Removed by mod

More drives is always better. But you need to understand how you are making it better.

https://en.wikipedia.org/wiki/Standard_RAID_levels is a good breakdown of the different RAID levels. Those are slightly different depending on if you are doing “real”/hardware RAID or software raid (e.g. ZFS) but the principle holds true and the rest is just googling the translation (for example, Unraid is effectively RAID4 with some extra magic to better support mismatched drive sizes)

That actually IS an important thing to understand early on. Because, depending on the RAID model you use, it might not be as easy as adding another drive. Have three 8 TB and want to add a 10? That last 2 TB won’t be used until EVERY drive has at least 10 TB. There are ways to set this up in ZFS and Ceph and the like but it can be a headache.

And the issue isn’t the cloudflare tunnel. The issue is that you would have a publicly accessible service running on your network. If you use the cloudflare access control thing (login page before you can access the site) you mitigate a lot of that (while making it obnoxious for anything that uses an app…) but are still at the mercy of cloudflare.

And understand that these are all very popular tools for a reason. So they are also things hackers REALLY care about getting access to. Just look up all the MANY MANY MANY ransomware attacks that QNAP had (and the hilarity of QNAP silently re-enabling online services with firmware updates…). Because using a botnet to just scan a list of domains and subdomains is pretty trivial and more than pays for itself after one person pays the ransom.

As for paying for that? I would NEVER pay for nextcloud. It is fairly shit software that is overkill for what people use it for (file syncing and document server) and dogshit for what it pretends to be (google docs+drive). If I am going that route, I’ll just use Google Docs or might even check out the Proton Docs I pay for alongside my email and VPN.

But for something self hosted where the only data that matters is backed up to a completely different storage setup? I still don’t like it being “exposed” but it is REALLY nice to have a working shopping list and the like when I head to the store.

A LOT of questions there.

Unraid vs Truenas vs Proxmox+Ceph vs Proxmox+ZFS for NAS: I am not sure if Unraid is ONLY a subscription these days (I think it was going that way?) but for a single machine NAS with a hodgepodge of drives, it is pretty much unbeatable.

That said, it sounds like you are buying dedicated drives. There are a lot of arguments for not having large spinning disk drives (I think general wisdom is 12 TB is the biggest you should go for speed reasons?), but at 3x18 you aren’t going to really be upgrading any time soon. So Truenas or just a ZFS pool in Proxmox seems reasonable. Although, with only three drives you are in a weird spot regarding “raid” options. Seeing as I am already going to antagonize enough people by having an opinion, I’ll let someone else wage the holy war of RAID levels.

I personally run Proxmox+Ceph across three machines (with one specifically set up to use Proxmox+ZFS+Ceph so I can take my essential data with me in an evacuation). It is overkill and Proxmox+ZFS is probably sufficient for your needs. The main difference is that your “NAS” is actually a mount that you expose via SMB and something like Cockpit. Apalrd did a REALLY good video on this that goes step by step and explains everything and it is well worth checking out https://www.youtube.com/watch?v=Hu3t8pcq8O0.

Ceph is always the wrong decision. It is too slow for enterprise and too finicky for home use. That said, I use ceph and love it. Proxmox abstracts away most of the chaos but you still need to understand enough to set up pools and cephfs (at which point it is exactly like the zfs examples above). And I love that I can set redundancy settings for different pools (folders) of data. So my blu ray rips are pretty much YOLO with minimal redundancy. My personal documents have multiple full backups (and then get backed up to a different storage setup entirely). Just understand that you really need at least three nodes (“servers”) for that to make sense. But also? If you are expanding it is very possible to set up the ceph in parallel to your initial ZFS pool (using separate drives/OSDs), copy stuff over, and then cannibalize the old OSDs. Just understand that makes that initial upgrade more expensive because you need to be able to duplicate all of the data you care about.

I know some people want really fancy NASes with twenty million access methods. I want an SMB share that I can see when I am on my local network. So… barebones cockpit exposing an SMB share is nice. And I have syncthing set up to access the same share for the purpose of saves for video games and so forth.

Unraid vs Truenas vs Proxmox for Services: Personally? I prefer to just use Proxmox to set up a crapton of containers/vms. I used Unraid for years but the vast majority of tutorials and wisdom out there are just setting things up via something closer to proxmox. And it is often a struggle to replicate that in the Unraid gui (although I think level1techs have good resources on how to access the real interface which is REALLY good?).

And my general experience is that truenas is mostly a worst of all worlds in every aspect and is really just there if you want something but are afraid of/smart enough not to use proxmox like a sicko.

Processor and Graphics: it really depends on what you are doing. For what you listed? Only frigate will really take advantage and I just bought a Coral accelerator which is a lot cheaper than a GPU and tends to outperform them for the kind of inference that Frigate does. There is an argument for having a proper GPU for transcoding in Plex but… I’ve never seen a point in that.

That said: A buddy of mine does the whole vlogger thing and some day soon we are going to set up a contract for me to sit down and set her up an exporting box (with likely use as a streaming box). But I need to do more research on what she actually needs and how best to handle that and she needs to figure out her budget for both materials and my time (the latter likely just being another case where she pays for my vacation and I am her camera guy for like half of it). But we probably will grab a cheap intel gpu for that.

External access: Don’t do it, that is a great way to get hacked.

That out of the way. My nextcloud is exposed to the outside world via a cloudflare tunnel. It fills me with anxiety but as long as you regularly update everything it is “fine”.

My plex? I have a lifetime plex pass so I just use their services to access it remotely. And I think I pay an annual fee for homeassistant because I genuinely want to support that project.

Everything else? I used to use wireguard (and openvpn before it) but actually switched to tailscale. I like the control that the former provided but much prefer the model where I expose individual services (well, VMs). Because it is nice to have access to my cockpit share when I want to grab a file in a hotel room. There is zero reason that anything needs access to my qbitorrent or calibre or opnsense setup. Let alone even seeing my desktop that I totally forgot to turn off.

But the general idea I use for all my selfhosted services is: The vast majority of interactions should happen when I am at home on my home network. It is a special case if I ever need to access anything remotely and that is where tailscale comes in.

Theoretically you can also do the same via wireguard and subnetting and vlans but I always found that to be a mess to provide access both locally and remotely and the end result is I get lazy. Also, Tailscale is just an app on basically any machine whereas wireguard tends to involve some commands or weird phone interactions.

Not gonna say that I always grab some gloves before I plunge away my horror.

But I DO wash the ever loving hell out of that plunger after every use. I still prefer dedicated toilet (poo) and sink (gunk) plunger because obvious reasons, but in a pinch?

Shame on me. If I just believe hard enough that will solve all bandwidth, data, hosting, and discoverability issues.

This is not at all a trivial problem. If it were, then aggregator sites like dig/reddit would have never taken over from message boards and youtube/twitch would have never beaten a tripod site with a relplayer (HISS!!!) video.

And you do know that there is a very big difference between hosting a text based site on tripod, an image heavy site, and a video site, right?

The reason The Old Internet died out is largely because of the middle. When you have zero revenue (because everyone runs an ad blocker) but people are shitting on you because your screenshots are only 640x480 instead of (oh dear god) 1080p? You start looking at aggregation sites that will pay that hosting fee for you. Hence, social media.

And then you have video. Even short clips could make your hosting bill explode. And sites like Rooster Teeth that pretty much existed solely on their ability to host a five minute video every week were basically constantly in a mess. This is why sites like Giant Bomb ended up starting with Mysterious Investors and ended up getting bought out.

Because you know what is also not good for “the ‘monopoly’ problem”? A site getting hugged to death the moment it is even mentioned on a low traffic subreddit/community. Which is what happens when people host their own video heavy sites. Which lead to adding advertisements and getting sponsored which leads to all the people saying they are an evil site and should burn in hell and here, let’s re-upload all their content to youtube or liveleak or whatever.

Even if you feel that no true art can come from anything profitable and all that stupidity that ignores that time and materials have a cost: Hosting also has a cost. If someone’s streams can’t even support the money it costs them to stream it? That doesn’t last long and can lead to a nice payment plan if your VOD goes viral while you are asleep.

And they find that because twitch is one of the biggest sites on the internet and has okay-good discoverability. And even then, it is generally weeks (if not months) of effort to get to the O(10) concurrents, let alone O(100) where it starts being profitable on time alone… let alone hosting.

Versus some random website on a meme domain that nobody will ever find.

Its the same with peertube and the like: The use case for individuals is near zero and it mostly exists as something to fuel sites like Nebula or floatplane that are trying to build their own services.

And now I understand why that weirdo was so hellbent on the corporations of the world supporting this

I can’t speak to their Password Management as I use Bitwarden for that

But I am slowly but surely migrating myself away from gmail to (my own email at my own domain routed to) Proton. The webmail is very much comparable to gmail and, if you communicate with like minded people, it has decent support for signing and even encrypting email both to other proton mail users as well as to complete randos with just a password that you can send later. My only real complaint is that (… for some really good reasons) there is no easy to use exchange server and I need to run their mail bridge to use a desktop client like Thunderbird to send and maanage and (one day) back up emails.

VPN? I switched over to this around the same time I decided I wanted to “take control” of my email and it works pretty well. Very easy to get some openvpn credentials that I can plug into whatever setup I want. And no extra fee for port forwarding unlike SOME providers. That said, my main complaint is that the port is semi-randomized which doesn’t play the nicest with my totally legit linux iso torrenting setup… But a quick docker ps and docker logs and then updating the config is pretty trivial and I only have to do it maybe once a week?

The big elephant in the room is that, as you rightfully understand, you are still putting a LOT of trust. But that is actually why I like Proton. Because other companies pretend they are going to knife fight the CIA and the US Government on your behalf all while actively not acknowledging anything until we get a post mortem. Proton are VERY open about just how far they are willing to go to protect you (not very) and what YOU can do to mean that Proton can’t provide much useful information once the appropriate paperwork and legal actions have been filed.

I wouldn’t trust a paid account with anything more sensitive than what really innovative stuff a friend did with a bun in the dumpster behind the Wendy’s the other night. But, hypothetically, if I needed to send an anonymous email? Third party VPN/Tor, clean hardware, and a free Protonmail account works great and I do trust Proton to give the absolute bare minimum in that case.

And just for a bit of context. My “grand plan” is to migrate the vast majority of my correspondence and accounts to email addresses tied to one or more of my own domains. Currently I plan to use Protonmail for the mail server because I don’t want that smoke. But the point is that I control the email address so I can get my Heat on and walk away in 30 seconds (actually more like a few hours but…).

Which is why the other aspect of that is that I want to back up the emails I actually want to save (rather than just EVERYTHING like those of us with older gmail accounts do) via a local client that I then archive to an encrypted volume on my NAS and (REDACTED) after that.

Not sure if google is particularly different but the way this works for the other services is basically low energy bluetooth scanning coupled with the phones providing their location*. So basically all the devices on that scanning/spy network periodically ping/listen for nearby devices/trackers. When it finds one, it sends a quick message to the servers with that phone’s location and the ID of the tracker. Get enough of those pings and you can triangulate the position of the tracker pretty precisely.

Which… is why this fundamentally does not work with “hacker” solutions that allegedly emphasize privacy. Because you just don’t have enough devices listening. This was painfully obvious with tile back in the day and is still an issue with Samsung in some countries.

*: Via a combination of gps, cell tower, and wifi network scanning. The less obvious part of that being wifi networks which is the majority of how interior positioning works.

I mean… bluetooth is literally broadcasting your position (sort of/it depends on the implementation). It is not at all a stretch that you should turn that off if you care about privacy. Same with not scanning for what wifi networks are available or even pinging GPS satellites (because that leaves a log). Hell… cell tower logs are a treat for cops/TLAs for a reason.

Aside from that? Good for you. If you actually follow through on that I can respect it. My point is more that this particular solution seems like the worst of all worlds.

Either you are demolishing your battery with regular phone homes to a server you hopefully control or you are relying on a push via SMS and the hope that you lose your phone somewhere you havea reception. And you still only have YOUR phone and YOUR network to track it which has significant drawbacks if you travel.

If people truly change their lives and focus on it, you can do a lot. But it does not take much, at all, to become compromised to one degree or another and people vastly underestimate the amount of redundancy. Or even the impact of a sibling or partner or even friend.

Instead, the common case is people will tweak one small aspect and think that does anything other than inconvenience them. Or, worse, they’ll watch a youtube and decide to put EVERYTHING through their vpn which… defeats the purpose because they are still one easily collated set of profiles/cookies that can trivially reveal that “Fred Smith in Afghanistan” is really “Fred Smith in North Carolina”

Which is why my approach is that there is data I very much want to protect and data I know I can’t. So I focus on understanding the former while doing what I can with the latter.

And something like this? There are probably specific niche use cases for this. But it is a product/service that fundamentally requires aggregated data. And, depending on the implementation, it is going to fuck with your battery hard.

I guess. But it is really going to depend on where you live and just how frequently it does dial home.

My personal use for these networks is luggage tags. But a friend lost her phone on a hike a few years back and the find my phone stuff was more or less useless due to poor reception and ever dwindling battery.

The real benefit is the low energy bluetooth magic and OTHER devices to do the phoning home. Because maybe I have shit reception but someone hiking a hundred feet away has good reception and updates the ping.

Took a bit to figure out what it was even claiming to do

When enabled your phone constantly sends e2e encrypted your location to the server where you can than access it from a webbrowser.

God no. Just take a hatchet to my battery and be done with it.

Also: Until a month or two ago, sure. But google finally got their shit together-ish and set up a tracking network the same as apple and samsung. And that is what you are sacrificing your privacy for. Yes, you give Big Tech tracking information… that they already have. In exchange you can actually have peace of mind of knowing your luggage is in the same airport or even where you parked. And you can’t really self-host a crowd-sourced network.

I mean… I don’t really disagree in this specific context.

I assume Fortnite has kernel level/rootkit anti-cheat. And Epic make massive amounts of cash from all the goku skins people buy. Unless they have the resources to test at least the major distros and keep aware of possible hacks/bypasses on that side it is just begging for exploits. And it is big enough that the moment one is identified EVERYBODY is grabbing an ubuntu live CD to get some goku dollars.

I still think it is shit that they don’t directly support Linux with the EGS (especially since they distribute Unreal Engine and marketplace stuff via that). But for their “more revenue than the GDP of a small nation” live game? I get it.

A buddy who works on one of the popular live games made the comparison to pokemon cards. Everyone thinks it is a great idea to show them off at school. Until the kid trips, they get scattered on the floor, and it is a god damned feeding frenzy of every single kid losing their minds to scramble and fight over that dog eared pikachu card.

Please don’t conflate tankies with leftist thought. They are not leftists. They are fascists with strong ties toward fascist regimes that are “known” to actively usurp elections around the globe.

A good metric is: a very hardline Communist might have an argument for why effectively slavery is ethical because social and economic planning requires people to engage in jobs they actively do not want to do. I personally consider that the reason that Communism can never work at scale but that is a discussion that needs to be had.

A tankie will just justify anything that China or Russia do. Usually with an attempt to deflect by pointing out something the US or, increasingly, certain EU countries did.

But, regardless: There is another issue with your “just let everyone taolk it out” nonsense. Because the ml moderation team(s) and admin staff have increasingly been using mass bans and false claims of xenophiobia to shut down anything that is not tankie bullshit. So there is no discussion. Just one sided propaganda in some of the largest communities on lemmy.

To expand on the moderation strategy a bit. A LOT of people who aren’t increasingly of one nationality and ethnicity have a lot of problems with ResetEra’s moderation strategy. The mods and admins are known for using a heavy hand and outright mockery against anyone who they disagree with and the remaining community stumble over each other to be part of the “cool crowd”.

But you can also very easily see why the vast majority of leftists and PC gamers and… Asian people left. Because they have a policy to only edit user posts when they contain actively dangerous/illegal statements. So you can see when someone catches a permaban because they dsiagreed with an admin or joked about the corporate interests behind brexit. And you can see the discussion of the remaining users on why that was so fucked… up until the thread gets permanently locked.

With the model ml (and certain other more "world"ly instances…) use… you don’t. You just see comment branches disappear the moment anyone pushes back on some propaganda. And if a user pisses off the admins, they get banned straight up. Often with some comment about how they are racist or xenophobic in the modlog with all of their comments removed but NOT in the modlog. And that is a problem because, unless you were actively following along with that discussion, you never see anything other than MAYBE “wow, a lot of really racist people disagree with this very smart discussion on why Chinese Taipei was always a part of China and is totally not a sovereign-ish nation called Taiwan”

Not sure if they had a third party manage it for them (there has been a LONG history of super vague “secret” dealings) but it was for their kickstarter rewards through backerkit or whatever. So the same survey you get asking how many extra books you want to buy or whatever.

King under the Mountain always rubbed me wrong. They hit right at the tail end of “wow. kickstarter is awesome” and right before people realized how many DF-like colony sims there actually were. And then their kickstarter survey, for a key with no add-ons, required an insane amount of personal information. I think they claimed it was for VAT but saw a few “ask a lawyer” threads that pointed out that was nonsense and could have been done with a checkbox.

And the super duper secret publisher right around the time interest was spiking because of DF-GUI was more than a bit sketchy

I dunno. I know that it is hell out there for indie devs (not so much in 2021/2022 but…) but all that combined with the game never feeling like more than a “unity school project” REALLY raises a massive number of red flags. Probably just a single kid in over their head and trying to act like a “real” studio but… yeah.

Still, good to see it was released as open source and here is hoping the fanbase that glommed onto this can carry it forward.

Ventoy is a tool I want to use and that would regularly fix issues when I am simultaneously provisioning and diagnosing a system.

But it feels like it breaks if you even look at it in an unexpected manner or if any distro updates at all.

So end result is it works once or twice and then I need to reformat the stick to pop on mint or debian server or whatever anyway.

Can we maybe shut the fuck up with the fanboyism for a moment?

Especialy since these layoffs are due in no small part, to MS buying basically every studio they could for a few years.