We recently had a funny problem. Our service ran fine, but a postgres upgrade failed because some pg internals were broken (broken ref ids). Dumping the DB also failed for the same error. Reading and writing was still fine, though. So we restored backup after backup… no dice. They all had the same issue: it was working for the service but we couldn’t perform any maintenance. Ultimately we had to “manually” dump the data of the service and replay it into a fresh db. That took quite long. But that was interesting, since even the verification of the backups didn’t help us notice that kind of corruption.

I am also a former TeX addict, but I was always more in favor or ConTeXt over LaTeX. And Typst is basically ConTeXt, but a lot faster (as in you get real time preview as you type).

Huh? What’s wrong with Overleaf?

If you “only” need beautiful PDF and it doesn’t have to be online, you can also use Typst with vscode and tinymist as editor locally. Not as powerful as TeX, but I know few people for use TeX even remotely to its fullest. The upside of Typst is, that the “core” syntax for content writing is very markdown-like, so you can focus on writing instead of the underlying language.

No, I keep that private to minimize the information I leak about what I host, sorry. (I also don’t do git-ops for my server; I back the mentioned directories up via kopia so in case of recovery I just restore the last working state of data+config. I don’t have much need to version the configs.)

What I did to get rid of my mess, was to containerize service after service using podman. I mount all volumes in a unified location and define all containers as quadlets (systemd services). My backup therefore consists of the base directory where all my container volumes live in subdirectories and the directory with the systemd units for the quadlets.

That way I was able to slowly unify my setup without risking to break all at once. Plus, I can easily replicate it on any server that has podman.

Backblaze B2 using Kopia

No, since at the moment it wants to manage certificates, but I don’t intend to run pangolin as my main reverse proxy.

Pangolin is the most user friendly self hosted alternative to Cloudflare tunnels. There are dozens alternatives, but none with that feature set and such a UI.

Yes. You can simply not expose SMTP at all and just use the IMAP/JMAP part. Unless you need also JMAP, I am not sure it brings you a lot to the table you wouldn’t also get from a good old dovecot. IMO the big advantage of Stalwart is the all-in-one package it delivers plus the good defaults. It also shines when you want a multi node deployment. For a single node IMAP only it might not be the best choice, in my opinion. But it would work, if you want to.

We can ask, but the indicators are there:

• it has roadmap with bigger features that slowly shrinks as they get implemented
• new versions still bring big reworks (I think this is the third time now that the data structure is being migrated)
• optimizations happen between the versions
• benchmarks are still on the horizon

It aims at both, otherwise it wouldn’t ship with sqlite and rocksdb. Stalwarts default is clearly for single node setups and expanding it to clustering takes further steps. So while it supports large scale deployments, it should not be limited to it.

It’s a 0.x release. It makes sense building the intended features first before optimizing heavily. There’s no point having an optimized data structure that then falls flat once you need to add new features that brings new requirements to the data structure.

Once they label it 1.x (i.e. feature complete and production ready) I would expect it to be optimized. If it isn’t, criticism is warranted.

Well exactly as you say: it’s a single service instead of having to combine multiple. In my case dovecot was a lot faster for my mailboxes, but postfix was a piece of shit and I was happy to get rid of it and the many components (rspamd, dkimproxy, etc.) it required. It has far too many footguns, and I shot myself multiple times with them over the years. So the most important part (SMTP) is significantly simpler and IMO better with stalwart. And the mailbox part hopefully evolves as well (it already has JMAP, so that is already an advantage over dovecot as well).

Use Stalwart as mailserver. Besides coming with sane defaults, it allows to put hooks into almost every mail stage. Those hooks can be sieve scripts, local binaries or http calls.

Yeah but it also shows the weird naming of WSL. It’s Windows (32) on Windows 64, but Windows Subsystem for Linux instead of Linux on Windows 64 (which would at least have fit the pattern).

I talk fully about software. Add appropriate nftable rules to the container network and that’s it.

For me it’s not even about better or worse, but about different. For them it’s a nice iteration after many years, but for be it is one of the dozens of apps I use irregularly that suddenly behaves and works different and forces me to relearn things I don’t have any gain from. Since each of the different apps get that treatment every once in a while, I end up having to adjust all the damn time for something else.

I would really like we could go back to functional applications being sold as is without forced updates. I do not need constant changes all the time. WinAmp hasn’t changed in 20 years and still does exactly what it is supposed to. I could probably spin up an old MS Word 2000 and it would work just like it did 20 years ago.

Many modern apps however change constantly. No wonder they all lean towards subscriptions if they “have to” work on it all the time. But I, as a user, don’t even want that. I want to buy the thing that does what it’s supposed to and then I want it to stay that way.

Well, a big advantage of containers is, that you can isolate them pretty aggressively. So if you run a container that is supposed to serve content on a single HTTP port, expose only that port, mount no unnecessary volumes and run it on a network that blocks all outgoing traffic. Ideally the only thing left will be incoming traffic on the one port the service is supposed to serve.

btrfs because it was simple

Personally I found ZFS far more simple. The userspace tools make more sense to me. Also I like, that volumes can have a default (relative) mount point attached. So in a recovery scenario, I simply have to open the zpool with a relative base path, and then have all my volumes ready to go. If I want to recover a btrfs system with multiple subvolumes, I typically need to know exactly which ones and where to I have to mount them (each individually).

Also I go really used to zfsbootmenu.

Microsoft really has a knack for that. I also like WoW64, which contains the binaries for running 32 bit applications on Windows 64 bit. For historical reasons, the 64 bit binaries live in system32, obviously.