Max-P

That kind of makes sense? Aren’t the labs when they’re A/B testing or benchmarking new features before general release and toggle random people’s settings doing so? I vaguely recall some drama around that.

If I turn off telemetry I want those off too, it makes sense they’re linked. It you want a new feature there’s always nightly+about:config, but I don’t want it downloading random config toggles especially if it’s not reporting back that it broke my stuff. The code should be what I installed, not some random lab blob downloaded off their servers at runtime.

It was made back when Facebook had that old style UI, in 2010. And then interest in Facebook’s format kinda died, and so did the interest in the project.

What do you want the UI for? For configuration it’s usually meh because it’s the kind of thing you configure by config file, often generated config files even. For stats it’s where it gets interesting, usually third-party options like Grafana is used along with something like Prometheus to collect the metrics.

When it comes to easy configuration, newer options go for the zero configuration angle rather than a nice UI to configure it. Just need some Docker tags and Traefik automagically configures itself, so the UI is just for viewing information.

I don’t remember the exact details but it didn’t work right. That was arguably a couple years ago on a server distro approaching EOL, may have been long fixed. It involved Android 4.4.

Few of them for most use cases, especially a VPS. My server have a couple of IPs each mapping to a different VM, they can all claim 22/80/443 as you’d expect, but that’s just basically the same as having a bunch of VPSes anyway.

It’s useful for some other uses like, I might want to dedicate an IP for VPN exit that doesn’t expose any services.

Another use is sometimes you just want two things to stay entirely separate, even if on a technical level it could work with a reverse proxy. It can eliminate some class of exploits like request smuggling.

One use case I’ve had for a customer is they have a system that can only do TLSv1.0, which is wildly obsolete and exploitable. So that particular API endpoint was served from a secondary IP, that way I can continue to enforce TLSv1.2+ on the primary IP. It’s possible with some reverse proxy magic with HAproxy, but I could also just make a new server block in the existing NGINX bound to that IP and call it a day.

The performance is a good point. You can do the striped mirror with ZFS too and still get the advantages of ZFS.

I think you can do all of that through the Proxmox UI, but it shouldn’t be too hard to do on the CLI either. You just make two mirror sets and you’re good to go. ZFS should automatically distribute the load across the two mirrors.

I’d probably do RAID-Z with ZFS rather than RAID10, better space utilization and better error correction. Should be able to easily set that up in the Proxmox web UI.

Everything else sounds good. Don’t worry too much about it, you will find things you wish you did differently regardless, that’s part of the learning experience.

I think P2P has stood the test of time. Torrents scale extremely well, any large scale video would have so many peers the server wouldn’t have to participate at all. These days most torrents easily saturate my gigabit connection no problem with just a handful of peers. Torrents tends to spread like wildfire.

The main issue would be storage space, but I think a lot of YouTubers would be perfectly okay with spending $5-10 a month to pay for the storage costs with all the benefits you get from not being tied to YouTube’s ToS and policies. It’s a drop in the bucket compared to the earnings from sponsor spots.

want someone to prove his LLM can be as insightful and accurate as paid one.

The full DeepSeek model is available for download, and should generate about the same quality answers as the official one, with the bonus of less censorship. I pretty trivially got it to talk about the Tiananmen Square, and they can’t even ban me for it.

That said, that’s rarely the point. It’s usually because you can, a cost saving measure, sometimes you plainly just don’t need a good model, sometimes you want privacy, sometimes you need privacy at the cost of quality.

If your business is shoving customer reviews into a model, you really don’t need the best model for it to tell you how angry the customer is.

Personally I just do it for fun and because I can. Sometimes you just do things for no other reason than because you can.

You can’t really easily locate where the last version of the file is located on an append-only media without writing the index in a footer somewhere, and even then if you’re trying to pull an older version you’d still need to traverse the whole media.

That said, you use ZFS, so you can literally just zfs send it. ZFS will already know everything that needs to be known, so it’ll be a perfect incremental. But you’d definitely need to restore the entire dataset to pull anything out of it, reapply every incremental one by one, and if just one is unreadable the whole pool is unrecoverable, but so would the tar incrementals. But it’ll be as perfect and efficient as possible, as ZFS knows the exact change set it needs to bundle up. It’s unidirectional, so that’s why you can just zfs send into a file and burn it to a CD.

Since ZFS can easily tell you the difference between two snapshots, it also wouldn’t be too hard to make a Python script that writes the full new version of changed files and catalogs what file and what version is on which disc, for a more random access pattern.

But really for Blurays I think I’d just do it the old fashioned way and classify it to fit on a disc and label it with what’s on it, and if I update it make a v2 of it on the next disc.

Both use Linux under the hood. You can even install LineageOS on some TVs.

The only reason AndroidTV is bullshit is the manufacturers because casual users want shit like Netflix and Prime preinstalled. Google TV in particular comes with a lot of crap and the ads, which believe it or not some users take as a feature.

But that’s not inherent to Android TV as an OS, it’s exactly like Android phones and manufacturers preloading a bunch of crap to make an extra buck. If your run AOSP you get none of that crap, and it’s fully open-source.

Even on Reddit there’s been undeleters and archives since basically forever.

Even for regular websites, there’s always the Internet Archive.

It’s hardly a new problem: you always assumed the Internet was forever.

Yeah, that’s enough to not have it exposed directly. I understand why they did it that way but very good to know, thanks!

I keep hearing claims that it’s not secure enough to be exposed on the Internet, but I can’t seem to find anything about unauthenticated vulnerabilities. It’s got a fair amount of CVEs but they all seem to affect when you’re an already authenticated user, mainly to XSS an admin as a regular user or the likes.

It’s written in C#, and publicly all you can do is pretty much attempt to log in, this feels like it should be pretty sane compared to some other PHP crap I run.

Do you have any examples of previous exploits or anything else to be concerned about?

deleted by creator

I think it counts. You always have the option of taking your data with you and go elsewhere which is one of the main points of self-hosting, being in control of your data. If they jack up the prices or whatever, you just pack up, you never have to pay or else.

Also hosting an email server at home would be an absolute nightmare, took me 10+ years to get that IP rep and I’m holding on to it as long as I can.

I have a mix of it: private services run at home, public ones run on a bare metal server I rent. I still get the full benefits of having my own NextCloud and all. Ultimately even at home, I’d still be renting an Internet connection, unless you have a local only server.

Yeah but you can still add third-party repos if you don’t like the official ones, like the FUTO repository.

The F-Droid app and the F-Droid repository are two different things and don’t have to be used together. So if you don’t want to submit your app to F-Droid for them to build and sign, you can use a third party repository without needing a whole new app.

It’s still not federated, but it is distributed which makes more sense for an app store.

Why does everyone tries to shoehorn the fediverse into everything? I swear it’s becoming the new bitcoin.

F-Droid supports additional custom repos. Anyone can already host their own custom repo with their apps on it. Failing that, you can still sideload APKs fron your web browser.

Only the reviews part of it could use being federated.

Could such a platform serve as a foundation if the Fediverse community ever developed its own federated operating systems?

How would a federated operating system even work? What is it gonna federate and where, and for what purposes?

Is it directly exposed over the Internet? If you only port forward the VPN on your router, I wouldn’t worry about it unless you’re worried about someone else already on your LAN.

And even then, it’s really more like an extra layer of security against accidentally running something exposed publicly that you didn’t intend to, or maybe you want some services to only be accessible via a particular private interface. You don’t need a firewall if you have nothing to filter in the first place.

A machine without a firewall that doesn’t have any open port behave practically the same from a security standpoint: nothing’s gonna happen. The only difference is the port showing as closed vs filtered in nmap, and the server refusing to send any response not even a rejection, but that’s it.

As for bandwidth and server costs, with gigabit fiber and faster getting more and more common, a lot of “just starting” streamers could comfortably support 100 viewers at 10 Mbps quality straight off their home Internet. Fewer viewers? Stream in full 4K 120Hz at 50 Mbps do your friends if you want.

PeerTube has the advantage of WebTorrent, so an average channel doesn’t have to cost too much in hosting fees. Plus it’s all legal content you own so those are fully legal torrents. It’s also good for ISPs because they might have to transport that video just a few blocks across instead of all the way to the closest Google/AWS/Cloudflare datacenter and back.

I get 500 Mbps unmetered on this $40/mo server, I think it could comfortably handle a couple thousand subscribers before I’d have to scale up, possibly a lot more with a healthy pool of WebTorrent viewers.