So I am for the most part a lurker and a hobbyist. I’ve always been a bit of a techie, but over time decided I wanted to be more anti-consumption and such.
I started out with by doing my own calendar. I have a desktop that has my nextcloud and use it to sync my gnome calendar with fossify (with davx5). This was rather straight forward and gave me a nice confidence boost. This is mostly done on my local network, tho I am thinking of reading more into tailscale and getting a domain. The next move I did was to bring my todo list over. This was a bit tricky as many apps don’t have a setting to support repeat todos and crossing one off might just remove the item entirely and kill the resets that another app set up. At one point I found the app super productivity. This app is basically perfect. Only downsides is that it is a bit more strict (particularly on the mobile app) about an ssl cert. There is an option to have the app sync with a local file. I thought I could be clever and just have nextcloud do the syncing and let the apps think they are working only off the local on their respective device. Alas there was a snag here. For some reason nextcloud will write the files with read only permission on the laptop, so I cannot add or cross off items. Then I remembered using some apps around a decade ago that worked off a todo.txt file. I figured maybe I could find some mobile and desktop apps and recycle the idea of letting nextcloud manage two way sync of a file and letting apps interact with it as if it were local. It seems like I have some winners here with sleek on desktop and ntodo.txt on mobile.
Just my humble story of selfhosting so I don’t feel like a poser when listening to podcasts or lurking.
Cheers to your journey so far, and to your continued success!
You can absolutely do free SSL certs with Let’s Encrypt without exposing your infrastructure to the internet. Just use DNS based validation instead of HTTP, copy the required TXT records to your domain as instructed, wait for any cache/TTL of any old records to expire (generally 1-2 hours by default), and finally complete the validation.
You’ll need to renew the certs every 3 months, which could be annoying if done manually. If your Registrar has a decent API, writing a script could be a fun automation project. Alternatively I can also send you scripts that I used to use for that purpose.
Whoa thanks for that nugget of knowledge. Sounds like something I was searching but didn’t run into.
Happy to help!
You can find a bit more information at the URL below, and feel free to message me if you run into any issues getting it set up.
https://letsencrypt.org/docs/challenge-types/#dns-01-challenge
Will do ☺️
If you’re looking for a different approach, I moved from Nextcloud to Radicale for my family calendars, which includes ToDo functionality.
From an app point, for Android I’m using Fossify Calendar (which I think you’re using?) and Tasks.Org ToDo - and this definitely handles recurring tasks (inc. with different types of schedules)
From a remote access point of view, I have HA Proxy to convert the internal HTTP traffic into external HTTPS traffic (with Lets Encrypt certificate)
(Yes, I also have a VPN for other things… just focusing here for the calendar / todo)
I am using Fossify Calendar and ntodotxt on Android (GrapheneOS), and Gnome Calendar and Sleek on my laptop.
So for context in the discussion: I started with jtx board on mobile and using thunderbird todo. At some point I decided to try out Errands. When i crossed off items in it the item would be marked as done and any repeat settings were cleared. That was a bit annoying, so i decided to search for some apps that will play nice on both laptop and mobile. I then found Super Productivity. On paper i like this one way more and the time tracking is a nice extra. The issue is that either I either use its caldav sync stuff, but then mobile asks for an ssl cert. It does have a sync with file setting, but then for some reason nextcloud write the file as read only on my laptop.
I do want to set myself up with a reverse proxy so that I can tie the server at home with my domain, get an ssl cert and go back to Super Productivity. At this point I am enjoying selfhosting and want to expand my stuff a bit more, so the extra effort will be needed at this point. Keeping things local was more for a test bed before I have to be serious about locking stuff down and what not.
Pangolin has been really cool for a few days!
Thanks for sharing!
:) its good to engage with the community
FYI super productivity can sync via webdav, and nextcloud has a webdav server.
I did try that, but the mobile app is more strict about an ssl cert and I am only doing local stuff right now. Tho I am planing to hook my server to a domain eventually.
Try the web app (PWA). I don’t remember it complaining about http localhost.
I’d also raise that as an issue with the developer. No self host-able app should enforce https. Only warn/notify. There are numerous situations where http is a perfectly fine, permanent solution (LAN/VPN).
So I realize the following does not directly apply in this specific case, since we are talking about a full android app. But in general, there are strictly technical limitations which absolutely requires you to use https. This for example applies to PWA’s, and it also applies to apps which are WebView-based.
Basically the w3c is disagreeing with you; there are several important javascript features which are forcefully disabled if you are not connecting over https. This is a decision made by the webbrowser itself, and not something you or the dev can disable or otherwise avoid.
For example, it is impossible to use the browser’s built-in api for getting the sha512 hash of a file, which is why i had to go through great pains to do that in other suboptimal ways in one selfhosted service i made. Most devs rightfully wouldn’t bother, since those restrictions are arbitrary and effectively pointless, as there are (usually painful) workarounds.
List of features which require https: https://developer.mozilla.org/en-US/docs/Web/Security/Secure_Contexts/features_restricted_to_secure_contexts
Other people were talking about it with the dev on github.
