Not at all surprised.

I follow Alec on Mastodon and the vast majority of interactions over the past few months have been people aggressively "well ackshually"ing him or outright getting angry.

That isn’t to say it is all shit (I would like to think a few conversations I had with him were mutually pleasant). But his entire ethos is that he approaches problems from a practical “midwesterner” perspective. And that REALLY angers all the ideological nutjobs who are angry if anyone even suggests something that won’t advance their own pseudo-political goals.

And I’ve noticed it with a lot of other “celebrities” on Mastodon. The rest of us can have fun conversations while the shitheads stay to themselves. They are too high profile and the shitheads flock to them to make sure they understand why they are actually wrong and are a bad person for thinking something.

Because the idea is to be one giant town hall/message board and to grow a social network based on who you follow.

If you don’t want people to see what porn stars you follow? Make a second account to get horny on.

Which gets back to volunteers going through and moderating it. And the ethical and moral question of whether people who upload it are reported.

And… honestly? if there is even a 20% chance that running a file sharing node (because I just love to give away both bandwidth and storage…) is being used to store CSAM? I ain’t doing that shit and most people will similarly run screaming and call the cops.

Nothing solves the problem of CSAM quite like… making everyone partially culpable in the storage and distribution of CSAM.

You can’t prove I was hosting child porn. Statistically, we all only had a 70% probability of having it on our computers

And moderation of this kind of content almost always sounds like torture when you hear about what facebook and the like are outsourcing.

Theoretically, this is a good problem for computer vision/machine learning. But there are a LOT of false positives (I think it was Aftermath who did an article on a study of when a nipple becomes female?). And… what ethical responsibility do you have to report on the fiftieth time that SheIsReallyAnEightThousandYearOldDragon_6969 uploaded CSAM? And how quick do you think people are going to lose faith in you and start wondering if you’ll also report on the rampant piracy?

And… there are also false negatives. At which point you find out you have been hosting something truly heinous for the past few months… possibly when local law enforcement tells you.

Like a lot of things: it sounds great. But nobody in their right mind is going to host this for free. And once you start accepting money you start opening yourself up to a LOT of regulations.

We totally need sustainable file hosting. Freedom!

Wait… the fuck did you just upload? Oh god. Oh god no. Do I have to call the cops on you? Oh no. Wait, does this count as possession? FUCK!!!

We need someone else to handle the totally sustainable file hosting. Freedom!

Yeah. This isn’t the first time the news app and the core nextcloud updates have fought each other in weird and mysterious ways (for me or others). I forget how I solved it last time (I think it was a similar case of needing to manually update to bleeding edge and then tweak things) but… I just don’t care anymore.

I don’t know who is right or wrong in how nextcloud is maintained (my instinct is the nextcloud devs because… have you seen nextcloud? but also, most apps don’t have this recurring problem). But at this point, the benefits I get out of it are largely gone. And when so many issues boil down to “We need more people and resources to maintain this”, it kind of feels like getting off the train BEFORE it crashes rather than after.

I’m on the alpha and it still won’t update any of my feeds. And going through the github issues it is basically summed up as “We will do another stable release once we have a frontend developer” which is basically never. So, at best, it will work until it doesn’t and then I have to fix it myself yet again and… yeah.

And if my choice is to run an older version of nextcloud to support one app? Hell no.

Because the Mastodon community did the same thing we do every time there is a chance to get people away from corporations (e.g. Linux vs Windows).

People were looking for an alternative. The general consensus was it was hard to really grok federation. So, of course, The Community insisted on explaining federation and why it was good while basically only commenting on the instances that had closed applications. It was the equivalent of insisting someone who wanted to try Linux for gaming NEEDS to use arch and only needs to know twenty command line operations to get up and running.

So… everyone instead just went to Bluesky and Threads where sign-up links were provided rather than directory links and manifestos.

And… I am perfectly happy with that. Lemmy has a LOT of issues where so much of the community is talking about their ex-girlfriend (reddit) all the time and we basically get constant content and engagement farming that makes no fucking sense considering the userbase.

Whereas Mastodon actually IS a really good community that feels very different from twitter/bluesky/threads. It isn’t for everyone but I very regularly have genuinely good conversations with people in the town hall/microblog format. Whereas… I am not sure if I have ever had even a meaningful conversation on lemmy (whereas I’ve probably had maybe ten on reddit over the years?).

Generally speaking, all the major instances are federated with all the other major instances.

The differences are the super tiny instances (which are generally effectively zero traffic) and the controversial instances (mostly tankies). Said controversial instances don’t want to advertise that nobody can stand them and the rest of the instances don’t want to deal with the bullshit from bringing it up again.

I think it would be a nice novelty to visualize this. But I don’t think there would be much actionable information coming out of it and , because this is The Internet, it will likely lead to harassment and brigading.

More drives is always better. But you need to understand how you are making it better.

https://en.wikipedia.org/wiki/Standard_RAID_levels is a good breakdown of the different RAID levels. Those are slightly different depending on if you are doing “real”/hardware RAID or software raid (e.g. ZFS) but the principle holds true and the rest is just googling the translation (for example, Unraid is effectively RAID4 with some extra magic to better support mismatched drive sizes)

That actually IS an important thing to understand early on. Because, depending on the RAID model you use, it might not be as easy as adding another drive. Have three 8 TB and want to add a 10? That last 2 TB won’t be used until EVERY drive has at least 10 TB. There are ways to set this up in ZFS and Ceph and the like but it can be a headache.

And the issue isn’t the cloudflare tunnel. The issue is that you would have a publicly accessible service running on your network. If you use the cloudflare access control thing (login page before you can access the site) you mitigate a lot of that (while making it obnoxious for anything that uses an app…) but are still at the mercy of cloudflare.

And understand that these are all very popular tools for a reason. So they are also things hackers REALLY care about getting access to. Just look up all the MANY MANY MANY ransomware attacks that QNAP had (and the hilarity of QNAP silently re-enabling online services with firmware updates…). Because using a botnet to just scan a list of domains and subdomains is pretty trivial and more than pays for itself after one person pays the ransom.

As for paying for that? I would NEVER pay for nextcloud. It is fairly shit software that is overkill for what people use it for (file syncing and document server) and dogshit for what it pretends to be (google docs+drive). If I am going that route, I’ll just use Google Docs or might even check out the Proton Docs I pay for alongside my email and VPN.

But for something self hosted where the only data that matters is backed up to a completely different storage setup? I still don’t like it being “exposed” but it is REALLY nice to have a working shopping list and the like when I head to the store.

A LOT of questions there.

Unraid vs Truenas vs Proxmox+Ceph vs Proxmox+ZFS for NAS: I am not sure if Unraid is ONLY a subscription these days (I think it was going that way?) but for a single machine NAS with a hodgepodge of drives, it is pretty much unbeatable.

That said, it sounds like you are buying dedicated drives. There are a lot of arguments for not having large spinning disk drives (I think general wisdom is 12 TB is the biggest you should go for speed reasons?), but at 3x18 you aren’t going to really be upgrading any time soon. So Truenas or just a ZFS pool in Proxmox seems reasonable. Although, with only three drives you are in a weird spot regarding “raid” options. Seeing as I am already going to antagonize enough people by having an opinion, I’ll let someone else wage the holy war of RAID levels.

I personally run Proxmox+Ceph across three machines (with one specifically set up to use Proxmox+ZFS+Ceph so I can take my essential data with me in an evacuation). It is overkill and Proxmox+ZFS is probably sufficient for your needs. The main difference is that your “NAS” is actually a mount that you expose via SMB and something like Cockpit. Apalrd did a REALLY good video on this that goes step by step and explains everything and it is well worth checking out https://www.youtube.com/watch?v=Hu3t8pcq8O0.

Ceph is always the wrong decision. It is too slow for enterprise and too finicky for home use. That said, I use ceph and love it. Proxmox abstracts away most of the chaos but you still need to understand enough to set up pools and cephfs (at which point it is exactly like the zfs examples above). And I love that I can set redundancy settings for different pools (folders) of data. So my blu ray rips are pretty much YOLO with minimal redundancy. My personal documents have multiple full backups (and then get backed up to a different storage setup entirely). Just understand that you really need at least three nodes (“servers”) for that to make sense. But also? If you are expanding it is very possible to set up the ceph in parallel to your initial ZFS pool (using separate drives/OSDs), copy stuff over, and then cannibalize the old OSDs. Just understand that makes that initial upgrade more expensive because you need to be able to duplicate all of the data you care about.

I know some people want really fancy NASes with twenty million access methods. I want an SMB share that I can see when I am on my local network. So… barebones cockpit exposing an SMB share is nice. And I have syncthing set up to access the same share for the purpose of saves for video games and so forth.

Unraid vs Truenas vs Proxmox for Services: Personally? I prefer to just use Proxmox to set up a crapton of containers/vms. I used Unraid for years but the vast majority of tutorials and wisdom out there are just setting things up via something closer to proxmox. And it is often a struggle to replicate that in the Unraid gui (although I think level1techs have good resources on how to access the real interface which is REALLY good?).

And my general experience is that truenas is mostly a worst of all worlds in every aspect and is really just there if you want something but are afraid of/smart enough not to use proxmox like a sicko.

Processor and Graphics: it really depends on what you are doing. For what you listed? Only frigate will really take advantage and I just bought a Coral accelerator which is a lot cheaper than a GPU and tends to outperform them for the kind of inference that Frigate does. There is an argument for having a proper GPU for transcoding in Plex but… I’ve never seen a point in that.

That said: A buddy of mine does the whole vlogger thing and some day soon we are going to set up a contract for me to sit down and set her up an exporting box (with likely use as a streaming box). But I need to do more research on what she actually needs and how best to handle that and she needs to figure out her budget for both materials and my time (the latter likely just being another case where she pays for my vacation and I am her camera guy for like half of it). But we probably will grab a cheap intel gpu for that.

External access: Don’t do it, that is a great way to get hacked.

That out of the way. My nextcloud is exposed to the outside world via a cloudflare tunnel. It fills me with anxiety but as long as you regularly update everything it is “fine”.

My plex? I have a lifetime plex pass so I just use their services to access it remotely. And I think I pay an annual fee for homeassistant because I genuinely want to support that project.

Everything else? I used to use wireguard (and openvpn before it) but actually switched to tailscale. I like the control that the former provided but much prefer the model where I expose individual services (well, VMs). Because it is nice to have access to my cockpit share when I want to grab a file in a hotel room. There is zero reason that anything needs access to my qbitorrent or calibre or opnsense setup. Let alone even seeing my desktop that I totally forgot to turn off.

But the general idea I use for all my selfhosted services is: The vast majority of interactions should happen when I am at home on my home network. It is a special case if I ever need to access anything remotely and that is where tailscale comes in.

Theoretically you can also do the same via wireguard and subnetting and vlans but I always found that to be a mess to provide access both locally and remotely and the end result is I get lazy. Also, Tailscale is just an app on basically any machine whereas wireguard tends to involve some commands or weird phone interactions.

Even ignoring the ideological reasons to not want facebook integration: There are only so many hours in the day and so many dollars in the donation bucket. If an open source project is dedicating a disproportionate percentage of that on a feature that a significant part of the community actively do not want: That is exactly WHY you fork a project.

And once we consider the ideological and safety related reasons to not want facebook and giant corporate interests involved?

I have a lot of issue with the people who decide the answer is harassment and hate. But if enough development and organizational energy want to fork this? Fuckin’ A.

So… exactly what we already have except instead of c/linux@lemmy.world it is c/linux@lemmy.worldANDlemmy.zip?

Again, how does that work if c/linux is “the same” on every instance?

Will comments and posts exist on the world view of c/linux but not the zip view? At which point… what are we actually getting over the status quo? Because you can bet that anyone who has hexbear unblocked would see two different versions of every single thread because nobody else would see the hexbear posted thread.

There have been a number of articles (pop and scholarly) about malicious code being social engineered into codebases over the past few years. And, in this case, the malice is “expected” from one of the long time developers to begin with.

Also: We got INCREDIBLY lucky that Andres Freund detected it when he did. Because that was hitting right around the time a lot of the major distros were preparing their major releases (Fedora basically escaped by the skin of their teeth).

Malicious manipulation of open source projects has always been a concern. And the vast majority of us do the equivalent of signing whatever form we are given because “oh it just looks like a standard contract”.

What you are describing is basically Mastodon (or, if you like porn and hatespeech, twitter… non-consensual porn because a lot of Mastodon instances are REALLY horny).

The moment you aggregate communities across instances you remove the ability to moderate them. Because maybe a hexbear mod wants to remove all mention of the Uyghur people, an ml mod wants to remove all mention of genocide against them, and a zip mod wants to remove all the comments about why genocide is good in a thread about god damned Bluey.

Do they all get to delete everything across every instance? Do you start having different views of the same community depending on your home instance?

All moderator elections would do is let chuds stack the ballot. Look up shit like the sad puppies debacle.

The answer is that a site needs to decide what its rules are and then moderators need to enforce those rules, regardless of how the community feels. Which, ironically, is what ml is doing (even if they don’t publicize those rules). And if the community dislikes the rules, you disassociate with them.

The issue with the fediverse is that you need to defederate or else you are tacitly approving of their bullshit.

You… should probably pay more attention to the news.

It is very possible for bad actors to inject malicious code into an open source project. And it is very probable for people to not notice because the vast majority of developers never read a single line of the open source code they claim to value so much.

“Any bad code will be detected by the armies of people who do rigorous code analysis of every single pull request” was always nonsense.

We have decades of proof of chuds brigading and building up hate speech hellfests in these “just let capitalism decide” laissez-faire models.

Moderation free environments just turn places into kiwi farms.