a lot of stuff:

• owncloud
• paperless
• immich
• jellyfin
• jellyseerr
• traefik

than i have stuff only accessible from local, like the *arr stack.

i’m not using cloudflare or anything, should I?

the only exposed ports i have are http / https and a random port for ssh.

i also don’t use any sso… maybe i should set one up.

this is the way.

also fail2ban to ensure that nobody bruteforce it’s way in.

i got one from GoDaddy, but i regret the choice…

i think they added the ability to force upload a photo in one of the latest releases, see it that helps.

otherwise yes, you have to delete that record from the db…

they are, post and comments are mirrored on all federated instances.

add fail2ban, so they cannot brute force the web interface.

interesting, even if they got access to the plex service, how they could have escaped the plex docker container?

i run pretty much the same stack as OP, but also run immich and paperless. i very much care if someone else have a way to access those…

ugreen is Chinese, but one of the good ones.

how this compare to jellyseerr?

you don’t need to be surprised, in their ToS is written pretty big that anything you write to chatGPT will be used to train it.

nothing you write in that chat is private.

are you using kube? or docker-compose?

of you are using docker compose, and in the compose file there is restart: always the container will be restarted if it disappears.

to remove it do docker compose down

i blinded myself reading the image… and there was perfectly readable text on comment below… :facepalm:

https://github.com/simone-viozzi/my-server

those are my configs. you have both immich and owncloud.

use immich for photos.

owncloud ocis works but is very young. is literally just file hosting with something to open office files online.

and change of speed

here it is: https://github.com/simone-viozzi/my-server

i’ve added my server config as edit so you can go check it out.

i heve owncloud instead of nextcloud.

i have a lot of stuff exposed to the web. i got a domain from godaddy, attached my public ip and created a subdomain for each service. than i have traefik that manage the tls and route each subdomain to each of the docker containers.

in total i have exposed 80, 443, and a random port i use for ssh. of course ssh is only by public key.

now i’m trying to set up fail2ban on the exposed services since someone could bruteforce them.

sorry i tough it worked like rsync.net

if you are using rsync, try rclone. it support parallel file transfer.