My bitwarden works like a charm, I enabled admin page and cancled registration, but exposing it gives me some worries due to possible brute force attempts. Having fail2ban would be a nice security pillow. Might be a good thing to set up on a rainy Sunday
Do you have fail2ban of your letsenctypt container (I assume its the one from LS.IO?) configured?
You should not, never, ever run as root.
Try running your nextcloud container with user-rights with PUID and PGID-settings.
Ah, awesome! Thanks. Makes sense.
Morlan: How does your reverse proxy configuration with letsencrypt look like? Did you stick to the sample provided with the letsencrypt-container?Code
But how do you login with your clients? Setting server address is obvious, but login email and master password is still required.
Does the BitwardenRS-Server work with the payed features, like multiple user? As far as I cound figure out, even with self -hosting, a Bitwarden-Account is still needed and with more than one user, a little allowance to be due.
A little Typo within your command
docker exec nextcloud sudo -u abc php /config/www/nextcloud/occ maintenance:mode --on
docker exec nextcloud sudo -u abc php /config/www/nextcloud/occ maintenance:mode --off
works like a charm.
Next do do: Dump of database for backup purposes.
Thank you Morlan
docker exec nextclouddb /usr/bin/mysqldump -u nextcloud --password=xxx nextcloud > /srv/dev-disk-by-label-xxx/backup/nextcloud_backup.sql
Seems to work, but backup database seems a litte too small somehow. (Previous natively installed MariaDB backups of NC were >120 MB, this is only 40 MB and there was not much activity on this cloud lately)
How do I push the nextcloud instance into maintenance-mode from the host?
I tried something like this:
but did not work. My assumtions:
- user abc runs the webserver within the nextcloud container
- the path to occ must be the leative one within the container
Maybe it's power related, which plattform do you use? My setup is a Xeon 4C/8T with 32 GB of RAM.
Do you have redis in use and preview-generation active in config?Code
Is a bug on tracker related to the new photos app. Quite nasty, since in shares photos won't open at all.
It was supposed to be fixed with 19, but its still there. I wait day by day for a new release.
The bitwardenrs is my alternative. I got the official setup running in a VM right now and have a look on reverse proxy configuration, environments, volumes etc.
My goal would be to set it up with official and create a little HowTo.
Keeping all my passowords in mind bothers me quite a while, so in the process of merging OMV4->OMV5 and all native services into docker I discovered the quite charming tool bitwarden.
After a short research if figured out that many users use the bitwardenrs/server container. On the other hand there are the official containers, which separate each service part.
I use letsencrypt with reverse proxy and nextcloud (subdomain-configuration) and I might need to integrate bitwarden in the existing setup. As far as I know, the installer script of bitwarden installs a separate letsencrypt-container which I already have. So I guess I need to configurate my letsencrypt to match both services, bitwaren and nextcloud with nextcloud.domain.com and bitwarden.domain.com and therefore I can't use the installer script.
I lack the documentation (environment, ports, volumes, etc) of each of the required bitwarden containers and their connection.
Can someone show me a direction or where to start?
Is the usage of official containers the best way for me or should I stick to the RS?
For things like Wordpress, there are even preconfigured containers, where you just dump your theme and content and everything is done.
What type of service would you like to host?
Webstation is just a webserver with php and optional MySQL. With docker, you find a bunch of services and their basic requirements preconfigured, which I think, is the more comfortable method.
Depends on your internet connection
I do not use the webinterface, but sync-clients with different plattforms. Using an internal IP would cut clients mobility and flexibility for the use of other networks.
did you use the internal IP of your host?
i can reach my cloud with its internal IP, but certificate is not valid for this "domain".
why would you do this anyways?
Duplicati offers similar function.