This is exactly what I have been doing for a few years now (basically a file server.) While it was a great improvement, and remains functional, I am now also wanting to have a more seamless integration w/apps that aren’t as friendly to webdav.
Drive app for Mac helps that. For iOS I am experimenting now w/a blend of Resilio and Drive to see where that goes.
A desired outcome, though possibly unrealistic, would be to have a self-hosted iCloud where apps that are designed to ONLY work w/iCloud would work on said self hosted service.
The problem there is that the apps would then have to be designed to work with your self-hosted service.
Even with Amazon S3, there are a number of “S3-compatible” endpoints - but that doesn’t mean that software which uses S3 works with those other endpoints out of the box.
Out of curiosity, is Dropbox not an option here? I see it mentioned a number of times above, but I don’t think you’ve addressed reasons that you’re not using it.
I would think Dropbox support would be more common than WebDAV.
I believe this means you need cloud kit support. Dropbox is probably a better option as suggested as compared to synology drive etc.
I think you need to decide if you want your files on your synology and pick apps that work with that limitation or not. This isn’t a “roll your own iCloud” issue, this is you needing to decide if you want iCloud or another service.
For example I’d love Apple notes to save on synology, but it doesn’t work. I live with iCloud backend for convenience of notes, but personal financial documents etc I want on synology I need to use another program to access.
Dropbox is more common than WebDav but is cloud based - solution needs to self hosted. If Dropbox ever came out w/a self hosted option I’d be first in line.
Current Structure:
WebDav to SynologyNAS (primary data) with access point for LAN and separate for WAN.
Resilio Sync for files that get sync’d across to other devices on the network.
FileBrowserPro, iOS Files (Owl) used to access NAS content from iOS (local and remote.)
Every so often I would move and organize files from RS locations to NAS manually.
Drawbacks:
Working directly on NAS everything is immediate (no versioning etc.)
Apps designed for iCloud don’t play well…requires unique work arounds.
Overhead/duplication of effort for content that gets sync’d and then organized later.
Workflow is clunky if working on a file that needs to sync (edit, save out, swap etc.)
Reslio Sync requires to be in the foreground on iOS to sync (key friction point)
Need solution to be 100% self-hosted, and work like iCloud/Dropbox.
Currently working on an experiment that is a mix of Synology Drive and Resilio Sync.
On the Mac, the experiment is working working well (Synology Drive.) Everything mounts, calls a file on demand and I appreciate the separation from working directly on the raw files on the synology share (which was a recent workflow.)Only odd question atm is that it appears .zip files no aliases like everything else, so .zip files (which are large) might be (need to confirm) consuming space on the Mac drive, but shouldn’t be.
For iOS:
Resilio Sync on primary Mac syncs MacOS Synolgoy Drive share directory (from NAS.)
Resilio Sync on iPhone syncs to the other Macs, which essentially gives me on-demand access to the same content stored on the Synology. The odd bit here is that it would appear iOS Files app doesn’t display aliases, so anything using Files app natively won’t show the directories/files that aren’t downloaded. Resilio Sync, Drive, FBP all do however so can still get to the files.
The experiment is working a bit better than the straight webdav explained above yet seems a bit cluttered and clunky of a workflow and expect there is something simpler. Worth nothing that behind the scenes there are vpns and tailscale for remote access.
Again I think your problem has a solution, you need to decide if you want self hosted or if you want convenience (aka use Dropbox). There is no iCloud replacement as you want it. If you value self hosted then need to adjust what you’re trying to do.
Now that being said feel free to spin up nextcloud, OCIS, and Seafile and see if any of these might have better integration. If any of these work your probably going to be better off getting a N100 PC and running something like proxmox with synology mounted as NFS for storage to help with speed. Nextcloud is slowwwww on my synology.
It’s none of my business why you need a self hosted solution. There are others here that also choose to not use the cloud. But in reading this thread it appears you are trying to find solutions for problems that were solved years ago by moving to the cloud. Once everything was on a mainframe accessed by terminals. Then we went to servers and PCs and Macs opened, worked on, and saved files, that remained on a server. Now everything is going mobile and new solutions are required.
I used servers that could accessed when the main CPU was powered down. They had an a separate computer, on a card, inside the server that could remain online when the main server is down. I could access that remotely to bring everything online.
They walk off with it. They may never access the data, but they would have as much time as they wanted to try. Or they could just use the parts.
IMO, the solutions you seek, if they don’t exist today, are not likely to be created in the future because they have been solved by using companies like Apple, Dropbox, Google, and Microsoft, etc.
“I used servers that could accessed when the main CPU was powered down. They had an a separate computer, on a card, inside the server that could remain online when the main server is down. I could access that remotely to bring everything online.”
Currently this is a Synology NAS. If there is a reboot or share needs to be mounted, it is a journey to remount if remote (requires removing in to DSM (from another computer which that was removed in), manually mounting) - so having this option available in a Native iOS app scenario would be widely appreciated.
Thinking over the setup you shared…and am at an inflection point atm. I have a new Mini which is about 1/2 set up BUT I don’t want to go further if I’m going to wipe it all and split the drive into 2 halves.
Option 1:
Split the M4 Mini into two parts, keeping 1/2 w/o FileVault, and the other w/FileVault. Thinking through someone walking off w/it. What info would be exposed or available in this scenario … as I’m thinking wifi passwords, network credentials and the like. Presumable these would be under their own password management so would be safe (short of brute force over time.)
Years back, you needed to have auto-login set up for server to get back online after a reboot. If FileVault is disabled for the 1st half, can you still remote in after a reboot, or is auto-login still required?
Option 2:
Migrating from an older intel Mini. These aren’t worth much to resell so I could essentially keep this as system w/o FileVault. Put the M4 mini on a HomeKit outlet to turn on, which I would then be able to … nope… FileVault would still require someone there AT the machine to login. Hm
Thank you. Synology always stays up, or boots right up after power failure. What we are talking about would be the MacMini, and how FileVault and such work if the system needs to be rebooted remotely.
Best I know so far ~ if FileVault is on, then there is no way to log into the Mac remotely; someone needs to be physically present to enter credentials. So, question becomes splitting the drive w/two systems, one that would not have file vault activated.
I had mainly been using HP servers, and Compaqs before that, and had never dealt with anything like Dell’s iDRAC. It took me a while to understand that I had to start the initial setup with the server turned off. Fortunately I found a YouTube video that Sunday afternoon that set me straight.
I only log in remotely, so that works. The main security flaw I know of is that some services (like running Resilio Sync) requires being logged in. So someone with physical access, and as long as power is not removed, could attach a keyboard, mouse, display, and an external drive, and copy everything off to the external drive! Not your usual burglar’s tools, but you never know! If they just came in and grabbed the computer + drives they would not be able to get access to anything.
“If they just came in and grabbed the computer + drives they would not be able to get access to anything.”
If someone grabbed the mini and took off, in theory they could plug it in to their own display and get right in (to the open 1/2) right? Have you ever rebooted it remotely?
They still would not be able to log in. Also, on these modern Macs, the drives cannot be removed and viewed, so no access that way either. While the drives are network shared, they aren’t shared to everyone – again a password would be needed.
If they came in and grabbed the Mini and walked off, power would be removed. The data would be safe, because a login would be required.
The issue would be if they sat down at the Mini, while it was still at your home, while you were logged in, with an attached keyboard/monitor/etc.
That said, I run a Plex server, and it’s down UNTIL I log in, but then AFTER I log in the screen can be locked and it runs just fine. I would think Resilio would be in the same boat there, but can’t confirm.
I hadn’t thought about locking the screen. That would solve the problem of local access. I’ll go and do that right now! It does need to be logged in for Resilio and Plex. It’s a shame they can’t be set up as services, but that would probably make them security issues.
If you have a Synology then Synology Drive is the way to go IMO.
I have been using it for years on my iMac, MBP, iPhone, and my wife’s MBP and iPhone. It’s been seamless. I move from one device to another without even thinking about it.
Some say modern Macs (silicon M1 onward, or Intel T2+) make File Vault redundant, similar to points made in this thread, where the drive would be encrypted.
Others are stating the File Vault still needed for encryption of Silicon machines. W/O FV one can, for example, access the data using a second Mac and boot through Target
So both are needed to keep data secure.
One way to gain access, mind you it is a stretch, would be to install a KVM device that tells the FV Mac there is a keyboard and such connected. There are Pi versions (PiKVM) that are mini servers that let you access the keyboard remotely, to then enter credentials for the Mini while remote.
With the user’s password you can share the disk. Not without it. To get the data off the internal drive you’d need something significantly more advanced than a KVM or another Mac.
If they have your password, all of this discussion is moot anyway.
My opinion: FileVault2 (on Macs with the T2 chip or ARM processors) mainly provides protection against scenarios in which you no longer have custody of your Mac, or potentially malicious people have access to it:
Since no information on the data volume can be accessed without knowing the password of a user who can unlock it (as set in the FileVault settings), it protects you agains pre-authentication vulnerabilities in MacOS or the firmware. If you lose or give up custody of the Mac and a pre-auth vulnerability is found then your data is potentially accessible to the person who has your Mac.
Whether or not this is of concern to you is something that you have to decide for yourself.
