Take the ZFS plunge - My only real concern is the overhead
you shouldn’t worry about ZFS overhead if you are planning to use mergerfs.
you can tune the memory usage of ZFS significantly. by default it targets using half of your RAM, but on a home setup that’s wasting resources, you should be able to limit the arc cache to 1-2 GB, maybe somewhat more depending on how you want to use it. It’s done with sysctl or kernel parameters.
And the issues are locked so if something nefarious happens, discussion will only occur somewhere else instead of the repo
people shouldn’t count on that anyways because the repo owner can delete issues, comments, also edit them
and the code must be a replicable build by F-Droid’s internal apk signature copying process
that’s not a requirement. or was it already being built reproducibly?
it means android api changes, google play restrictions and removals
its funny how the up and down votes are almost in sync for all comments.
let me clarify for everyone: email is not needed for a selfhosted setup, and shouldn’t be. I am in doubt that the majority of selfhosters run mail servers.
I think there’s some linux command to query the installed keys, but here I have only found the command for listing all the installed mok keys: https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot
I can boot into Windows through the BIOS using only the MS-signed bootloader instead of GRUB or any chain loader, and Windows itself considers Secure Boot to be enabled successfully.
I assume that’s because your motherboard still has the microsoft keys installed besides the MOK keys, and it verified the bootloader with that. thats why it accepts the ms signed bootloader. as I know not all motherboards allow removing it, and there are a few buggy ones that get hard bricked if you do that.
Microsoft provides SB shims for some linux distributions, so it wouldn’t mean locking out all linux players.
right, you can look at it that way too. but what the consumers see (and feel) is that the game tells what kind of software you can have, even when that is not related to the game. and that’s what’s not usual.
this is less obvious on windows, because it’s not that common to be modified by users in a way that matters here, as the checks are kind of loose, but on android it’s quite different, and windows is likely to get the same treatment, which is the reason why valve is pouring so much money into linux
these games only accept the secure boot setup where the root key is that of microsoft’s. that means that you either need windows with a pre-approved configuration in some regards (notable difference: any foss kernel drivers are nono because they won’t ever be signed) or a linux system for which microsoft gives a secureboot shim with whatever further restrictions.
the consequences are more obvious if you look at android as an example. It’s not called secure boot there, but android verified boot, and the turning off of it is called “bootloader unlocking”. very few phones support installing your own signing keys so you can’t take advantage of it with a bloatless android distribution. but even on phones that do, there are many apps that require a locked bootloader with the factory keys, including banking apps, nfc payment apps, government apps (including those that are required to access the online government account), entertainment apps with strict DRM, …
its like you are intentionally trying to misunderstand what they are saying, good work at it. Obviously, they didn’t deem SB and TPM unusual, but the types of software (entertainment industry products) demanding it while the software of the security industry does not.
but it’s not a pointless requirement or some grand conspiracy to make people buy new hardware.
consumers won’t benefit from this functionality, but many industries will in the foreseeable future
start going down the technical path with Linux to extend the life further.
linux won’t fix this kind of shit, because this is about an arbitrary limitation of wanting to lock the owner out of their own system. these malware companies won’t ever recognize a free linux setup as “verified”
TPM is enterprise functionality, useless for most consumers. useful for locking down control ower hardware against “unathorized personnel”
Secure Boot is not enough for these malware. They want SB rooted in MS keys. You using a Machine Owner Key? Too bad, go away! they say
all they want is get more control over your hardware, and less of it for you
the tpm does not add any security whatsoever for windows 11, and secure boot is being used to lock your control out of your own system. secure boot enabled with machine owner keys wouldn’t be enough either for these games
bad librewolf, shame on them for not paying the tax
Tailscale is wireguard with automatic configuration. OPs problem will remain: it needs an app
set up a tailscale client on their networks, and set up a reverse proxy on it for your services. then you can just point these tvs to the local proxy
well, to some people. but if you think about it this way: it’s an entertainment website with no useful content, then I can agree with it
I am running the AIO and here it has the slowest webapp by a large margin, on desktop, laptop and phone