• 0 Posts
  • 23 Comments
Joined 1 year ago
cake
Cake day: January 17th, 2024

help-circle

  • So, buzzer WRONG.

    Quite arrogant after you just constructed a faulty comparison.

    If I say my name is Doo doo head, in a public park, and someone happens to overhear it - they can do with that information whatever they want. Same thing.

    That’s absolutely not the same thing. Overhearing something that is in the background is fundamentally different from actively recording everything going on in a public space. You film yourself or some performance in a park and someone happens to be in the background? No problem. You build a system to identify everyone in the park and collect recordings of their conversations? Absolutely a problem, depending on the jurisdiction. The intent of the recording(s) and the reasonable expectations of the people recorded are factored in in many jurisdictions, and being in public doesn’t automatically entail consent to being recorded.

    See for example https://www.freedomforum.org/recording-in-public/

    (And just to clarify: I am not arguing against your explanation of Twitch’s TOS, only against the bad comparison you brought.)


  • aksdb@lemmy.worldtoLinux@lemmy.mlVirus
    link
    fedilink
    arrow-up
    2
    ·
    15 days ago

    We recently had a funny problem. Our service ran fine, but a postgres upgrade failed because some pg internals were broken (broken ref ids). Dumping the DB also failed for the same error. Reading and writing was still fine, though. So we restored backup after backup… no dice. They all had the same issue: it was working for the service but we couldn’t perform any maintenance. Ultimately we had to “manually” dump the data of the service and replay it into a fresh db. That took quite long. But that was interesting, since even the verification of the backups didn’t help us notice that kind of corruption.





  • What I did to get rid of my mess, was to containerize service after service using podman. I mount all volumes in a unified location and define all containers as quadlets (systemd services). My backup therefore consists of the base directory where all my container volumes live in subdirectories and the directory with the systemd units for the quadlets.

    That way I was able to slowly unify my setup without risking to break all at once. Plus, I can easily replicate it on any server that has podman.









  • Well exactly as you say: it’s a single service instead of having to combine multiple. In my case dovecot was a lot faster for my mailboxes, but postfix was a piece of shit and I was happy to get rid of it and the many components (rspamd, dkimproxy, etc.) it required. It has far too many footguns, and I shot myself multiple times with them over the years. So the most important part (SMTP) is significantly simpler and IMO better with stalwart. And the mailbox part hopefully evolves as well (it already has JMAP, so that is already an advantage over dovecot as well).





  • For me it’s not even about better or worse, but about different. For them it’s a nice iteration after many years, but for be it is one of the dozens of apps I use irregularly that suddenly behaves and works different and forces me to relearn things I don’t have any gain from. Since each of the different apps get that treatment every once in a while, I end up having to adjust all the damn time for something else.

    I would really like we could go back to functional applications being sold as is without forced updates. I do not need constant changes all the time. WinAmp hasn’t changed in 20 years and still does exactly what it is supposed to. I could probably spin up an old MS Word 2000 and it would work just like it did 20 years ago.

    Many modern apps however change constantly. No wonder they all lean towards subscriptions if they “have to” work on it all the time. But I, as a user, don’t even want that. I want to buy the thing that does what it’s supposed to and then I want it to stay that way.


  • Well, a big advantage of containers is, that you can isolate them pretty aggressively. So if you run a container that is supposed to serve content on a single HTTP port, expose only that port, mount no unnecessary volumes and run it on a network that blocks all outgoing traffic. Ideally the only thing left will be incoming traffic on the one port the service is supposed to serve.