I have had a NextCloud up & running for a few weeks thus far and haven’t had any problems. The reason I can’t just connect to it via vpn is that I want to share links of files with other people. I always keep the system up to date and I think I configured nginx correctly. I have blocked all requests to ports other than 80 and 443, but the firewall is still not the best right now: someone can send many requests in a short timeframe. I have also used tools like pentest-tools.com and some others, but those say that there are no major vulnerabilities. I also keep track of logs with a tool called logwatch. Any tips and tricks or resources (articles, videos, etc) would be much appreciated. Or maybe you want to know more about my setup. I know that NextCloud can be really secure if everything is done right!
Is there anything Swag covers that NPM + Fail2Ban behind Cloudflare doesn’t?
From a cursory look, as I don’t know NPM, Swag doesn’t require a database itself as all config is file based, and doesn’t have any user management. Both seem to be nginx based with Fail2Ban installed, there’s probably some other differences.
What I like about Swag is that with my config checked into a git repo and an act runner set up, I can reconfigure swag on the fly, with a rollback, as it’s just a case of pushing an update to the repo and letting the runner pull changes and restart the container. It works very well for how I want things set up.