Andres

@somegeek @jobbies This is a good read. I was rather amused by your “TODO: How to use Git offline? Offline merge requests?” section, though. Git was written by people who literally email each other patches. It’s offline-first, with online stuff tacked on there. You can copy a cloned git repo to a usb stick and give it to someone, and now they have the entire history. Of course merge requests and bug tracking are separate (I understand what you meant w/ the TODO), but git itself is already there.

@K3can So you’re running the systemd services as root, and letting systemd change them to their relevant users? Or are you running the systemd services as a non-privileged user, and using container subuid/subgids?

@K3can @silver How do you handle running as other users? I like to run services as their own user, so currently I create a new user and (as them) run podman compose.

@irmadlad Also, I would think that companies offering long warranties on refurbished drives are playing the odds in a way that makes them money. It probably wouldn’t be profitable if they sold drives w/ bad/reallocated sectors and the majority of them died within the warranty period.

My assumption is that all drives will die (or suffer corruption) at the worst possible time, so do proper backup/scrubbing. Then look for deals where I can.

@irmadlad I can’t tell you averages (I’m not running massive storage servers with hundreds of drives here), but I ordered this particular one in Oct 2025. It’s still going strong. There’s another one that I bought back in 2019 or 2020 that I used for a few years before replacing it due to needing more space. Meanwhile, I’ve used plenty of consumer drives over the years that were a lot less reliable, so I have different rules for consumer drives (toss 'em at the first error) vs enterprise drives.

@irmadlad @moonpiedumplings Enterprise drives w/ bad sectors and a 5yr warranty? Me (raises hand)!

With snapraid and backups and the warranty, I’m perfectly happy to use enterprise drives _where the drive errors aren’t increasing_. Worst case, I lose some of those linux distributions and have to re-download them. I wouldn’t use one without a warranty though (and I certainly wouldn’t waste my time on a 500gb drive, the last hdd I bought w/ sector errors was 14TB for $140).

@KneeTitts @Jason2357 Recently there are a lot of zero-day kernel exploits (local privilege escalation), so I would make sure “up to date” includes regular reboots into new kernels. As opposed to just relying on something like unattended-upgrades.

For the past few weeks we’ve been averaging one LPE per week, and it’s probably going to continue like that for a bit.

@yestalgia I will say that the configuration is not the most intuitive. Part of it is just that the web UI is, imo, not that good. There’s a lot of confusing stuff exposed to users that isn’t really important for like 99% of use cases.

(who cares whether compression is metadata only or all data or none? wtf is “introducer” vs “auto-accept”? why do I need to see a random hash for device or folder id in addition to a device or folder name?)

@yestalgia So I set up syncthing between a server and one client. Share folders between them. Figure out how you want the folder data replicated; for my phone pics, for example, the sync is one way from (phone) -> (syncthing server). For kids’ health stuff, it’s a two-way sync; because the sync might be (my laptop) <- (syncthing server) <- (my wife’s laptop), or vice-versa. Then add another client to the syncthing server, following the same process. Never sync client-to-client; always via server

@pixeldaemon I used to use Seafile, but it is clunky and annoying, and it will also never ever be in debian due to upstream copyright sketchiness.

@pixeldaemon Syncthing. We have one “authoritative” fileserver running syncthing, and then a bunch of “clients” (laptops, phones) that sync up to the fileserver. This doesn’t work for, say, terabytes of movies/music, but for important stuff like photos/tax records/whatever, it means we can make changes on any “client” and it gets synced to the “server” and all the other “clients”

For more traditional cloud, I recently installed copyparty (https://github.com/9001/copyparty) w/ https://github.com/romaan7/white-gold-theme-for-copyparty

@Bazoogle @1hitsong First of all - when it comes to creating programs, you want the output to be deterministic. Stochastic program output is a serious problem, as you _will_ get unreproducible bugs. Second, plain language is _not_ easy except for the simplest of tasks. Actual programs need to handle all kinds of corner cases and hardware weirdness and human weirdness. Your “plain language” goes from “do a thing” very quickly to “do a thing. but not that thing. or that other thing. and and and…”

@GreenKnight23 I don’t see that behavior. Rebooting into a new kernel and then running dist-upgrade, it always _always_ keeps one older kernel around. Bookworm and trixie.

@GreenKnight23 @oong3Eepa1ae1tahJozoosuu I’ve never seen that behavior in Debian. Is that some different type of configuration?

@djdarren @frongt That’s not how SyncThing is designed. It’s intended to be a full mirror.

I kind of emulate what you’re talking about with restic’s mount command. It’s a lot less intuitive than what you’d get from a cloud storage platform, but it’s Good Enough For Me. If you want to match cloud storage, you probably want nextcloud or seafile or something.

@IratePirate @eightys3v3n Snapraid offers scrub/bitrot protection - check out ‘snapraid scrub’.

@IratePirate Combine this with restic (or borgbackup, if that’s how you swing) for a bombproof selfhosting solution.

@Vejeta I can’t promise to package/include it, but looking at it is still on my todo list. The other work stuff has taken longer than expected, but once it wraps up I’m planning to look at your CEF stuff.

@PancakesCantKillMe @gedaliyah Okay, you’ve piqued my curiosity. What does your playlist for pets look like?

@Vejeta Hi! Chromium maintainer here, just wanted to say that I appreciate the write-up (and the associated bug report followup). I have some paid work that will involve dealing with qtwebengine’s embedded chromium - I’m hoping to address both QT and CEF at the same time. Currently focused elsewhere, but I’m thinking in a few months.