this is a very bad article. It talks about “zero trust” but then suggests you to use corporate software, the cloud, sketchy russian apps to monitor your traffic at home. Also, I am not spending 2 hours a day going through my logs, nor I want a VM/container with 8GB of ram wasting 40% of my GPU on grafana.

Great that you included your threat model, but you should have specified the type of services that you host/provide.

One thing i would look into is disabling any port that is not necessary (like 80 and 443) and disable ssh on the wider network.

Host a wireguard endpoint in the internal network that acts like a bastion and allows you to ssh-jump to any other host and VM on the network.

Wireguard is more secure than ssh, assuming sound crypto and hygiene for both, because you can’t probe a host from the outside and know if wireguard is running or not

I am not sure what you are talking about. None of the stuff OP talked about are related to containers. Also containers complicate networking a lot, so i would avoid them at all costs and use VMs

Totally agree. This reflects my experience encoding with both formats for releases.

At similar bitrate, av1 also performs much much worse on grain and it is slower to encode

For most stuff i release, x265 objectively (vmaf and other metrics) and subjectively looks better than av1, especially for grainy stuff and older anime. I have had success only with some action movies.

Opus on the other hand… it’s great

I mean… do the math and you can figure out by yourself that it’s a fair price but in no way some sort of very convebient situation for the users. A 20tb hard drive goes for about 450€ and then you can consider the advantages that they have buying hdd at scale.

No, I can assure you russian people use torrents

There is nothing to refute, 100% correct

First of all ignore the trends. Fuck docker, fuck nixos, fuck terraform or whatever tech stack gets shilled constantly.

Find a tech stack that is easy FOR YOU and settle on that. I haven’t changed technologies for 4 years now and feel like everything can fit in my head.

Second of all, look at the other people using commercial services and see how stressed they are. Google banned my account, youtube has ads all the time, the app for service X changed and it’s unusable and so on.

Nothing comes for free in terms of time and mental baggage

How is the 3ds archive so big? SWIM’s archive is a few tens of GB and it’s every title listed in various game dbs

In the past I used airsonic. It has the best support for different music files and good support for albums ripped as single track, like most classical releases.

The problem with airsonic and its protocol is the lack of good android clients.

If you need to listen through the phone for most of the time, go with jellyfin + finamp. Otherwise try airsonic + its web ui.

For music acquisition:

• torrent for the mainstream stuff
• niche trackers for niche stuff
• nicotine+/soulseek for everything
• bandcamp to support the artists

Why is it taking so much space in compressed form? I think text compresses very well so you should be able to save tons of space compared to db tables

I started because I wanted to get around censorship in my country. I also wanted to view stuff in the original language and here we dub everything.

The only good reply in the thread. Thanks for saying this

Can someone explain to me how this movie stand in the whole godzilla franchise?

Suppose I am a guy who only watched the original godzilla movies from 85

yeah, I would redownload all of those instead of transcoding. They are all available with very good encodes publicly

Are those your own blurays? Then share them before compressing.

Transcoding is hard. There is no way that your transcoding settings are going to be a one size fits all. I am currently encoding the famous iKaos Dragonball release and I did 48 samples before deciding what configuration to use.

You are better off downloading stuff from torrent, especially for newer media. You’ll find a community that put 100x your time collectively on transcoding. That will also save from your tremendous electricity costs.

Also look into vmaf for quality metrics. Consider that switching to uncompressed 1080 might bring you close to your goal with very very low effort.

Btw, can you share the title list?

It is unrealiatic, that in a stable software release there is suddenly, after you tested your backup a hard bug which prevents recovery.

How is unrealistic? Think of this:

• day 1: you backup your files, test the backup and everything is fine
• day 2: you store a new file that triggers a bug in the compression/encryption algorithm of whatever software you use, now backups are corrupted at least for this file Unless you test every backup you do, and consequently can’t backup fast enough, I don’t see how you can predict that future files and situations won’t trigger bugs in a software

Going unmaintained is a non issue, since you can still restore from your backup. It is not like a subscription or proprietary software which is no longer usable when you stop to pay for it or the company owning goes down.

Until they hit a hard bug or don’t support newer transport formats or scenarios. Also the community dries up eventually

As long as you understand that simply syncing files does not protect against accidental or malicious data loss like incremental backups do.

Can you show me a scenario? I don’t understand how incremental backups cover malicious data loss cases

how does this look safer for rsync? For me it looks like the risk for that is similar, but I might not know background of development for these.

Rsync is available out of the box in most linux distro and is used widely not only for backups, but a lot of other things, such as repository updates and transfers from file hosts. This means a lot more people are interested in it. Also the implementation, looking at the source code, is cleaner and easier to understand.

how do you deal with it when just a file changes?

I think you should consider that not all files are equal. Rsync for me is great because I end up with a bunch of disks that contain an exact copy of the files I have on my own server. Those files don’t change frequently, they are movies, pictures, songs and so on.

Other files such as code, configuration, files on my smartphone, etc… are backup up differently. I use git for most stuff that fits its model, syncthing for my temporary folders and my mobile phone.

Not every file can suit the same backup model. I trust that files that get corrupted or lost are in my weekly rsync backup. A configuration file I messed up two minutes ago is on git.

what other people are saying, is that you rsync over an encrypted file system or other type of storages. What are your backup targets? in my case I own the disks so I use LUKS partition -> ext4 -> mergerfs to end up with a single volume I can mount on a folder

nope, can you resend?

I am simple man s I use rsync.

Setup a mergerfs drive pool of about 60 TiB and rsync weekly.

Rsync seems daunting at first but then you realize how powerful and most importantly reliable it is.

It’s important that you try to restore your backups from time to time.

One of the main reasons why I avoid softwares such as Kopia or Borg or Restic or whatever is in fashion:

• they go unmantained
• they are not simple: so many of my frienda struggled restoring backups because you are not dealing with files anymore, but encrypted or compressed blobs
• rsync has an easy mental model and has extremely good defaults

could you link the article?

Can you give me more informations on Near and cyberbullying?

Fellow italian pirate here, using Gentoo for servers and laptop since 2014. Very interesting, thank you for sharing. Would love to have a chat someday

152 GB in my drives

qbit manage

that is an interesting advice. Regarding containers, they don’t fit my use case.

Your question is so generic that it is difficult to reply. I’ll tell you about my use case then so that you can try to figure out yours.

My goal is to be a respectful citizen. I divide my torrents in three categories:

• rare stuff: for example project 4k77 or the John Wick regrades or Rashomon
• italian stuff: it can be either popular stuff and also rare stuff; italian content is not seeded much so I need to do my part
• common/popular stuff: for example the barbie movie or every marvel stuff

I bought tons of space (recently converted to three drives, 20tb each) and use a virtual machine locked behind a vpn. Even if I forget to paid, the virtual machine is bind to the tunnel so that traffic doesn’t go out except for LAN, so no leaks.

The VM has two torrent client:

• qbittorrent: seed the torrents in the common / popular categories, speed capped to 1/3 of my bandwidth
• transmission (previously using rtorrent) for the other two categories

I tend to leave everything in transmission seeded forever, the stuff in qbittorrent seeded until 2.5 ratio or 4.0 depending on my mood.

At the moment I have 90.2 ration on transmission and many many many TB of uploaded stuff. That should be enough to feel like you are giving back

interesting. This could all be solved if gatekeeper doesn’t allow port redirection on 80 unless explicitly configured by the administrator, right?

thank you for the reply. All the stuff you wrote makes sense.

But even if I obtain a LetsEncrypt cert, any LAN device can do the same thing, so the whole TLS can still be MITM-ed.

can you elaborate?

Very interesting project, thanks for sharing and working on this. I am actually one of your target user, where I have enough knowledge to implement my own router, at the moment running on gentoo.

I would like to use this but it lacks port forwarding and a firewall, that is a must. I’ll try it out nevertheless. I’m quite impressed by the stylish HTML graphics, and I appreciate your departure from the typical “modern” gray corporate Bootstrap UI design. It’s really, really cool.

One question. how do you envision exposing this service to the internet? I quite despise rust but I wonder if the use of a memory safe language would help with the inevitable bugs, especially if you put even more features into gatekeeper.

you are literally just posting buzzwords. You can be lean with mysql, you can write bloaty programs with rust. I would argue most rust webservices are shittier than java ones

I don’t since I live in a third world country. Can seed at 1Gbps with no warnings whatsoever, 20€ monthly

I read

I don’t since I don’t live in a third world country.

Give your country more credit if you have a 1Gbps connection and it doesn’t enforce draconian idiotic laws. Just out of curiosity, can you name the country?

Back to the point of money and piracy, like I said, one “pays” for media in one way or another.

While I agree with you on everything this point is not 100% true. I am paying thousand of $CURRENCY on disks and other hardware every few years but I feel that for every side of the coin, there is a minimum situation (let’s call it a floor situation) on which less privileged people may find themselves.

For example if you are a bachelor already struggling to pay to be in college or a child that has only access to their parent’s computer, piracy is literally free and you can reach to it without paying anything on top of what you have already. On the other hand, netflix is always $CURRENT_PRICE regardless of your situation.

Btw, thank you for making articulate posts. This is why I am on lemmy.

Fantastic Four Batgirl (I can dream 😂)

can you explain more?

saw this yesterday with my relevant other. Very enjoyable even if a crop. The movie is dogshit though

My point: if you’re getting started selfhosting you have to embrace and accept the self-inflicted punishment. Good luck everybody, I don’t know if I can keep choosing to get disappointed.

I would say that your self inflicted punishment is using windows. Switch to debian and thank me in six months

I am using vikunja for the same thing