I think a lot of companies view their free plan as recruiting/advertising — if you use TailScale personally and have a great experience then you’ll bring in business by advocating for it at work.

Of course it could go either way, and I don’t rely on TailScale (it’s my “backup” VPN to my home network)… we’ll see, I guess.

Hopefully you can publish in an open-access journal — if not it would be great if you could share an arXiv preprint :)

Physics is like sex: sure, it may give some practical results, but that’s not why we do it.

— Richard P. Feynman

I think the same is true for a lot of folks and self hosting. Sure, having data in our own hands is great, and yes avoiding vendor lock-in is nice. But at the end of the day, it’s nice to have computers seem “fun” again.

At least, that’s my perspective.

Whatever you decide for your laptop, I’m a proponent of a barebones off-site setup if you’re trying for 3-2-1 backup or similar.

I use a raspberry pi 3 with a single HD (ZFS) retaining some number of daily/weekly/monthly snapshots. Daily rsync, everything over WireGuard+VPS (TailScale would work too).

Others mentioned virtualization — I have had issues with COW filesystems (btrfs), as COW does not always play nicely with VM drives (extreme fragmentation and very poor performance).

Maybe there’s some interplay between amd64 and x64 architectures.

AMD64 and x64 are the same thing. Do you mean AMD64 and x86? There is definitely interplay there, as AMD64 implements the x86-32 instruction set.

Same — rsync to a pi 3 with a (single) ZFS drive at family’s house. Retain some daily/weekly/monthly snapshots.

I have a (free) VPS with static IPv4 which is how I connect everything.

Both the VPS and the remote site have limited network speed (I think 50Mbps for VPS), so the initial sync was done sneakernet (well…“airplane net”). Nightly rsync is no problem bandwidth-wise, and is mostly just any new videos I’ve uploaded to my local Immich instance.

You mentioned ham radio — definitely fun! It’s a process to get into it though, as you need to study/pass an exam, and then you need a radio. Radios range from cheap ($25 or so) in the VHF/UHF (“walkie talkie”-style) to more expensive for an HF rig ($1000 range for 100W HF). If you want to get into low power (“QRP”) it can be much cheaper. You also need a fair amount of space for a good antenna setup…

There are tons of different communication modes, some without a computer and, like you mentioned, some that use computers. wsjtx and fldigi are popular programs.

Good luck!

Fail2ban config can get fairly involved in my experience. I’m probably not doing it the right way, as I wrote a bunch of web server ban rules — anyone trying to access wpadmin gets banned, for instance (I don’t use WordPress, and if I did, it wouldn’t be accessible from my public facing reverse proxy).

I just skimmed my nginx logs and looked for anything funky and put that in a ban rule, basically.

Newer macOS is not Unix certified.

It’s UNIX 03 compliant https://en.m.wikipedia.org/wiki/Single_UNIX_Specification

One or two Linux distros were (are?) UNIX certified, though.

Haha yeah that was the counter example I was thinking of. I agree completely — you could make a Gentoo from source beginner distro, and I think you could make it reasonably “idiot proof,” but it would still be a bad user experience most likely (too much time spent compiling).

If your distro can’t be forked into a “beginner distro” then it’s fundamentally flawed IMHO.

To be clear, I’ve used Arch as my daily drivers for a while, and while it’s not the best fit for my needs (I use Debian mostly), there’s nothing that I experienced that was incompatible with a “beginner” distro.

You can also drop cache for debugging by running something like echo 3 | sudo tee /proc/sys/vm/drop-caches

But remember that the kernel knows best — this RAM will automatically be freed up when needed and you should never run this except for debugging (or maybe benchmarking).

I switched from raspberry pi and orange pi to a cheap Intel NUC, and I think it’s just a much nicer experience.

The pi is great fun, but the HW transcoding on a NUC “just works,” and the SSD and 16GB RAM opens a lot of doors. My N100 NUC was less than $150, and it included everything (case, power supply, 500GB SSD).

My pi found new life as an off-site backup: attach a big HDD, set up WireGuard, and have a cronjob do daily rsync and snapshots. I have it set up at in-laws, and it works great.

I’ve been super happy with it. Knock on wood it’s been super reliable. I have a single ZFS drive, take snapshots with various retention policies, nothing fancy.

Another fun thing is to set up a reverse proxy on it as an endpoint for services on your local (home) network which can only be accessed by VPN. For example, my Jellyfin service isn’t public facing, but I didn’t want e.g. my parents to need to set up WireGuard. So instead they can point their TV to a raspberry pi on their network to access the service — even a first gen RPI can handle Jellyfin reverse proxy over WireGuard for moderate bitrates!

WireGuard, and an external HDD. Run at a remote location for off-site backup.

I do this with a raspberry pi 3 at the in-laws. I copied the data over locally before setting it up, and after that it’s just nightly incremental rsync, which is fine even over my slow (35Mbps) upload.

Not sure why you’re saying Python forces everything to be object oriented…?

For very simple tasks you can usually blindly log in and run commands. I’ve done this with very simple tasks, e.g., rebooting or bringing up a network interface. It’s maybe not the smartest, but basically, just type root, the root password, and dhclient eth0 or whatever magic you need. No display required, unless you make a typo…

In your specific case, you could have a shell script that stops VMs and disables passthrough, so you just log in and invoke that script. Bonus points if you create a dedicated user with that script set as their shell (or just put in the appropriate dot rc file).

Ok so it is fully qualified then? I’m just confused because it sounded like you were saying I wasn’t using the term correctly in your other comment.