In the table below, we compare Nirvati with Umbrel, another popular self-hosted server operating system. While both projects share similar goals, we believe Nirvati offers several advantages in terms of privacy, security, and user control.
| Umbrel | Nirvati | |
|---|---|---|
| License | Source viewable | Open source |
| Terms of service restricting your use | Yes | No |
| HTTPS | No | Yes |
| Multi-server support | No | Partial |
| App permission system & app isolation | No | Yes |
| Multi-user support | No | Yes |
| Integrated backup feature | Yes | No |
| VPN for remote access | Via app store | Yes |
| Storage limits for apps | No | Yes |
| Passkey support | No | Yes |
| Two-factor-authentication with time-based codes | Insecure implementation* | No |
| Third-party App stores | Yes, in a separate view with certain restrictions | Yes, fully integrated into the system's main app store |
* Umbrel's implementation at the date of writing this checks the two-factor authentication code separately from the password. This means that if an attacker gets the password or wants to brute force it, they can verify it easily separate of the TOTP code, and then easily brute force the TOTP separately. Any secure authentication system only logs you in if password AND TOTP are correct, without revealing which of them was wrong.