This is not correct as pass uses GPG, and you can do symmetric encryption with it, it is just a different parameter in the command.
You can use a different password per file, or the same one
This is not correct as pass uses GPG, and you can do symmetric encryption with it, it is just a different parameter in the command.
You can use a different password per file, or the same one
I use qtpass as a GUI for pass
Can I use it fully offline?
Yes, it is fully offline, you can back it up by any mean you could any other file, and it should be fine as the files are encrypted (should store the keys separated), can be a USB, an external drive, another computer in your LAN, a git repo, nextcloud, syncthing.
How do I back it up to USB drive?
You copy and paste the files
What does the day-to-day operation of Pass compared to Keepass look like?
As I said I use qtpass as a GUI so, open qtpass, search for the specific password file, double click, put the password for my gpg key and then the password I need is stored in clipboard for 30sec (this is customizable or can be disabled) and I paste it where I need it.
If I need to store a new password, just use the add password button, and input the data, it is that simple.
I’m going to mention Ansible
as I haven’t seen it mentioned, and it can be used to locally manage a reproducible build.
It has already been mentioned, but as a minimum to replicate your system you need two things:
/home
directory as there is where the majority of the configuration files of your system pertaining the software you use (there could be configs you could need on /etc
and on /usr/local
or other dir), that is why it is recommended to partition your disk on installation of your distro, so the /home
directory is already separated, as if you reinstall in the same machine you don’t lose any configuration in addition to your personal documents/pictures/etcThe truth is that using any of the tools in the second point requires learning a bunch, so if your skill level is still not there, there is some work to do to get there.
Old laptop, Debian with docker running nextcloud, navidrome, jellyfin, gitea, librespeed, wireguard, dnsmasq, and nginx as a reverse proxy.
If you are not behind a CGNAT, it should be as easy as opening the necessary ports.
I have a reverse proxy running in ports 80, 443 and can safely access Jellyfin on a subdomain without issues from outside my LAN.
What would you recommend that is not NixOS or a Bash script and can be used agnostic of distro?