Beautiful. Will keep an eye on it. Thank you!

How would the current approach help?

Its not invasive yet (no third party, no ID, no verification; its basically just another user controlled date field that is not even exposed). So it is not lowering any barrier in that regard.

It’s also not a helpful intermediary step for harder measures, because as soon as you want a third party to do attestation, storing that on a user controlled device is just unnecessary complexity and risk of circumvention. It would be easier and safer (for those introducing it) to just let the attesting party talk to the providers directly.

The comment you answered to said not all software has to implement age checks; only those who actually deal with age relevant content. You said it would be a foot in the door. So… who’s foot to do what?

Who exactly gains anything from forcing lets say Krita to implement an age check?

One thing your answer dodges is the automation part. Do you plan on offering a cli to run individual workflows/scenarios? The UI is awesome for building and maintaining the workflows, but if I want to use them for automated testing for example I need to be able to run them headless.

Finally took the time to setup Woodpecker CI to replace Drone. Also finally linked it not only to my self hosted gitea, but also to github, so I can automate a few builds there as well.

In the process I also learned, that I can set up a whole bunch of pods in a single kube definition for podman/quadlets, which allows me to have a much cleaner setup. Previously I was only aware that you can define a single pod with multiple containers. It makes sense, but it never occurred to me before.

No. Because the information is user provided and unverified, so there’s no reason to lock anything down that could increase security. Once they want attestation, they need a third party service involved, in which case the device being part of the trust-chain doesn’t make sense anymore.

Sure. I also don’t want to shit talk XMPP. I prefer XMPP over Matrix any day. But it can be tricky (just like Matrix; which is funny, since Matrix set out to improve on the mistakes they claimed XMPP made).

The beauty of XMPP is this: you can use any server, and any client, and you can talk to anyone connected to the larger XMPP network, even if they made different server/client choices than you did.

That’s a very optimistic and naive view. XMPP consists of a shit ton of extensions, and different clients implement different subsets of these. So it’s very possible that two different clients fail to do an audio or video call, because the other decided to use a different extension than the other for not implement it at all.

Depends on the usecase. If you don’t need chat history for new-joiners, you can work with a single key per group, rotating it whenever someone joins or leaves. Since the server broadcasts a „so-and-so has left/joined“ it might as well include the new key. That key is then used by everyone in the group, so you can still broadcast all messages and don’t have to encrypt them individually.

Don’t let perfect be the enemy of good. Discord isn’t E2EE either. Having data under your control even if not encrypted is a big win.

If all your backups are near you, a flood or fire (or even break in) can still cost you all your data. At least one copy should be off-site.

For 7 people you could look into Virola Messenger. Not open source but uses Mumble under the hood and is super lightweight. No electron shit.

XMPP is also still a thing and IMO much easier to host (at least ejabberd is). Look into Movim, which looks quite nice as a discord replacement on top of XMPP.

Ah ok, thanks for the clarification. In the end I also use Sunshine for game streaming, but for pure remote desktop access RustDesk is far nicer, since I can also quickly move files back and forth. RDP is even nicer in that regard, where I can remote-mount local devices.

Where does rustdesk not have a good reputation? I see it being recommended regularly and also use it myself heavily. Never had issues or heard about issues (that I would attribute to reputation).

True. The default rocksdb is completely unusable on HDDs. For me it runs pretty good with PostgreSQL. Dovecot was certainly easier to handle with its file based storage and was super fast. But Postfix was a pain and I can’t count how often it bit me over the years (and since it’s SMTP, that means something broke in receiving, delivery or was suddenly a spam vector, which all sucks quite hard).

Stalwart

Written in rust, contains SMTP, IMAP, JMAP, Sieve, CalDAV, CardDAV, WebDAV. Has an admin web ui. Sane defaults, minimal foot guns. No zoo of containers needed.

In business notebook comparison they are well within the norm. For private use … yeah, that’s a lifestyle choice.

I use Kopia to perform incremental encrypted backups (with some retention policy of up to two years) and store them on Backblaze B2, which is reasonably cheap.