Sure in a decade or so it might have matured enough to have shed all these issues

That’s the point. They want to set themselves up so that when the issues are shed and it becomes a realistic product, they’re already in a place where their product can be the one that takes over the market. If you wait until a product is viable before starting on development, you’re too late.

I abandoned Google when they started throwing shopping links at the top of every search, even when searching for things that have no relevance to shopping, and they started artificially promoting scams and paid material above actual results.

Google Search was best around 10-15 years ago when their only focus was providing the best results they could (remember when you could actually click the top result and you would be taken to the most applicable page instead of some unrelated ad or scam?). Now their focus is on providing the best product possible for their actual customers (paid advertisers) even when it means trashing their own product in the process.

They won’t. Musk has a hard-on for doing everything with visible cameras for some stupid reason.

I don’t like the fact that I could delete every copy using only the mouse and keyboard from my main PC. I want something that can’t be ransomwared and that I can’t screw up once created.

Lots of ways to get around that without having to go the route of burning a hundred blu-rays with complicated (and risky) archive splitting and merging. Just a handful of external HDDs that you “zfs send” to and cycle on some regular schedule would handle that. So buy 3 drives, backup your data to all 3 of them, then unplug 2 and put them somewhere safe (desk at work, friend or family member’s house, etc.). Continue backing up to the one you keep local for the next ~month and then rotate the drives. So at any given time you have a on-site copy that’s up-to-date, and two off-site copies that are no more than 1 and 2 months old respectively. Immune to ransomware, accidental deletion, fire, flood, etc. and super easy to maintain and restore from.

Pretty sure the country of origin for Apple products isn’t the US anyway. They’d be coming from China, India, etc. Reciprocal tariffs on the US should have no effect on Apple products sold in other countries.

I mean, you’re not wrong, but the same applies to all phone manufacturers. Samsung, Pixel, etc. are going to see similar price hikes due to tariffs in the US, and a similar drop in demand in China as the population there moves to Chinese manufacturers. I’m not sure why you’re singling out Apple.

Main reason is that if you don’t already have the right key, VPN doesn’t even respond, it’s just a black hole where all packets get dropped. SSH on the other hand will respond whether or not you have a password or a key, which lets the attacker know that there’s something there listening.

That’s not to say SSH is insecure, I think it’s fine to expose once you take some basic steps to lock it down, just answering the question.

Some people move the port to a nonstandard one, but that only helps with automated scanners not determined attackers.

While true, cleaning up your logs such that you can actually see a determined attacker rather than it just getting buried in the noise is still worthwhile.

Reverse proxy + DNS-challenge wildcard cert for your domain. The end. Super easy to set up and zero maintenance. Adding a new service is just a couple clicks in your reverse proxy and you’re done.

Yes at a cursory glance that’s true. AI generated images don’t involve the abuse of children, that’s great. The problem is what the follow-on effects of this is. What’s to stop actual child abusers from just photoshopping a 6th finger onto their images and then claiming that it’s AI generated?

AI image generation is getting absurdly good now, nearly indistinguishable from actual pictures. By the end of the year I suspect they will be truly indistinguishable. When that happens, how do you tell which images are AI generated and which are real? How do you know who is peddling real CP and who isn’t if AI-generated CP is legal?

It wouldn’t matter. The public doesn’t listen directly to politicians, it gets filtered through the media first, and the media picks and chooses which parts they actually report. The people who would actually hear this already know. The people who would need to hear it never will because Fox won’t show it to them.

Yes, and Bitwarden+SimpleLogin. Bitwarden to keep track of login info including the alias that is used for that site. SimpleLogin is where the aliasing is actually handled, they have a decent UI for enabling/disabling or generating reverse aliases (for outgoing emails) when needed.

It does take a little more effort to manage it, but it’s worth the payoff. I’ve been using this setup for about 9 months now and I finally got my first spam email a week ago. I looked at the address it was sent to, it was an alias I used at a site I ordered something from about 6 months ago. I sent them a message letting them know that either someone at their company is selling customer info to scammers or their database has been leaked, then I shut off the alias. No more spam.

deleted by creator

it gives people the option to use an alternate app store if they want but it doesn’t force anyone to.

That argument sounds great in theory, but would break down after a month or less, when companies start moving their apps off of Apple’s App Store and onto a 3rd party store that allows all the spyware Apple has forced them to remove if they want to have an iOS market. This move DOES force people to use alternate app stores when companies start moving (not copying, moving) their apps over to said stores to take advantage of the drop in oversight.

Same, I don’t let Docker manage volumes for anything. If I need it to be persistent I bind mount it to a subdirectory of the container itself. It makes backups so much easier as well since you can just stop all containers, backup everything in ~/docker or wherever you put all of your compose files and volumes, and then restart them all.

It also means you can go hog wild with docker system prune -af --volumes and there’s no risk of losing any of your data.

I would separate the media and the Jellyfin image into different pools. Media would be a normal ZFS pool full of media files that gets mounted into any VM that needs it, like Jellyfin, sonarr, radarr, qbittorrent, etc. (preferably read-only mounted in Jellyfin if you’re going to expose Jellyfin to the internet).

As far as networking, from what I could see the only real change casaos was doing was mapping its dashboard to port 80, but not much more. Is there anything more I should be aware in general?

It depends on how you have things set up. If you’re just doing normal docker compose networking with port forwards then there shouldn’t be much to change, but if you’re doing anything more advanced like macvlan then you might have to set up taps on the host to be able to communicate with the container (not sure if CasaOS handles that automatically).

The nice thing about docker is all you need to do is backup your compose file, .env file, and mapped volumes, and you can easily restore on any other system. I don’t know much about CasaOS, but presumably you have the ability to stop your containers and access the filesystem to copy their config and mapped volumes elsewhere? If so this should be pretty easy. You might have some networking stuff to work out, but I suspect the rest should go smoothly and IMO would be a good move.

When self-hosting, the more you know about how things actually work, the easier it is to fix when something is acting up, and the easier it is to make known good backups and restore them.

While true, and I have a lot of DRM-free music that I’ve bought from Apple, the difference is that getting music purchased from Apple onto your computer in a usable format is a bit of a pain, and it’s all lossy. Music from Qobuz can be downloaded directly from their site after purchasing, in lossless FLAC format, and many of their albums are available in high-res 24-bit and/or 96 kHz format as well.

Would you mind if I added this as a discussion (crediting you and this post!) in the github project?

Yeah that would be fine