I mean… Depends on your threat model. Hetzner is a very reputable German hoster. The only way someone is going to try and read and puzzle together memory dumps is if you’re under investigation for something seriously heinous.

Shutting the VPS down also solves this.

But really, this is a general problem with every “someone else’s computer” solution.

E2EE still nice though, wish Immich had it.

LUKS isn’t cumbersome, you should really enable it on nearly every Linux system.

Anyways, what do you mean “allowed”?

I have a Hetzner root server set up this way btw, have to ssh in to decrypt the zfs pool before boot.

Do note though, this does not protect from an attacker with physical access reading memory.

Shouldn’t it be the other way round? If I’m a guest at someones house, IMO I should go out of my way to do as the host does.

/s

Hm… Maybe? Only one way to find out!

(I know this is in reference to Sousou no Frieren, but just in case: that’s not an actual German name, it’s just a German verb. Never even seen it used as a name.)

Eh… Not really. Qemu does a really good job with VM virtualizarion.

I believe I could easily build containers instead of VMs from the nix config, but I actually do like having a full VM: since it’s running a full OS instead of an app, all the usual nix tooling just works on it.

Also: In my day job, I actually have to deal quite a bit with containers (and kubernetes), and I just… don’t like it.

I’ll DM you… Not sire I want to link those two accounts publicly 😄

Zero.

About 35 NixOS VMs though, each running either a single service (e.g. Paperless) or a suite (Sonarr and so on plus NZBGet, VPN,…).

There’s additionally a couple of client VMs. All of those distribute over 3 Proxmox hosts accessing the same iSCSI target for VM storage.

SSL and WireGuard are terminated at a physical firewall box running OpnSense, so with very few exceptions, the VMs do not handle any complicated network setup.

A lot of those VMs have zero state, those that do have backup of just that state automated to the NAS (simply via rsync) and from there everything is backed up again through borg to an external storage box.

In the stateless case, deploying a new VM is a single command; in the stateful case, same command, wait for it to come up, SSH in (keys are part of the VM images), run restore-<whatever>.

On an average day, I spend 0 minutes managing the homelab.

Interesting, that sounds more related to personal phone calls?

I was more thinking of the “single-purpose” kind of call, where you can communicate very clearly about your intetions

You (sadly) need to group all quality profiles into a single one, and then handle quality through a custom format. Example from my setup:

I’m really glad my first (part time) job as a fresh-out-of-highschool 17 year old required me to call about 5-6 companies/people per workday. A good number of whom where existing business relations, so not a whole lot of room to fuck up.

First week was really anxiety-inducing, because I HATED making phone calls.

After that, no issue. Today, I’d 1000% rather call a doctor’s office, restaurant, plumber,… Than write an email. Online forms are fine, but phone calls are just better. You can get the back and forth often needed for planning done in like 5 seconds.

Read it, do not reply

You can, without root even! Take a look at uad-ng (universal android debloater). Comes with a community-curated list which sorts APKs into 5 tiers from “recommended to uninstall” to “yeah don’t, your phone needs this to boot”. Apps disabled through this do not come back after updates.

Removed 140+ apps from my Xiaomi, 120+ from my GFs Samsung S24, and 90+ from my brothers Motorola Edge something.

Called their support. They were super nice, and then told me that if I still had access to my 2fa, I could simply add a second mail in my account without needing access to the first one.

Made total sense when stopping to think about it for a second 😄

Not sure. You mean something like r/NuclearRevenge and Co?

Oh, yeah. Wasn’t actually worried of the mails themselves (multiple devices which have all of them, plus a daily borgbackup offsite), it was just knowing that I NEED to fix this, now, because email is unfortunately kinda important.

Fun conundrum: had my personal mail as the only contact at my server provider. Requested a KVM for rescue. “Thank you for your request! We’ll email you the link to your KVM access!” Gahhh.

Lmao. Lmfao, even.

Here, I’m gonna save you some time and summarize the article for you:

• everyone is talking about how good LLMs are [citation missing], but they’re missing the point!
• because really, we’re already so much further ahead! There be magic tools out there!
• wait, you want to know which ones? Uuuuh sorry, the people building then are keeping them a secret…
• …because they are just THAT FRIGHTENINGLY GOOD! [citation missing]
• seriously, I used one of them to build a 30k/month product in 2 hours with zero coding!
• I mean… A subset at least. Oh I also did not do any review, so no idea just how badly fucked it is. Ah, and I guess the price tag comes from the existing reputation and legal guarantees provided by the original tool, which obviously I also couldn’t replicate.
• but worry not! I’m sure I’d be able to build the full tool in DAYS!
• I won’t though. Even though it could TOTALLY make me 30k per month per user. Totally.
• instead, I’ll PROVE to you JUST HOW GOOD these SECRET TOOLS are! Checkout this GitHub repo!
• …ah, no, sorry, I misspoke. I’ll obviously NOT be using the secret, but TOTALLY REAL [citation missing] tools that this entire article is about. For some reason. They’re totally real though bro. Trust me bro. I’m sure one more data-center will fix it bro. Just need to prompt right bro. Like bro, people don’t realize how gooooooood LLMs are bro. I swear bro. My prompts are so good I need to keep them secret because it’s SCARY bro. Bro.

Ahem. Maybe I editorialized a tiny bit. Not much though, trust me bro.

Same. But also, I’ll never forget the adrenaline when I actually legitimately fucked up once. Was a sweaty 2 hours of recovery.

We really, really do. I miss r/PettyRevenge and cousins, plus r/TalesFromTechSupport.