They can modify the DNS packets still. They aren’t encrypted or signed so the authenticity of a response packet cannot be verified. Parental controls from ISP relay on being able to snoop and modify your DNS (and SNI from TLS ClientHello packets).

Immutable Nixos. My entire server deployment from partitioning to config is stored in git on all my machines.

Every time I boot all runtime changes are “wiped”, which is really just BTRFS subvolume swapping.

Persistence is possible, but I’m forced to deal with it otherwise it will get wiped on boot.

I use LVM for mirrored volumes for local redundancy.

My persisted volumes are backed up automatically to B2 Backblaze using rclone. I don’t backup everything. Stuff I can download again are skipped for example. I don’t have anything currently that requires putting a process in “maint mode” like a database getting corrupt if I backup while its being written to. When I did, I’d either script gracefully shutting down the process or use any export functionality if the process supported it.

Don’t Look Up!

Very happy. My two daily drivers (Desktop and Laptop) are on Ubuntu but user space is managed with Nix.

All other machines are Nixos proper. Only thing keeping me back from moving to Nixos fully is I decided to piecemeal my own DE and I’ve just lacked the time to debug some issues related to gnome-keyring, computer locking, and coding up some system setting widgets.

I don’t know about Nvidia specifically, but I mostly only see RSUs offered to Staff/Principal level engineers or Director and above on the management track. Many times with a multi year vestment period to act as a retention tool. You can make out good at the exiting end of the deal.

IMHO its a shitty practice. There is risk if the C-level pulls some stupid shit tanking the stock. The reward could just as easily be distributed to employees with a profit sharing bonus that eliminates the risk of my options tanking while vesting. Let the employees convert to options if they want to stake on future company performance.

At least in the US, I could have used the value of my options earlier in life to help with student loans, buying a house, medical issues, having kids, etc. I grew up poor. I “pulled myself up from bootstraps” and am doing well now. I still think the whole system is a dumb gimmick.

While I have nothing against an arch recommendation, I wouldn’t rely on my distro when there is tooling to get any version of a library directly from pypi.

Having done some MQTT IoT work in the past, dropping a couple resources:

https://github.com/eclipse/mosquitto - CLI interface and C bindings. I’ve only used the CLI interface. Its a nice way to test communication with a remote broker.

RabbitMQ /w MQTT plugin - Message queue based on AMQP. We ran this as the server in a container. There maybe others options like 0MQ (been a few years so don’t know every option). I had my clients post to a wild card topic so that I could consume a single device or all devices. Consumption is not with MQTT though. We’d use AMQP on that side.

I recommended checking out package managers that will simplify using whatever version of a library you want with project level virtual environments.

I haven’t done heavy python dev since 3.7, so I don’t know the full landscape of options these days, but here are some references to dig into.

https://python-poetry.org/ is the one I started using as the first step up from pip.

It looks like there are some new contenders like hatch, rye, and pdm: https://dev.to/adamghill/python-package-manager-comparison-1g98.

There is also pixi referenced from the comments in that article: https://github.com/prefix-dev/pixi

or (pretend to) be female: https://lemmy.world/comment/10363254

I haven’t tested in Windows, but this is my setup Linux to Linux using rclone which the docs say works with Windows.

Server

• LUKS
• LVM
• Volgroup with a mishmash of drives in a mirror configuration
• Cache volume with SSD
• BTRFS /w Snapshots (or ZFS or any other snapshotting FS)
• (optional) Rclone local “remote” with Crypt if you want runtime encryption at rest and the ability to decrypt files on the server. You can skip this and do client side only if you don’t want the decryption key on the server.
• SFTP (or any other self-hosted protocol from https://rclone.org/docs/)

Client

• Rclone Config /w SFTP (or chosen protocol)
• (optional) Rclone Config /w Crypt
• Rclone mount with VFS.

I use this setup for my local files and a similar setup to my Backblaze B2 off site backups.

The VFS implementation has been pretty good. You can also manually sync. Their bisync I don’t fully trust though.

I can access everything through android using https://github.com/newhinton/Round-Sync. Not great for photos though as thumbnails weren’t loading without pulling the whole file last I tested a year ago.

Waffle

Might work like the book one where there is a known word and unknown word. You only have to guess the known one. The rest of the choices are used as training data for the unknowns.

Hotline for the MacOS warez scene to get games in high school (circa 1999ish).

I accidentally pirate crap I have legitimate access to because I can’t be bothered to figure out which damn platform its on. I have access to quite a few through work due to my industry at no out of pocket costs.

The times I try to actually search for something, it’ll be listed on multiple platforms but 0 to 1 of those platforms will actually have what I’m looking for included with the subscription forcing me to manually check each one.

It is easier to just pirate.

but I am using it not in the way it’s intended

This is absolutely intended. Nix is a programming language, package manager, and operating system.

Nix the package manager is intended to be used on nixos and non-nixos operating systems. It has first party support for Darwin (macOS).

My nixos build is not daily driver ready, so I’m still on Ubuntu for my productivity systems. The majority of the Ubuntu apps I use are managed via nix using home manager at this point. These share the same configurations with my nixos systems.

It is relatively low risk* since nix installs everything in /nix/store and sets up some env vars and user systemd services with symlinks to map to there. If I install Firefox with nix, the Ubuntu version is still there untouched. My PATH just hits nix first before the system. You have to change like one file if I’m remembering correctly after uninstalling if you want to back out which is the trigger for a nix package to come before a native package.

• If you dip into declarative app configs (zsh, fish, nvim, etc.) you can absolutely lose the original. I tracked all that in a dotfiles repo before nix personally. Just have backups and start small.

Once you have some foundational knowledge, I find more answers searching github with language:nix <some terms>. Usually I can find a few repos with an adjacent enough solution to deconstruct and apply to my setup.

If I had used a flake, I could have isolated that dependency from the rest of my build, while still tracking its integration with my system.

I have to do this weekly with my bleeding edge Hyprland setup.

I’ve been using nvfetcher to feed my nightlies addiction for software that doesn’t have a flake.

Only major hiccup I had was pulling a few packages from nixpkgs master due to a bug that got introduced in unstable for electron apps before it hit cachix. Wasn’t expecting it to take a day to compile everything that depended on it.

10/10 would highly recommend flakes.

I’m coming from a Haskell/Scala background. This job just pays more. TS has been “good enough” for types. I don’t think I could be as effective without them at this point.

I don’t see it dying from my perspective. Its only been getting better and better. The only thing I could see displacing it in my org is maybe Rust due to WASM proving a transition path.

We use TS on the back end to leverage our teams existing skill set and libraries we’ve built up.

I know it’s a meme to use “the next best thing” in the ecosystem, but we’ve been really happy with the newish Effect library + Bun runtime. Effect is like a merger of the older fp-ts/io-ts libraries (same author works on both) with Zio from the Scala ecosystem. It vastly simplifies the former and the new stuff with dependency injection and defect management is refreshing. With the Bun runtime, we see a 15x faster startup time (great for dev). Its halved the RAM requirements in prod. We don’t even need to transpile… We still do for prod to tree-shake dev-only code to ensure its not available in prod, but deploying to dev is FAST.