First of all sorry for the late answer. Been a pretty hectic last few weeks.
So, I have an self-hosted Nextcloud instance at home, and one that I store all my files I want to have in my “personal” cloud. However, this is the first time I ever self-host something so I’m worried about it breaking or me messing something up. For that reason I use Duplicati to once a week to take all the files on my NextCloud instance and make a backup on two external hard-drives, encrypted.
My worry was that the “duplicati” database (that has my encryption password and such), is somehow stored on my NextCloud server. So if someone manages to hack my local server, they would also be able to grab all the duplicati passwords and such. However, as it sounds like, that file is stored on my PC and not on the server by default. That is just what I wanted to make sure. So that if someone manages to access the server, they also get passwords I don’t want them to get.
(I know if someone manages to hack my NextCloud server they would still have access to my data, but I was more thinking in the case of them stealing a hard-drive and then somehow getting hold of my Duplicati database with the password for my encryption. Super far-fetched, but I just wanted to understand that part. )