I was wondering what preventative steps everyone’s taking to prevent their locally hosted NextCloud instances from falling prey to attackers with physical access? While I certainly don’t trust Google, I imagine their security would at least be harder to break that my basement window with a crowbar.
My understanding so far:
NextCloud’s own E2EE would provide security against a physical attacker if it worked, but it doesn’t yet.
In the meantime, enabling full disk encryption using LUKS, is the best option as it would render the disk unreadable without a password following power loss when the plug is pulled.
Have I got a good understanding of things?
Thanks for any help guys.