Fail2ban config can get fairly involved in my experience. I’m probably not doing it the right way, as I wrote a bunch of web server ban rules — anyone trying to access wpadmin gets banned, for instance (I don’t use WordPress, and if I did, it wouldn’t be accessible from my public facing reverse proxy).

I just skimmed my nginx logs and looked for anything funky and put that in a ban rule, basically.

Windows is just as hard as linux, harder even with all the layers of obscurity.

I think that there is 1 current version of Windows, 1 “almost current”, and 1

(I have used Linux for the last 20+ years, and it’s definitely my preferred setup.)

And many folks have headless setups — raspberry pis, home servers, VPSs, etc. It’s kinda overkill to install a desktop environment on a headless box if the only reason you need it is so you can VNC into it for a simple task that could be done over ssh.

For some (most?) of us, we don’t have ssh access open to the world, so everything is over a VPN. So I can just use NFS over WireGuard which afaik is fairly secure, if you trust your endpoints, and works great over the Internet.

On linux you can"t install or uninstall anything if you are not root

That’s not true at all. You generally can’t use your distribution’s package manager to install or uninstall without elevated privileges. But you can download packages, or executables with their own installer, and unpack/install under your home directory. Or, you can compile from source, and if you ./configure’d it properly make install will put it under your home.

Standard Linux distributions don’t place restrictions on what you can and cannot execute; if it needs permissions for device access of course you’ll need to sort that out.

Newer macOS is not Unix certified.

It’s UNIX 03 compliant https://en.m.wikipedia.org/wiki/Single_UNIX_Specification

One or two Linux distros were (are?) UNIX certified, though.

If your distro can’t be forked into a “beginner distro” then it’s fundamentally flawed IMHO*.

To be clear, I’ve used Arch as my daily drivers for a while, and while it’s not the best fit for my needs (I use Debian mostly), there’s nothing that I experienced that was incompatible with a “beginner” distro.

You can also drop cache for debugging by running something like echo 3 | sudo tee /proc/sys/vm/drop-caches

But remember that the kernel knows best — this RAM will be automatically be freed up when needed and you should never run this except for debugging (or maybe benchmarking).

I switched from raspberry pi and orange pi to a cheap Intel NUC, and I think it’s just a much nicer experience.

The pi is great fun, but the HW transcoding on a NUC “just works,” and the SSD and 16GB RAM opens a lot of doors. My N100 NUC was less than $150, and it included everything (case, power supply, 500GB SSD).

My pi found new life as an off-site backup: attach a big HDD, set up WireGuard, and have a cronjob do daily rsync and snapshots. I have it set up at in-laws, and it works great.

man rot13 ;)

WireGuard, and an external HDD. Run at a remote location for off-site backup.

I do this with a raspberry pi 3 at the in-laws. I copied the data over locally before setting it up, and after that it’s just nightly incremental rsync, which is fine even over my slow (35Mbps) upload.

proxmox nudes

No judgement here, you just keep doing what makes you happy.

It’s overpriced hardware

Have you seen the M4 benchmarks?

If you’re memory bound then sure, you can get way more bang for your buck with Intel/AMD. But for pretty amazing CPU performance I think the “Apple is overpriced” trope isn’t really true any more.

Take numbers with a grain of salt, e.g., this link says a 7200RPM 160GB SATA drive from 2004 is $107, or about $0.67/GB, instead of the $5 claimed in post.

Maybe they mean four year uptime…

Yeah, I would additionally like to see fines be in units of revenue — $50M means wildly different things to different organizations.

For very simple tasks you can usually blindly log in and run commands. I’ve done this with very simple tasks, e.g., rebooting or bringing up a network interface. It’s maybe not the smartest, but basically, just type root, the root password, and dhclient eth0 or whatever magic you need. No display required, unless you make a typo…

In your specific case, you could have a shell script that stops VMs and disables passthrough, so you just log in and invoke that script. Bonus points if you create a dedicated user with that script set as their shell (or just put in the appropriate dot rc file).

I like the “this can’t really be compared to Windows or macOS” aspects of tiling window managers. I like it when the window manager sort of “gets out of the way,” but that’s just me.

I think there’s a bias in the US against this sort of thing that doesn’t exist (or not to the same extent) in Europe due to the age of the cities/buildings.

In the US, a building from the 1700s is a historic artifact to be cherished, while in parts of Europe a building from the 1500s is just the local pub.

So, the US is often hesitant to modify these old buildings, but Europe seems to have more of a perspective of “it’s a building, not a museum, let’s give it new life by modifying it.”

This is just from the perspective of me, from the US — and I think these old/new buildings are really neat!