Something you might want to look into is using mTLS, or client certificate authentication, on any external facing services that aren’t intended for anybody but yourself or close friends/family. Basically, it means nobody can even connect to your server without having a certificate that was pre-generated by you. On the server end, you just create the certificate, and on the client end, you install it to the device and select it when asked.

The viability of this depends on what applications you use, as support for it must be implemented by its developers. For anything only accessed via web browser, it’s perfect. All web browsers (except Firefox on mobile…) can handle mTLS certs. Lots of Android apps also support it. I use it for Nextcloud on Android (so Files, Tasks, Notes, Photos, RSS, and DAVx5 apps all work) and support works across the board there. It also works for Home Assistant and Gotify apps. It looks like Immich does indeed support it too. In my configuration, I only require it on external connections by having 443 on the router be forwarded to 444 on the server, so I can apply different settings easily without having to do any filtering.

As far as security and privacy goes, mTLS is virtually impenetrable so long as you protect the certificate and configure the proxy correctly, and similar in concept to using Wireguard. Nearly everything I publicly expose is protected via mTLS, with very rare exceptions like Navidrome due to lack of support in subsonic clients, and a couple other things that I actually want to be universally reachable.

I envy your life, as it feels like every year the browser assimilates and consumes more and more.

You’re greatly overestimating how many people that is; additionally, it was largely people that aren’t very committed to FOSS that got mad. The project maintainers and most users are fine with it. People who are committed to FOSS ideals are overwhelmingly progressive to leftist. That’s why those codes of conduct were added in the first place, and were largely uncontroversial amongst most actual contributors of those projects.

Agree with the former, not the latter.

I have no idea how you’re getting packages older than Debian. Unstable is a rolling release and stable has a 6 month release cadence with no LTS. Were you pulling from an old dead repo? If you followed an outdated guide, they probably linked you to an old one.

I do agree that the learning curve is steep and the knowledge is nontransferrable though. In my case, that just encouraged me to unify all my systems onto NixOS at home. Not sure if that’s a solution or addiction yet.

I always come back to Smart Launcher. I grew up with category-based application menus on on PC, I can’t stand having a giant unorganized app drawer. It’s so cluttered and messy. I’m always surprised at how little mention it gets and instead everybody talks about these “minimalist” launchers that are literally just unorganized app drawers.

No that’s true, open source is superior is proprietary

“Let’s remove the social element of our social movement”

Great so what’s left at that point, the free value FOSS provides to corporations?

Criticizing people’s past and current actions relating to the subject and bringing up their direct history relavent to the subject is not a personal attack, nor is it out of line to point out he does his to advance his political agenda within the project, which is why he got banned in the first place. All of this directly relates to the subject at hand.

You know what doesn’t relate to the subject at hand? Your random little “sjw gender terrorists” comment. But it does make it rather clear why you want to obfuscate the facts about Srid’s history with the project, subsequent ban, and continued amplification of drama and general shit-stirring ever since.

You made one reply to me whining that I attacked the person by pointing out his beliefs, and then made another reply to me about “gender terrorist SJWs”. Do you just lack any form of self-awareness?

I attacked his beliefs which is perfectly valid. You should critically examine the motives and biases of people who feed you information.

You should know that the guy you cited in the second link, Srid, is a well-known right-wing shit-stirrer who is banned from basically all NixOS spaces because he cannot peacefully coexist. He literally gets up day after day with the seemingly sole purpose of fueling drama and causing problems. Don’t take his opinion at face value, he wants to see the project burn down and this colors his interpretation of events.

NixOS is going through a rocky moment for sure, but there’s no indication it will implode currently.

Whatever you get for your NAS, make sure it’s CMR and not SMR. SMR drives do not perform well in NAS arrays.

I just want to follow this up and stress how important it is. This isn’t “oh, it kinda sucks but you can tolerate it” territory. It’s actually unusable after a certain point. I inherited a Synology NAS at my current job which is used for backup storage, and my job was to figure out why it wasn’t working anymore. After investigation, I found out the guy before me populated it with cheapo SMR drives, and after a certain point they just become literally unusable due to the ripple effect of rewrites inherent to shingled drives. I tried to format the array of five 6TB drives and start fresh, and it told me it would take 30 days to run whatever “optimization” process it performs after a format. After leaving it running for several days, I realized it wasn’t joking. During this period, I was getting around 1MB/s throughput to the system.

Do not buy SMR drives for any parity RAID usage, ever. It is fundamentally incompatible with how parity RAID (RAID5/6, ZFS RAID-Z, etc) writes across multiple disks. SMR should only be used for write-once situations, and ideally only for cold storage.

… Yes. You will have to behave like a civilized adult. If your opinion is that you shouldn’t have to, then you are correct that I do not respect that opinion.

Personally I’d rather have a choice of who to follow based on whose opinions align better with my own, instead of everyone being forced to go with the majority…

NixOS is FOSS. People can freely fork it. Your choice is not being taken away.

in other words I respect people’s freedom to have opinions I do not like, which I think this type of “community power” is in some ways the opposite of that.

I’m not sure how voting makes it so we can’t respect each other’s opinions.

Have it just be form-fitted outside contacts, with magnetic adhesion to hold the plug in place.

I actually really like this idea. If we’re breaking backwards compatibility anyways, let’s do something useful with it. This form factor was invented in the 1950s. I’m sure we can do something better now.

We need to move away from everything having a battery anyways. Wireless headphones were a mistake. Now people are walking around with 4-6 batteries on them at all times. Phone, laptop, earbuds, earbud case, battery backup, smart watch. Batteries aren’t great for the environment, not to mention they typically condemn something to being tech waste in a few short years. We need to significantly rethink this model.

I would rather have a strong dictatorship focused on technical merit, to be deposed in the future for another dictator, again, based on technical merit.

Normally when I see people say something like this, what they actually mean is “based on technical merit (and also has the right opinions that agree with mine)”. The concern is that democracy will produce outcomes they find disagreeable.

Overall I’m quite pleased with this news, but I’m a bit of a zealot when it comes to democracy. Barring any breakdown of process during the drafting and election phases, I see this as an absolute win, and the first step towards repairing the community.

I’m not sold on the name, but I’m definitely interested in the fork. I think there is an irreconcilable schism in the NixOS community that cannot be fixed unless the Benevolent Dictator steps down as leader, and it sure seems like he’s not gonna do that, as he’s built his entire company on top of NixOS.

That caused a lot of tension, the foundation came to a decision not to accept sponsorship

This part is actually not true, they are still a sponsor of NixCon NA 2024.
https://2024-na.nixcon.org/#sponsors

They proposed a policy to handle deciding sponsorships in the future, but it’s pretty lackluster. It basically just says the people in power promise to do a good job, pinky swear.
https://github.com/NixOS/foundation/blob/bb7af14ae242ab87c8312bb4122b2a3cd184462d/policies/sponsorship_policy.md