, I found the compatibility button and will try it out. I’m not sure I see how to change the username/password to be on the same page though. Do you have to create a whole new login flow?

Do you have a link for padlock by any chance?

I’m not sure if this is it, but I found a password manager named padloc: https://github.com/padloc/padloc

Did you move to Keycloak, or something else?

Thanks for confirming, I just saw that as well.

I’m going to try some of the other solutions in this thread, but I might still come back to authelia and just ignore my requirement for having social login. I like the idea of sending someone a link and saying “Hey just log in with your google account” instead of having to create an actual user for them, but maybe I can use something else specifically for those cases.

cloudflare access + cloudflare tunnels is a cool solution, and was easy to set up in the past, but I’d rather stick to something completely self-hosted. I’d probably use it for something completely public, but not things that route into my homelab.

Once I’m authenticated, it’s actually pretty okay. It goes through the redirections fast enough that I wouldn’t notice usually. But the login pages would take several seconds to load for me, and navigating around the admin ui also seemed to take several seconds for each page change. So not extremely slow, but slow enough to notice and get annoyed by it. Admittedly I probably could increase the session duration or something to help with that too.

Canaille looks pretty interesting and simple too, thanks for the link!

Thanks, I’ll take a look! It might be helpful even if I use a different idp