kinda the same reason people suggest something like linux mint over slackware, gentoo, arch, etc… mint is easy to install and is preconfigured to be an easy to use user desktop environment. you can configure any other option to be have like that, but they tend to be a bit more “DIY”, which is great if you know what you’re doing!

dedicated NAS OSes will have good software out of the box that make it easy to configure and manage various common disk-related configurations (RAID, SMB, NFS, etc). you can certainly do all this yourself, but it might not have a pretty, unified user interface, or you might have to deal with software that isn’t compatible with some version of a library that’s in your distro of choice… all resolvable things, but they take time to solve: anywhere from installing a package manually to applying a kernel patch and recompiling the kernel to get something to work

i’d avoid BIOS-based RAID… it doesn’t really offer many benefits over linux-based raid like MDADM, and MDADM offers a LOT of up-sides for portability, repairability, diagnostics, etc

add tailscale and you’re golden

as a linux professional, congrats you’re a junior and have a lot to learn about the world

yeah stupid people like most tech workers who just need their tech to work as expected rather than be “customisable”

there’s value in the “just works” when not working costs you hundreds of $ per hour that it doesn’t work

$2000 for a phone is nothing when it’s a professional device

i’m sure they learned plenty of things about the old game engine they built

and now they have a new one… which was the whole point

i’m just gonna quote a couple of sections from the conclusion of the survey here that actual statisticians wrote after analysing their own data:

When having children is viewed as hampering the pursuit of one’s career, self-development, or financial goals, as a capstone to be achieved once these other goals have been reached, women’s wishes for children, or for the number of children they consider ideal, may be deferred to the point of permanence.

… only women with considerable financial resources at their disposal feel confident about pursuing larger families. As a result, and perhaps uniquely among industrialized societies, Canadian fertility outcomes and intentions are highest among the wealthiest women.

research should also focus on more tractable issues such as housing costs or family policy, including child care

$1200/mo for literally everyone else in this discussion seems entirely what we expected

yeah and it’s possible to live on $15 of food per day without internet, electricity, a car

… but we don’t, because it’s not comfortable

like you’re literally saying that if you think raising kids is too much of a financial burden maybe you haven’t considered giving up everything in your life to pay for one

how about no… my bar for having kids (actually i never want kids for so many reasons, but if i did) is not just survival

the amount that any government pays you when you have a child is a pittance compared to the cost of having a child… especially if you want to do more than simply scrape by and have like… christmas, birthdays…

adopt new rules? they don’t even follow the ones they’ve got already!

HTTPS is heavy when you’re talking about the extreme low power, bandwidth, and compute devices matter is intending to support

its also not a broadcast protocol - matter intends to connect many devices to many devices

those are off the top of my head; i’m sure there are more. HTTP is great, but new/alternate network protocols aren’t inherently bad: especially when you’re operating in a very constrained/niche environment

kinda different there though… it’s trivial to add whatever data you like to images etc (and that’s without even resorting to steganography), but that data is only accessible with an application. i believe the question was intended as whether you could get a virus from downloading/playing media files… the content of that “hidden data” isn’t executable, so whilst it’s reasonable to say it’s possible to transport a virus via hidden data in media, it’s not reasonable to say that you can “get” a virus using that same method alone

you’re missing the fact that google chat and XMPP is a totally different situation… they used an open protocol; they didn’t open their backend

sure, but an open source UI isn’t going to change that… they’d just close the source!

sure you can fork it, but you can also just copy the UI to an open source clone

imagine if twitter were activitypub: kinda like having an OSS backend with a proprietary front end… i’d bet the move to mastodon would be far quicker… network effects keep people on twitter… same here with OSS backend: we can reimplement the UI and people will have the same experience

yeah… pragmatism beats purity every time: they’re doing some great work, but to do that great work they have to fund it somehow… i think that open sourcing all of the functional components (the bridges) and keeping the shiny UI closed is a pretty good way of doing that!

i guess i get not wanting to used closed source clients too, but it’s shades of grey: people shouldn’t hate on them for keeping 1 part closed source!

so i just did a quick search and apparently

Starting with Gitea 1.19, Gitea Actions are available as a built-in CI/CD solution.

*edited:

also they support being a package repo, including container registry

their clients are proprietary but it’s built on matrix (federated chat kinda like xmpp) and their bridges (things that connect matrix to other protocols) are open source

they say you can use any matrix client, and that you can host your own home server with their bridges

it is matrix yes! and they’re contributing back to the upstream bridges

from their website:

Remember this XKCD comic? That’s why we built Beeper on the open source chat protocol Matrix. Unlike other chat networks, there is no lock-in. You’re free to use open source Matrix clients to connect to Beeper, or download your data and move to a different Matrix server and continue chatting with your friends on Beeper.

Beeper contributes back to the Matrix community. All of our Matrix bridges are open source on our Github. Don’t want to pay for Beeper? Self-host your own instance for free.

not related to backup solution, but this is a great time to get some home monitoring sorted! put prometheus on it, run prometheus at home too, and have them monitor each other… great way to know why/when things aren’t working in general, but adds another level of confidence that your data are nice and safe

it did not; that’s correct! and i’m unable to list the conflicts that were prevented because of it, because, well, they were prevented

global stability doesn’t mean world peace

hey i never said it was “fair”, but the US does benefit significantly more from global stability than anywhere else… its not like they do it for selfless reasons

sooooo yes you’re not wrong, but i’d argue (as not an american mind you) that also it’s a little more complicated than just national defence

overseas military bases aren’t just for intimidating other countries into doing what the US wants: they also contribute significantly to global stability… having THE world super power kinda everywhere means it’s probably much less likely that some random country is going to start shit… sure, the US gets to pick and choose to benefit itself, but it certainly contributes

and that’s not just good for the world: AS the worlds leading superpower, the US benefits enormously from global stability: from cheap trade, financing, more global budget being spent on STEM/R&D (which because of trade and financing the US almost always capitalises on somehow!)

so what you ideally want is people to ONLY be able to access your backend service through caddy, so caddy should be the only one with ports publicly accessible, yes

caddy running in the same docker network as your services can talk to those services on their original ports; they don’t need to even be mapped to the host! in this case, you have 3 containers: caddy, service 1, service 2… caddy is the only one that needs to have ports forwarded and you can just forward caddy:443 and no need to worry! then caddy can talk directly to services:80 or services:443 (docker containers show up to other docker containers by their container name! so if you run eg: docker run … —name lemmy, then caddy in the same docker network would be able to connect to http://lemmy:80!)

… but if you forward say service 1 and 2 on :8443 and :9443 (without firewall, and even with it makes me uncomfortable - that’s 1 step away from a subtle security problem), someone could be able to access <yourserver>:8443, right? so they don’t have to go through caddy to get to the backend service… for some services, that can be a big deal in ways that it’s difficult to understand, so it’s best to just not allow it if possible

an alternative is to make sure your services are firewalled so that nobody from the internet can hit them, but caddy still can… but i like this less, because it’s less explicit what’s happening so it’s easier to forget about

i think it’d be possible, but probably more about sponsor ads entirely rather than youtube ad revenue… i believe that’s the way most youtubers make the majority of their money anyway - ads from youtube are worth peanuts

it became clear to me that the main discovery page on youtube would never be of any use to me when it suggested a video entitled “Andrew Tate Tucker Carlson Interview” by the channel “Gentleman Masterclass” and i almost projectile vomited all over my keyboard

if you’re only going to be using those services through the proxy, it can also be a useful security upgrade to not forward their ports at all, and run caddy inside docker to connect to them directly!

if you forward the ports (without firewalling them), people can connect to them directly which can be a security risk (for example, many services require a proxy to add the x-forwarded-for header to show which IP address originally made the request… if users can access the service directly, they can add this header themselves and make it appear as though they came from anywhere! even 127.0.0.1, which can sometimes bypass things like admin authentication)

useful thing to remember about these systems: you fuck up and it’s a high likelihood literally nobody at the company can do any work because all their files are inaccessible

that’s like… $10000/hr in lost man hours alone, let alone reputation from not being able to respond to customers accurately, possibly missed SLAs or other contract obligations

unless your company is all about tech, it’s highly unlikely your IT team has the skills necessary to take on that level of responsibility

i think that the idea of actions (actions the concept not actions the product) is a really good way of building CI pipelines…

we all know that shell scripts are rubbish, so building your CI pipeline out in composable steps written in a proper language is much more robust

having those steps maintained by the open source community inside a marketplace is also excellent! you don’t need to manage things like setting up AWS variables, managing refresh tokens, etc: you can use an action just by referencing it, easier than you’d install a package… and those actions can use well-maintained open source libraries to do their jobs

there’s a whole lot more, but all the reasons basically revolve around the fact that the composable units written in a modern language shared with everyone is so, so much better than chaining bash scripts together: even if they can be run inside containers (which GHA can do too)

(also, i’ve found github actions much faster than gitlab ci… not comparing runner speed because obviously that’s highly dependent on what you host it in; just time to pick up jobs and time to start the agent)

i think quite the opposite… gitlab ci is very last-gen: github actions is where everyone in ci will be headed from now on!

large models are actually really expensive to run: either run it yourself, or put up with the fact that someone’s not going to pay a lot for people to just use because reasons?