For anything that is related to my backup scheme, it’s printed out hard copy, put in an envelope in a fire safe in my house. I can tell you from experience there is nothing more stressful than “oh fuck I need my backups but the key to unlock the backups is in the backups fuck fuck fuck”.

And for future reference, anyone thinking about breaking into my house to get access to my backups just DM me, I’m sure we can come to an arrangement that’s less hassle for both of us

True, but silicone is 10-20x the price of TPU

Having tried similar things, I cannot stress enough how much you want to be printing molds like this in TPU unless you really really want your mold to be permanently embedded in the concrete

I was in the same place as you a few years ago - I liked swarm, and was a bit intimidated by kubernetes - so I’d encourage you to take a stab at kubernetes. Everything you like about swam kubernetes does better, and tools like k3s make it super simple to get set up. There _is& a learning curve, but I’d say it’s worth it. Swarm is more or less a dead end tech at this point, and there are a lot more resources about kubernetes out there.

They are, but I think the question was more “does the increased speed of an SSD make a practical difference in user experience for immich specifically”

I suspect that the biggest difference would be running the Postgres DB on an SSD where the fast random access is going to make queries significantly faster (unless you have enough ram that Postgres can keep the entire DB in memory where it makes less of a difference).

Putting the actual image storage on SSD might improve latency slightly, but your hard drive is probably already faster than your internet connection so unless you’ve got lots of concurrent users or other things accessing the hard drive a bunch it’ll probably be fast enough.

These are all Reckons without data to back it up, so maybe do some testing

Debian. When I have time to mess about with server stuff, I want to be doing the thing I want to do rather than fixing whatever broke in the most recent set of updates

Taking donations for a specific purpose (developing jellyfin core) then spending it on something else (donations to other related projects) is something donors and tax authorities generally frown on

Pretty much - I try and time it so the dumps happen ~an hour before restic runs, but it’s not super critical

pg_dumpall on a schedule, then restic to backup the dumps. I’m running Zalando Postgres in kubernetes so scheduled tasks and intercontainer networking is a bit simpler, but should be able to run a sidecar container in your compose file

If you figure it out, I know several companies that would be more than willing to drop 7 figures a year to license the tech from you

There is one standard way to cast fireball - it works, it’s cheap, it very rarely backfires, it’s in all the textbooks, everyone knows how it behaves - but sometimes you sit down in a tavern next to another wizard and you just know before they even open their mouth that they are going to spend the next twenty five minutes telling you about how they learnt this alternative way to cast it and it’s taken a bit of practice but they can just about cast it as fast as they could before and how it’s so much more ergonomic or whatever

Debugging spells is just as much a dark art as spell crafting itself. When I was a young apprentice we didn’t have as sophisticated tools as you do now; you had to make sure you noted down your intermediate runes correctly and use those symbols to divine some meaning from the ashes of your failed spell. One time I mixed up my notes with the symbols of a different spell and when I sprinkled the ashes on the stack I was stuck speaking in tounges for a week.

These days of course you can summon a lesser demon to freeze your spell and ask it about the state, but the demons can be tricky and it’s easy for novices to make a mistake and allow the demon to run amok - makes a real mess of the lab.

Yeah, they are mostly designed for classification and inference tasks; given a piece of input data, decide which of these categories it belongs to - the sort of things you are going to want to do in near real time, where it isn’t really practical to ship off to a data centre somewhere for processing.

Seems pretty reasonable. At the end of the day people have to eat, so projects like this either trundle on as hobby-and-spare-time projects for a few years until people get bored and burnt out, or you find a way to make working on the project a paid gig for the core people

I’m in New Zealand and it prompted me to set up my Sony WH-1000XM5s with Find My Device on my Pixel 7a last week, but kept erroring out when I tried to do it

Yeah, traffic coming from an ASN that isn’t assigned to a residential ISP would be a pretty good sign of shenanigans

The actual math is way beyond me, but the algorithm is “one way” - it exploits the fact that given two prime numbers (ie, the private key) it is trivial to multiply them together, but if you only know the result (ie, the public key) it is computationally very expensive to determine the original prime factors. If you pick big enough numbers, it becomes effectively impossible to undo the multiplication

Ok, semantics - for RSA you generate a private key, then derive the public key from that private key, and you could publicly post your private key if you wanted to. “Public” and “private” are just names.

In RSA, the private key is a pair of big semi-primes, and the public key is derived from those numbers. I think you are confusing DHKE and RSA with your other points, the private key is never transmitted over the network. For TLS you typically use an asymmetric crypto system to validate identities and encrypt the key exchange to prevent person-in-the-middle, but the key that is agreed using that process is a symmetric key for AES or similar, but that is specific to TLS.

Also, there are other asymmetric systems that don’t use primes at all - eliptic curve crypto is based on completely different math

A big “It Depends” on that - plenty of applications of asymmetric crypto where you just hard-code the servers public key into the client and call it a day, and GPG has its own PKI scheme that is just kinda weird.

You also don’t have to use Diffie-Hellman - early versions of SSL just sent the ephemeral key (the symmetric key used for the actual AES session) directly. This works, but using DH also gives you “forward secrecy” - even if a malicious third party has captured the entire encrypted session, then later steals (or factors) your private key they still won’t be able to read the encrypted traffic because they can’t recover the ephemeral key because it wasn’t sent over the wire in the first place