I need a simple page builder that I can use as a landing page with links to the other service, which are all under subdomains. I am building up a self-host platform (PVE>Ubuntu Server>Docker) for services like Immich, Nextcloud, Jellyfin, others.
I am using Authelia SSO to share with family.
What do you all use/recommend?
(Also, I’ll take links to or advices for “best practices” for hosting services for family/friends without having access to their passwords/files.)
I use Heimdall at my TrueNAS Scale. It has a docker container. It is simple and works for me.
I tried Dashy as well but it requires a lot code fiddling and I couldnt be bothered to learn. It has a ton of customization for it. Maybe it will work better for you. They also have a docker container as with most server apps these days.
1 Like
Have a gander (and bookmark!)
I use Glance but it’s yaml configuration that people seem to hate (and maybe a dead project)? I love it though.
1 Like
As to your second question it’s not really clear what you’re asking… isn’t this basically the purpose of nextcloud?
Just give the nextcloud users a media directory and be sure to mount that as a read only volume into jellyfin, a photos directory and mount that as a read only volume into immich (or the opposite perhaps? Not too familiar with nextcloud or immich). I assume nextcloud passwords are not available in plain text to the administrator.
I would assume linux filesystem acl is sufficient for your use case… not sure you really want to get into encrypting and decrypting data on the fly. End user can create their own veracrypt volumes or use any number of cloud storage encryption app to shield things from the admin…
1 Like
Homepage works well. But for multiple users organizr can be useful.
1 Like
As to your second question it’s not really clear what you’re asking… isn’t this basically the purpose of nextcloud?
Sorry, I’ll edit my original post after clarifying here.
(I am doing all this for self-hosting AND for learning, so please correct me if I am wrong about anything.)
I want to have a bunch of self-hosted stuff for multiple family members (~10-25), but I don’t want to be able to see their files, unless the apps support sharing and they choose to share. For example, I don’t want to be able to see my sisters’-in-laws photos, or my cousins’ PII. Currently, my implementation of Authelia has hashes in a user database that I can access. If I understand correctly, I could reverse that hash and get their passwords. I don’t want to be able to access their data that way, or have that as a bad practice in case of compromised systems.
I would assume linux filesystem acl is sufficient for your use case… not sure you really want to get into encrypting and decrypting data on the fly. End user can create their own veracrypt volumes or use any number of cloud storage encryption app to shield things from the admin…
I look further into the Nextcloud thing and ACL thing. As for client-side encryption: I’ll consider. But, I dont want to be setting that up for possibly 50 devices. . .
If they are hashed with a proper modern algorithm you will not be able to brute force the hash in an efficient manner.
Basically you’ll need to audit how each piece of software you install treats user account data.
For immich and jellyfin, you may need to hand-configure the media libraries to read nextcloud data on a per-user basis. You could probably automate this somehow by looking at the docs for each. I assume nextcloud gives you folders something like /data/username/share1/filename.ext
To be clear, the trick is to mount your users’ photos and videos shares from nextcloud as a readable directory in immich/jellyfin. They should have acl built into the software (immich/jellyfin) to prevent users from seeing each other’s media (but I’m not sure how fully featured the user acl is in jellyfin).