• 0 Posts
  • 21 Comments
Joined 1 year ago
cake
Cake day: January 17th, 2024

help-circle
  • aksdb@lemmy.worldtoLinux@lemmy.mlVirus
    link
    fedilink
    arrow-up
    2
    ·
    11 days ago

    We recently had a funny problem. Our service ran fine, but a postgres upgrade failed because some pg internals were broken (broken ref ids). Dumping the DB also failed for the same error. Reading and writing was still fine, though. So we restored backup after backup… no dice. They all had the same issue: it was working for the service but we couldn’t perform any maintenance. Ultimately we had to “manually” dump the data of the service and replay it into a fresh db. That took quite long. But that was interesting, since even the verification of the backups didn’t help us notice that kind of corruption.





  • What I did to get rid of my mess, was to containerize service after service using podman. I mount all volumes in a unified location and define all containers as quadlets (systemd services). My backup therefore consists of the base directory where all my container volumes live in subdirectories and the directory with the systemd units for the quadlets.

    That way I was able to slowly unify my setup without risking to break all at once. Plus, I can easily replicate it on any server that has podman.









  • Well exactly as you say: it’s a single service instead of having to combine multiple. In my case dovecot was a lot faster for my mailboxes, but postfix was a piece of shit and I was happy to get rid of it and the many components (rspamd, dkimproxy, etc.) it required. It has far too many footguns, and I shot myself multiple times with them over the years. So the most important part (SMTP) is significantly simpler and IMO better with stalwart. And the mailbox part hopefully evolves as well (it already has JMAP, so that is already an advantage over dovecot as well).





  • For me it’s not even about better or worse, but about different. For them it’s a nice iteration after many years, but for be it is one of the dozens of apps I use irregularly that suddenly behaves and works different and forces me to relearn things I don’t have any gain from. Since each of the different apps get that treatment every once in a while, I end up having to adjust all the damn time for something else.

    I would really like we could go back to functional applications being sold as is without forced updates. I do not need constant changes all the time. WinAmp hasn’t changed in 20 years and still does exactly what it is supposed to. I could probably spin up an old MS Word 2000 and it would work just like it did 20 years ago.

    Many modern apps however change constantly. No wonder they all lean towards subscriptions if they “have to” work on it all the time. But I, as a user, don’t even want that. I want to buy the thing that does what it’s supposed to and then I want it to stay that way.


  • Well, a big advantage of containers is, that you can isolate them pretty aggressively. So if you run a container that is supposed to serve content on a single HTTP port, expose only that port, mount no unnecessary volumes and run it on a network that blocks all outgoing traffic. Ideally the only thing left will be incoming traffic on the one port the service is supposed to serve.


  • btrfs because it was simple

    Personally I found ZFS far more simple. The userspace tools make more sense to me. Also I like, that volumes can have a default (relative) mount point attached. So in a recovery scenario, I simply have to open the zpool with a relative base path, and then have all my volumes ready to go. If I want to recover a btrfs system with multiple subvolumes, I typically need to know exactly which ones and where to I have to mount them (each individually).

    Also I go really used to zfsbootmenu.