Nonbinary

Can we get the names of these people so we can have their drivers licenses taken away?

“YOLO” - more than 1 merge comment I’ve seen.

It makes my eyes bleed.

MariaDB CLI about once in a blue moon when I have to clear some table that’s gotten borked.

I thought you meant for a declarative OS like Nix. Which does not have a GUI configurator, nor does any comparable declarative OS. Isn’t that what we’ve been talking about this entire thread?

I think your “proper graphical configurator” is doing some heavy lifting there. Of course, there’s no such thing right now, so you’re dealing with the coding yourself in a pretty oddly designed syntactical language, and the terrible official documentation that is the current state of affairs to do it with.

Other than that, sure, a declaritive and atomic OS would be the way to go.

No end of interesting shit you can do in Nix, at one point I had zfs and ipfs entries in one of my configs. I got away from it all before flakes started to get popular.

I tried it as a docker host; the declarative formatting drove me around the bend. I get a fair bit of disaster proofing on my docker host with git and webhooks, besides using Proxmox/ZFS to host it all and back it up.

Maybe homelab stuff that you mess with a lot and need to revert or stand up a multitude? I tried it for self-hosted apps and frankly a docker host is way easier. JB guys were pushing it for Nextcloud and it was a nightmare compared to the Docker AIO. I guess you could stand it up as a docker host OS, but I just use Debian, it’s pretty much bulletproof and again, less hassle.

I went through a NixOS phase, and for a user that isn’t trying to maintain a dev environment, it’s a bloody lot of hassle.

I’m all behind immutable distros even though I don’t particularly have the need for them, but declaritive OSs are kinda niche.

How would that make any sense in that context?

Jeez, Kevin Bacon back there just won’t get into the game.

If you want to lose most of your tooling and community support, Podman is a great way to go.

Governments are not anyone’s issue other than other governments. If your threat model is state actors, you’re SOL either way.

Making it harder for everyone else is the goal, and to do that you need a swiss cheese model. Hopefully all the holes don’t line up between the layers to make it that much harder to get through. You aren’t plugging all the holes, but every layer you put on makes it a little bit harder.

And NAT is not just simple to set up, it’s the intuitive base for the last 30 years of firewalls. I don’t see where you get a cost from it. As I said, separating network spaces with it comes naturally at this point. Maybe that’ll change, but I remember using routable IPV4 when it was it the norm, and moving to NAT made that all feel way more natural.

Obfuscation is not security

Yes, of course. But saying trite things like that doesn’t get around the idea that giving out a map of the internal network by default isn’t the best policy.

NAT still has its place in obfuscating the internal network. Also, it’s easier to think about firewall/routing when you segregate a network behind a router on its own subnet, IMO.

I left IT about a decade ago to farm 3000 acres and 300 cows.

It is very much not retirement living.

I used to be a network engineer and I found farming bloody complicated. You might be very surprised at the breadth of knowledge it takes to successfully farm today.

You haven’t lived until you’ve compiled a 3com driver in order to get token ring connectivity so you can download the latest kernel source that has that new ethernet thing in it.

He’s got a lot of charisma

That’s funny.