Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
view the rest of the comments
Obsidian. I know it's not open source, but it just felt right.
Yep just swapped over from a self hosted solution with gitlab and sublime.. But that was to restrictive and the overall experience wasnt really good...
I then found a post somewhere on lemmy a post abotu PKMS and what people are using... One was obsidian... So I tried it and I'm really happy
Edit: I saw some comments about some missing self hosting. Since the notes are saved as standard md files you easily ca sync them with whatever you want... I set it up with my synology NAS and DS Drive, but any tool which can sync two-ways should be fine
Yep, same. Though if Acreom ever goes local only on mobile OR when Notesnook opens up self hosting, I will take another look.
Just fyi notesnook is not really “zero knowledge”. They’re misusing that term.
I didn't make that claim though. Regardless, that wouldn't matter in a self-host situation.
Notesnook makes that claim. Why wouldn’t you consider that relevant when it’s the first thing you’re presented with on their website? And don’t even mention self hosting, that’s not only the last item on their roadmap but it’s also been there for a very long time with no updates.
Not sure why you’re getting defensive, this has nothing to do with you.
Not defensive at all, just didn't know where your comment came from. Do you have a link I can check out regarding that? Happy to read up on it. As far as self host, Dev team stated in their discord channel that they are still planning on it but want to get it buttoned up because once it's launched they can't take it back, paraphrasing what he actually said.
That's fine, I was just trying to add the the conversation.
There's this page that actually explains the encryption as it is: https://vericrypt.notesnook.com/ Zero knowledge is mentioned here and in a few other places. They're misusing the term as a marketing device, knowingly or not I couldn't say.
As for how I know? It's easy enough to check zero knowledge by logging into the service. If a password is enough to display your notes, the service is not zero knowledge. There should be a second set of credentials known only to the user that gets entered with each new login to actually decrypt the contents of your notes. If you've ever used matrix chat you would either enter in the private key yourself or match some emojis on an already authenticated client that would then pass that private key in a peer-to-peer fashion.
I haven't verified this myself but I can clearly see from the website how the encryption is described vs the marketing terms being used.
I see. Admittedly it's been a minute since I've logged into a new session of Notesnook. But accessing the web portal prompts for my login name, password, and then a 2FA code sent to my email address. Within the app (at least on Android) there is an option for no privacy, some privacy, and max privacy. Which have various behaviors when you navigate away from the app or close and reopen. I'm no expert, but do these sound like zero knowledge in this context?
I've still not decided whether I'll stick with them, but I do like the app and was able to get a year of their pro membership for less than half off, so I figured I'd give it a try and at the very least support the devs to some degree.
I looked at their test app and nothing looks like zero knowledge to me in the settings. The closest thing I see is private vault but that just sounds an extra layer of password locking (and encryption too) but not in a way that would prevent the company itself to see its contents (confirmed here). The dev in that thread failed to disabuse the user of that notion will leads me to believe the term is being knowingly misused.
Zero knowledge is supremely annoying to implement and also very risky because if your users lose access to their private encryption key that they have to write down during signup, their data cannot be retrieved and it's gone forever. That means if you specifically were using that feature, you would know it from all the nagging during signup about those risks.
And again, there's a very simple way to test this. Just try logging in from a new device. You should not be able to see any decrypted notes without either entering in that private key or having another device be online to share it. If you're thinking maybe the private vault is a secret key only you have, just see the github issue above. It's not.
Having said all that...
I'm not advocating for zero knowledge in every service. I mentioned it because the marketing bugged me and felt misleading. I honestly have no idea if their app is good or not but it does look pretty. Just make sure you trust them with what you're putting on their servers.
/edit I'm sorry I want to make sure I'm not spreading misinformation and stumbled on this thread where the author claims they cannot read any of the users' data on their servers but then everyone else in the comments is debating whether it's just end to end encryption or some other derivative marketing term. Honestly I'm just gonna say it "I don't know". If it's zero knowledge and you didn't get a special string on top of your password then that means your password is your key and password resets should be impossible or come with a side of "losing all of your notes".
Fair enough. I appreciate the context and additional information. Gives me things to think about. I'm currently using Obsidian even though it's not FOSS, the file format is simple text files in folders making "escaping" the ecosystem easy, should I need to. Notesnook of course doesn't do that, but they do have a much better handling on tasks/to-do within your PKM than Obsidian does.
I'll admit I love notes apps. Have for years. So any new shiny one that comes out I at least try it even if I'm happy with Obsidian. Personal failing, I suppose.
I’m not judging, not sure how or why you think you’re failing but it’s not coming from me!
I’m like you, I use Bear for when I’m lazy and emacs for everything else. Two polar opposites but at least with Bear I can collaborate with my wife without complication.
Not being open source is the great... sin for me. Note taking is an investment in the future, and betting on a closed source platform is a big no no—for me, that is.
I know the content is safe in Obsidian, since it's just Markdown files. But the workflow? Not so much.
And I know the developers behind Obsidian have their reasons to close source it. Nothing against that. But since that's their way, it's not my way.