- From what I have seen in the previous discussions here (since and before Minio debacle) and at work, Garage is a solid replacement.
- I agree with the second part in terms of differentiation you mentioned.
That plus the ability to provide customized solutions that stitch together data extraction and business logics such as reconciliations for vendor payments or sales.
I think both these reasons are what's keeping all the OCR based companies going.
My only advice would be to figure out more USPs before native models eat your lunch. Like Nanonets has its own native OCR model.
Congrats on the launch.
- AI models will eventually do this natively. This is one of the ways for models to continue to get better, by doing better OCR and by doing better context extraction.
I am already seeing this trend in the recent releases of the native models (such as Opus 4.5, Gemini 3, and especially Gemini 3 flash).
It's only going to get better from here.
Another thing to note is, there are over 5 startups right now in YC portfolio doing the same thing and going after a similar/overlapping target market if I remember correctly.
- I have a similar setup but with following additional security configurations:
- Hetzner firewall (because ufw doesn't work well with docker) to only allow public access to 443.
- Self-hosted OpenVPN to access all private ports. I also self-host an additional Wireguard instance as a backup VPN.
- Cloudflare Access to protect `*.coolifydomain.com` by default. This would have helped protect the OP's Umami setup since only the OP can access the Umami dashboard. Bypass rules can be created in Cloudflare Access to allow access to other systems that need access using IP or domain.
- Cloudflare Access rules to only allow access to internal admin path such as /wp-admin/ through my VPN IP (or via email OTP to specified email ids).
- Traefik labels on docker-compose files in Coolify to add basic auth to internal services which can't be behind Cloudflare Access such as self-hosted Prefect. This would have also added a login screen before an attacker would see Umami's app.
- I host frontends only on Vercel or Cloudflare workers and host the backend API on the Coolify server. Both of these are confirmed to never have been affected, due to decoupling of application routing.
- Finally a bash cron script running on server every 5 minutes that monitors the resources and sends me an alert via Pushover when the usages are above the defined thresholds. We need monitoring and alert as well, security measures alone are not enough.
Even with all these steps, there will always be edge cases. That's the caveat of self-hosting but at the same time it's very liberating.
- Now it makes sense. I was puzzled about why it was working on the phone browser and not on my system. I'm logged into HN on my system.
- After their last rug pull when they started charging projects for registry after parading it as a fully free service for almost a decade, it has become hard to trust anything free.
Bait and switch once the adoption happens has become way too common in the industry.
- You can't pay and get it even if you want.
There is no paid business plan that supports this. You have to be millions of dollars worth of enterprise on their enterprise plan to get it through your dedicated account manager.
- It’s 2025 and choosing a region for your resources is still an enterprise feature on cloudflare.
In contrast, AWS provides this as the base thing, you choose where your services run. In a world where you can’t do anything without 100s of compliance and a lot of compliances require geolocation based access control or data retention, this is absurd.
- Hey there, not sure if someone has mentioned this in the past but the questions on the application form seems to be excessive and unnecessary. I dropped off after 3 questions.
- As a happy user of coolify, what’s the difference between these two?
Even coolify lets you add as many machines as you want and then manage docker containers in all machines from one coolify installation.
- Location: Barcelona, Spain
Remote: Yes (US/EU timezone)
Willing to relocate: No
Technologies: Python, Golang, React, DevOps, Kubernetes, Security
Resume/CV: https://vikashbajaj.com/resume.pdf
Email: contact+hn@vikashbajaj.com
-----------------------------------------
Details:
- 11+ years full-stack development, DevOps, and security experience with a Masters in Computer Science from the US.
- Built a cross border Neo-bank (fintech) and a global e-com platform in the recent years.
- Looking for full-time senior IC or leadership roles. Comfortable owning end-to-end product development and building teams from scratch.
- I self-host 15+ apps on bare-metal/VPS using docker cluster (password management, VPN, AI orchestration, analytics, web apps etc.).
- Extensive experience with AWS, Kubernetes, Docker, Terraform, Ansible, Jenkins, CI/CD.
- Why do you need native ChatGPT Frontend specifically?
There are apps that provide similar Frontend and use api keys from ChatGPT and Gemini and others to provide all models under one web interface.
- Check out open web UI, it’s self hostable web app that can connect to different providers and models.
- You get access to similar UI like ChatGPT and you connect the models you want to use by providing API key.
Once configured you can choose between models of all providers you have connected in dropdown in chat.
- Open Web UI already provides this as a self hosted web solution.
One good feature I like is ability to generate multiple responses from different models and merge it using one default model.
- https://kumu.io
This is a popular and an old platform to make network graphs
- This is a known thing since quite some time and the only solution is to use separate domain. This problem has existed for so long that at this point we as users adapt to it rather than still expecting Google to fix this.
From their perspective, a few false positives over the total number of actual malicious websites blocked is fractional.
> After bringing features of Supermaven to Cursor Tab, we now recommend any existing VS Code users to migrate to Cursor.
Supermaven was acquired by Cursor and sunset after 1 year.