OnlyOffice is the only one that I’ve used that has a good looking UI, works out of the box and very good compatibility (across Microsoft and other document standards). Install is just one flatpak away. Highly recommend.

Honestly what really matters (imo) is that you do offsite storage. Cloud, a friends house, your parents, your buddy’s NAS, whatever. Just get your data away from your “production/main” site.

For me, I chose cloud for two main reason. First, convenience. I could use a tool to automate the process of moving data offsite in a reliable manner thus keeping my offsite backups almost identical to my main array and easy retrieval should I need it. Second, I don’t really have family or friends nearby and/or with the hardware to support my need for offsite storage.

There are lots of pros and cons of each, let alone add your specific needs and circumstances on top of it.

If you can use the additional drives later on in your main array, some other server or a different purpose then it may be worth while exploring the drives (my concern would be ease of keeping offsite data up to par with main data). If you don’t like it for one reason or the other, you can always repurpose the drives and give cloud storage a try. Again, the important thing is to do it in the first place (and encrypt it client side).

Well here’s my very abbreviated conclusion (provided I remember the details appropriately) when I did the research about 3 months ago.

Wasabi - okay pricing, reliable, s3 compatible, no charges to retrieve my data, pay for 1tb blocks (wasn’t a fan of this one), penalty for data retrieval prior to a “vesting” period (if I remember correctly, you had to leave the data there for 90 days before you could retrieve it at no cost. Also not a big fan of this one)

AWS - I’m very familiar with it due to my job, pricing is largely influenced by access requirements (how often and how fast do I want to retrieve my data), very reliable, s3, charges for everything (list, read, retrieve, etc). This is the real killer and largely unaccounted cost of AWS.

Backblaze - okay pricing, reliable, s3 compliant, free retrieval of data up to the same amount that you store with them (read below), pay by the gig (much more flexible than Wasabi). My heartburn with Backblaze was that retrieval stipulation. However, they have recently increased it to free up to 3x of what you store with them which is super awesome and made my heartburn go away really quickly.

I actually chose Backblaze before the retrieval policy change and it has been rock solid from the start. Works seamlessly with the vast majority of utilities that can leverage s3 compliant storage. Pricing wise, I honestly don’t think it’s that bad

Hope this helps

I’m currently using Backblaze. I also researched Wasabi and AWS.

Can’t speak for those but I tried Kopia and it did the job okay. Ultimately tho I landed on rclone.

Lots of answers in the comment about this particular storage type/vendor. Regardless, to answer your original question, rclone. Hands down. If you spend 30-60 minutes actually reading their documentation, you are set and understand so much more of what’s going on under the hood.

Didn’t even know

Absolutely agree! Just pointing it out in case OP runs into a registrar that doesn’t offer this

Fair point. I failed to mentioned features in my previous comment. Things like WHOIS Privacy are essential to me and I imagine it is for most of us (self hosters)

In my opinion it really comes down to support, price (first year and renewal) and ethics.

For the ethics piece, if you think Google is an evil company then avoid Google Domains, as an example.

You got it! As long as nginx can reach that service container, it will forward the request to it.

service1.example.com is configured in nginx with a proxy host of service1:1234, service2.example.com is proxied to service2:8080 and so on.

When you created your containers, did you create a “frontend” and “backend” docker network? Typically I create those two networks (or whatever name you want) and connect all my services (gitlab, Wordpress, etc) to the “backend” network then connect nginx to that same “backend” network (so it can talk to the service containers) but I also add nginx to the “frontend” network (typically of host type).

What this does is it allows you to map docker ports to host ports to that nginx container ONLY and since you have added nginx to the network that can talk to the other containers you don’t have to forward or expose any ports that are not required (3000 for gitlab) to talk from the outside world into your services. Your containers will still talk to each other through native ports but only within that “backend” network (which does not have forwarded/mapped ports).

You would want to setup your proxy hosts exactly like you have them in your post except that in your Forward Hostname you would use the container name (gitlab for example) instead of IP.

So basically it goes like this

Internet > gitlab.domain.com > DNS points to your VPS > Nginx receives requests (frontend network with mapped ports like 443:443 or 80:80) > Nginx checks proxy hosts list > forwards request to gitlab container on port 3000 (because nginx and gitlab are both in the same “backend” network) > Log in to Gitlab > Code until your fingers smoke! > Drink coffee

Hope this help!

Edit: Fix typos

Sad indeed. Maybe raising an issue on GitHub? Even if you don’t end up using cloudbeaver, it’s worth reporting it. Maybe they don’t know there’s a problem with this component of their app.

I do remember being a bit lost with initial connection to a postgres when I first spun up the app. I clicked around for a few minutes but after than it has been very handy. My use case was extremely basic as I just needed to manipulate some records that I did not know the right query for and to visualize the rows I needed.

Have you taken a look at CloudBeaver? I’m not sure I understand what an ERD is but I’ve used this to manage and work with databases before. Pretty easy, UI is not bad at all and it’s self host-able (through docker). I don’t know if it meets your criteria 100% but worth checking out.

Didn’t know you could do this. Interesting!

I went with the OpenSSL CA as cryptography has been a weakness of mine and I needed to tackle it. Glad I did, learned a lot throughout the process.

Importing certs is a bit of a pain at first but I just made my public root ca cert valid for 3 years (maybe 5 I can’t remember) and put that public cert in a file share accessible to all my home devices. From each device I go to the file share once, import the public root ca cert and done. It’s a one time per device pain so it’s manageable in my opinion.

Each service gets a 90 day cert signed by root ca and imported to nginx proxy manager to serve up for the service (wikijs.mydomain.io).

Anything externally exposed I use let’s encrypt for cert generation (within NPM) and internally I use the OpenSSL setup.

If you document your process and you’ve done it a few times, it’s gets quicker and easier.

When I was looking for a DMS I ran across MayanEDMS. I never got a chance to stand up any DMS but it may be worth checking out their site in case it meets your needs.

Not exactly DMS but I have a WikiJS instance running with MFA enabled and access control. For example, my wife and I can access a set of documents we deem sensitive but other users can’t. I use WikiJS for all my documentation needs.

I use rclone as well and was in your position not long ago (looking for a non complicated backup solution). Landed on rclone based on feedback and what I read online. Spent about an hour reading rcl one’s documentation and built a script to do the backups daily.

OP if you go the rclone route, I can share my template script with you to get you started.

The script is pretty simple: makes sure there’s a logging file created on the system ahead of time, timestamps, the actual backup job, error checking, notification via discord (success or failure) and log output to the file created above.

Edit: I forgot to mention that recently (don’t know exactly when) Proxmox released something call Proxmox Backup Server (PBS). I have not used it but I imagine it integrates well with your Proxmox cluster but even then you may want to look at a complimentary solution to backup that server too.

Edit: Even if you go with Proxmox Backup Server, you may want to thinking about how you backup the backup server. Preferably off site, in my opinion.

As I started thinking about how to lay out this “emergency page” I started thinking “well in order for this page to be accessible, I have to assume that my servers are up and running for my family to even get to said page. If the servers are offline for any reason, this page would be useless.” So yea probably something physical or non “techy” is best for this