Depending on the number of devices you have, your threat model, it can be helpful to set up a security hierarchy. So you only need to worry about securing the devices at the top of the hierarchy, and can play loose and careless with the devices lower down. That way it’s less likely to lose everything due to one mistake

Even if you have a password for your ssh key, malware on your system can just wait until you enter the password.

My point is that SSH access is very powerful, and effectively means that the security of the SSH server is reduced to the security of the SSH client. If your SSH client is pwned, so is your server. If you have 10 devices each with ssh access to each other, then if any one device is pwned, all devices are pwned as well.

This is not the case for systems designed for file sharing only. For example with syncthing, if one device gets pwned, all it can do is send files to the other devices.

Most people probably don’t care but it can be a security risk, allowing malware to move “laterally” between all your devices. For my main devices I don’t give them SSH access to each other, but I do give them SSH access to my secondary devices (like a Pi-Hole)

Very cool, I’ll have to spin up some VMs and test it out myself. Thanks for all the info!

Wow cool! I believe you’re the first person I’ve met that actually used a cluster FS (in their homelab at least). I looked into it myself but it felt like nobody was really using it so I didn’t bother.

Does it involve much more work or is it a fairly transparent replacement to traditional storage options? Assuming one is already using Kubernetes. I’m wondering if it’s worth it to switch to a cluster FS for everything, like Radicale or Tiddlywiki.

Have you tried using Ceph or other distributed storage systems in your kubernetes cluster?

I’m aware of databases that support HA, but the vast majority of self-hosted apps I’ve encountered use file storage, even if they have a database as well. It sounds like you’re proposing shared storage like an NFS share. But if you’re upgrading nodes, at some point you have to upgrade the node hosting the shared storage right? Wouldn’t that take down all services? Unless you use a distributed storage system, but I’ve heard those can get very complicated…

have you found many self-hosted services that suppprt that kind of HA? I can’t imagine services like torrent clients allowing you to stream writes to one node while replicating to the other, though maybe I’m misunderstanding the setup

ok first off, this community is about self-hosting, there just happens to be a lot of overlap between people who self-host and people who care about privacy.

And if you thought privacy was about distrust, that is a very unhealthy view. Privacy-minded folk simply have different principles than the mainstream. But if somebody comes along that shares those principles, then trust can be earned.

OP’s product is open-source and self-hostable. This is aligned with the community. I’m not saying to throw money at the product before it’s released, but it’s worth keeping an eye on, and showing support for.

Ok so you’re a troll then. Fearmongering doesn’t help the community. If you’re against something give evidence. There’s a balance between fearmongering and blind hype.

this reply adds nothing. Please explain your position

You don’t have to pre-order, just wait until it’s released and buy it then. And in this case you can get a raspi and test the product for yourself, so why spread FUD?

Matrix. Bitwarden. Nextcloud. There are many examples of open-source, self-hosted applications that have for-profit companies that offer to host them for you as a service. Now if you use one of those Nextcloud providers to store your notes, can that providers read all your data? Of course. But for people who don’t want to self-host, it’s often a more trusted option than Google.

These comments are why privacy products will always be behind. Why open-source is full of dead projects. These people are just trying to make a living off making privacy-focused products. And all the comments are like “They’re a for-profit company? They had marketing material prepped to reply to people’s comments?!”.

The code is open-source, self-hostable, built using commodity hardware (raspi), and they’re just trying to make it sustainable by providing an optional paid service. This is not the enemy.

I think they’re just a privacy-focused startup that just wants to make a living off their work

very cool, I’ll have to look more into it

what remote desktop protocol do they use?

Very cool. I personally use a double wireguard network: a wireguard vpn at home for all my services, and then since my home network is behind a double NAT and impossible to access publicly, I use a second wireguard tunnel to a VPS, to forward traffic to my internal wireguard network. The only thing the VPS can see is encrypted wireguard packets.

Edit: it seems like this service is more for public or shared services (like a public blog), rather than private personal services, so wireguard is less of an option