Paid Bitwarden or self-hosted 2FAuth. Its very lean so you could probably do it on a free Oracle cloud VPS and never pay. Or put Vaultwarden on a PikaPod for very little money per month.

Checks out: while they CAN move forward, they highly prefer to move side to side

If you’re wanting to do something like that, you’re probably best running Proxmox as a bit of a hypervisor, then Yunohost in a Debian VM on top, and assign something like “home.domain.tld” to Yunohost and get your “stable” family services running.

Then you can try out other stuff like Coop, Cosmos, OMV, Caprover, Tipi, etc as other VMs if you wanna try adding something Yunohost can’t or doesn’t do well. Or if you wanna extend your DevOps skills without messing up family-prod. I mean, you could even have another Yunohost as a “sandbox.domain.tld” before new service deploy.

I’ve had Yunohost running in some way for probably 4+ years? It’s relatively solid, I can mostly depend on it without any issues. I like the SSO/LDAP user auth and perms, and the default fail2ban and ability to change ssh port from the UI. The update and system services pages are nice.

What I don’t like is how apps are all installed locally instead of using containers or VMs. And resources are shared, so if one app uses, for instance, MongoDB, and another app needs it as well, they have to share the same one. It makes things run a bit leaner, but I do worry a bit about data bleed if there’s some vulnerability. And the apps are really hit and miss, since they have to be packaged, managed, and issue-tracked independently for this platform instead of the main app/project. So you find lots of orphaned or half-maintained apps that should be great otherwise.

So you either suck it up and deal, or become a bit of a hacker/maintainer yourself on apps you care the most about. But if I wanted to get that involved I’d just roll a manual build myself. I submit issues and try to help where I can, but that’s not where I want to be.

You could probably install something like Portainer and manually edit the NGINX config/homepage to hack some docker in there, but idk if I care enough to do that.

Eh, it is what it is. I have a full family life and a job screwing with computers all week. I don’t want to deal with spinning up, troubleshooting, and maintaining a mini devops stack.

I don’t want to spend so much personal time to keep up with all the management and config, but I don’t think that means someone like me should have to live in a big tech world. If there’s a good framework that helps keep things easy to manage and secure for a minimal amount of input and time, even if I could run most of it myself manually with a lot more time investment, there’s no reason not to, IMHO.

Yeah, I know they’re different. I was just giving some background about what was going on, sorry if I confused.

Just wondering if anyone has used what seems to be their compose/swarm config tool “abra”, especially multiserver, and have any feedback about it. I like that it seems to be pretty agnostic after doing its work, they say you can backup and export the config and use it elsewhere mostly as-is. Just can’t see much anywhere else about it.