full image - Repost: File management and security: Encryption, NFS, etc. (from Reddit.com, File management and security: Encryption, NFS, etc.)
Mining:
Exchanges:
Donations:
QuestionsHow do you handle server-side file storage? Is your data encrypted? Is it unencrypted and you limit the contents you put on here?How do you handle file and directory sharing with other systems? I'm using NFS quite happily, but if I enable server-side encryption, this immediately eliminates this as an option. ContextI have a Proxmox server at home. I have a few large HDDs in RAID, and this array is exposed to Nextcloud for data storage.I want to share a few directories on my network to other virtual machines. For example: My Nextcloud user has a directory called "Backups". I want to expose this directory to Home Assistant as a backup location for its backups.My Nextcloud user has a directory called "Media". I want to expose this directory to Jellyfin so it may use this as its library root.I have accomplished this in a relatively insecure manner.My Nextcloud server storage is unencrypted. If my Proxmox host or Nextcloud guest are the target of a successful attack where the attacker gains system-level access, my files would be exposed.I have configured NFS shares on my network for these directories.In Proxmox, I have an NFS share allowing Jellyfin to mount the Media directory as read-only.In Proxmox, I have an NFS share allowing Home Assistant to mount the Backups directory as read-write. When a backup is placed on the NFS directory, the Nextcloud cron job performs a file scan and detects the new backup files after a few minutes.My primary concern is with my data storage. I trust that Nextcloud is secure, but zero days do occur. If an attacker gained access to my files, they'd get access to my photo library and a variety of documents that would be a righteous pain to handle. There's enough PII (resumes, etc.) in my digital record keeping that would suck to be in the wrong hands.
Social Media Icons