2
points
6ak74rfy
Joined 344 karma
Reach me at 64ki6p3w@anonaddy.me
- 6ak74rfy parentFor me, 2025 was the year of the Linux desktop. I wanted a replacement for an M1, something beefy to build side projects etc., so I custom built a PC and put NixOS on it. Still rocking it and quite happy with it.
- I too care a lot about privacy and data sovereignty but those aren't sufficient arguments to self-host. For instance, my wife cares about the two too and so she uses most of the services that I host at my home, but she isn't going to start self-hosting herself anytime soon.
I think the missing piece is you need to enjoy the process itself - without that, it's not really tenable (at least today).
- Coolify and friends (Dokploy?) look like nice tools. But I am not very comfortable with them because the state of my server(s) isn't present in code. So, I like NixOS or Ansible more but then they require a bunch of boilerplate and custom infrastructure for setting up production.
Anyone know some infrastructure-as-code framework that makes it easy to spin up and maintain production servers? Something declarative, perhaps, but not Kubernetes?
- Amazon's search results have been garbage from a really long time, I often wonder how come the executives or the team behind it never experience that themselves. I now to Amazon only if I know exactly what brand I am going to buy before opening Amazon.
I also quit Prime couple of years ago. Hardly miss it.
- I would love to use KeepassXC but it doesn't make it easy to share credentials with the wife. I _could_ use a dedicated vault, but we'll then need to cut-paste things for sharing existing credentials.
So, for now, I've settled on Vaultwarden and it has been surprisingly stable so far.
- What's the recommend full-stack setup, if not NextJS?
My background: I have ~15 years of software development experience, but practically all of it in backend stuff. (Well, I did some AngularJS a decade ago but that's it.) So, when I recently wanted to build a fullstack app for the first time for a side project, I looked around and learnt NextJS was the way to go. (Gemini said that, then Cline's official documentation said the same.) I am early in the process, so happy to learn of solid alternatives.
I am planning to host everything on some VPSes through Docker, because that's what I am comfortable with. So, no Vercel or Netlify.
- > didn't have deep enough experience with "object oriented programming". What does that even mean?
This could mean two things. "You aren't knowledgeable about OOP" or "you couldn't show us that you are knowledgeable in OOP". If it isn't the former, maybe it's the latter? Maybe the real+underlying feedback is that you couldn't convey your breadth of knowledge in your interview?
- > I think it's a relatively small attack surface.
Plus, you can obfuscate that too by using a random port for Wireguard (instead of the default 51820): if Wireguard isn't able to authenticate (or pre-authenticate?) a client, it'll act as if the port is closed. So, a malicious actor/bot wouldn't even know you have a port open that it can exploit.
- This enshittification is surprising for Bitwarden, given how much it emphasized its open source strategy and that practically made a bunch of us recommending it to our friends and family. But maybe not too much because, as you say, its a natural process for organizations.
This is primarily the reason I am careful going deep into the Tailscale ecosystem (which, similar to earlier Bitwarden, is touting a "hey, we are the good guys" horn for now). My network is a critical piece of my infra and I don't want to put too much trust in one company.
- Coincidentally, just earlier today I was looking for one-time-use prepaid cards. I thought I'd buy a few $100 worth cards and use them for pseudo-anonymous transactions. However, all I could find were prepaid "debit cards" (which could be easily tied back to be) our store specific "gift" cards.
Curious to see if anyone has a good solution for that? (In the US.)
- It depends on how you technology/security savvy you are.
For instance, here is everything I do:
- Use an open source firewall+router (== Opnsense) and not commercial routers (such as Netgear, Tp Link etc.) - Open up port 80 and 443 on the firewall. - Both the ports go to a Traefik reverse proxy that is configured to always redirect port 80 to 443. - Traefik then reverse-proxies requests to relevant Docker containers. - Auto-update Traefik every day (through Watch Tower). - Use Authelia, with 2FA, where I can for the publicly available services.
I assume I am reasonably secure but I've also built this over a few months. You may not get there right away, so start small and slow and don't go crazy early on.
- > IMO fidelity is probably the closest you’ll get,
This is not true. I have decent knowledge about investing (index funds, stocks vs bonds vs real estate allocation etc.). So, I know when my Fidelity investment advisor was BSing me when she started selling me "alternative investments" (such as private annuity and direct indexing). Needless to say, I don't talk to her anymore.
- I was trying out Restic (through auto-restic) this weekend. And I really wanted to make it work.
However, I have 2 user accounts on my macOS (mine and spouse’s) and I couldn’t get Restic to access the other account’s data. I am admin, I ran Restic as root, gave it “full disk access” - still couldn’t make it work.
Any tips?