Reminds me of this:

How I sleep knowing Fedora + podman actually uses safe firewalld zones out of box instead of expecting the user to hack around with the clown show that is ufw.

I could be wrong here but I feel like the answer is in the docs itself:

If you are running Docker with the iptables or ip6tables options set to true, and firewalld is enabled on your system, in addition to its usual iptables or nftables rules, Docker creates a firewalld zone called docker, with target ACCEPT.

All bridge network interfaces created by Docker (for example, docker0) are inserted into the docker zone.

Docker also creates a forwarding policy called docker-forwarding that allows forwarding from ANY zone to the docker zone.

Modify the zone to your security needs? Or does Docker reset the zone rules ever startup? If this is the same as podman, the docker zone should actually accept traffic from your public zone which has your physical NIC, which would mean you don’t have to do anything since public default is to DROP.

Me flipping on reverse thrust and parking brake before touching the ground in FSX because I’m like 100 kts above the landing speed

Couldn’t you just lazy build your own images if you don’t trust the source?

Even then most of these containerized apps can be run perfectly fine as a host binary, you just have to make your own start script and a systemd unit which isn’t that bad.

You could then build a completely custom image if you’d like, or move it into a VM if you don’t like the idea of running it baremetal.

How does it compare to Photoprism? Been on that solution for a while and I really like it, but have seen lots of people suggest Immich as well.

EDIT: https://github.com/photoprism/photoprism

Ubuntu and Docker.

Really? Netplan alone disqualifies Ubuntu as a “friendly stable starter distro”, and I can guarantee you that your guide will somehow become outdated with a single new Ubuntu release, or some poor soul who accidentally selected an LTS release.

Docker doesn’t matter as much, but there’s a reason beyond just FOSS licensing why podman exists.

Would highly recommend Debian instead.

I started on Ubuntu similar to this many years ago and both the server and desktop experience was not fun at all.

HEVC support is enabled for Firefox 134

Cool for anyone not using AV1 which I assume is a big chunk of the userbase because not everyone has good AV1 hardware acceleration lol

“No”

– everyone using compose to orchestrate software deployments

I kinda hate to agree with the other suggestions here, but entry level and even dedicated NAS products are pretty expensive for providing something you can very easily DIY for significantly cheaper even with the latest hardware.

Was in a similar boat and just ended up taking an old HP desktop and added some cheap HDDs. I ended up playing around with proper Fedora for some LVM cache tricks and running some other services, but the common suggestion for this is SnapRAID and Nextcloud.

There’s more *arr tools that aren’t aggregator automation tools than there are aggregator automation tools.

Also It was only funny when using an existing words like "sonar, “radar”, “lidar”. Jellyseerr is dumb, even Jackett was pushing it.

I guess it makes it somewhat easier to associate them as part of a group of software, but now we have stuff like Homarr that is entirely unrelated, but still a useful tool.

Proxmox or even just lazy old KVM GUI for anything that needs to be deployed manually in a VM (Home Assistant, WIndows VM, etc.). Otherwise you can even just spin up whatever manual service you want to run on an LXC container or bare metal host with the correct security settings with systemd and selinux if you want to be extra careful.

Docker/Podman (the superior one lol) is just an automated deployment system in container form (like Ansible). It great for automated deployment without having to manually configure the installation process and worry about upgrades, changes, etc. You can even easily create your own images on the fly just for the purpose of having it run a single service inside a container.

Proxmox equivalent would be like using Terraform/OpenTofu to deploy VMs to do the same thing. Its possible, but just not that common because of the reduced overhead with containers, and well supported deployment images with docker/podman specifically.

Generally speaking, I’ve seen proxmox used more in lab environments were you want to emulate something like a complete network of machines whereas docker/podman has become the defacto server deployment platform.

You’re just much more likely to find software with a published docker container and default docker compose script than the same thing in Terraform or even K8s/K3s.

Someone I know genuinely tried this in a test branch for a Blazor application developed at a university, and the AI introduced insanely hidden UI breaking bugs because it touched every single file and renamed variables to plural without correctly refactoring in every dependent file lmao.

AI is a powerful tool, but throwing an entire codebase at it is exactly how you nuke your development lol. Even the latest and greatest models can’t handle complexity beyond a few thousand lines even with increased input limits. And if it’s anything proprietary or even not well published, you’re basically screwed.

Does jellyfin do untranscoded video/audio?

Haven’t used it in years but finally building up my media server again and I remember it had some funky settings for hardware encoding back then which I didn’t need because I was connecting to it via a repurposed gaming laptop that could easily handle 4k content and surround sound by itself.

I’m waiting to see if Trump/pentagon escalates or does their strike package and goes home.

I doubt this is going to lead to some sort of ground invasion. Biden would have done the exact same although maybe more clandestine.

China doesn’t want to make the same mistake as the USSR which is expending geopolitical power to maintain an entire hegemony against the USA. They’re content with making money and don’t spend a lot of energy keeping extreme espionage on every country like the USA does.

China knows the US will take the military option if confronted, which is to their disadvantage, so they’ll find every alternative path or method.

Biggest example is Pakistan. Its a massive CPEC project and defense partner, yet the military leadership in charge is basically a US lapdog because China knows if they try to pull the same regime change shenanigans, its just gonna end up like USSR vs USA 2 with a crap ton of proxy wars everywhere.

I think their longterm goal is to just slowly erode at the global economy. Even if the US owns the regime in the country, a significant portion of money will be going to China. They could choose to eventually use that power to reinforce their allies, but I think that’s still like 20+ years down the line.

Successfully uploads file into broken MariaDB with no space left.

Bruh holy hell, glad you figured it out.

Really seems like a fatal design flaw, even basic stuff like sftp has checksums for sanity. I guess it has to do with it not verifying the DB is responding with the correct info or improperly deciding the upload was okay.