Oh yeah, I feel sorry for all the Immich users who know it just won’t happen to them. Losing your movie collection sucks but you can download again, but personal photos deserve much better treatment. Though it sucks paying extra for cloud backup of your photos.

Codex is not bad. I use it for personal projects and Claude at work, so I can directly compare and Codex seems better to me.

Today I removed some functions and moved some code to separate services and being the lazy guy I am, I told it to update the tests so they no longer fail. The idiot pretty much undid my changes and updated the code to something very much resembling the original version which I was refactoring. And the fucker did it twice, even with explicit instructions to not do it.

I mean, forever might be too strong of a word.

No, we hate people who want to execute others. We hate people who think that authoritarianism is in any way connected to anything resembling communism.

We hate people who worship mass murderers. So no, socialism sounds nice, what the wannabe communists on tankie instances are doing on the other hand sounds just idiotic.

Well, that’s why you’ll have to try out. Or ask someone to at least try whether it opens, the apps mostly either fail on start because they require a Google certified Android, or they don’t fail at all.

Though it looks like that could change eventually with a Linux phone.

SailfishOS is mostly daily drivable, depends on which Android apps you need (there’s a compatibility layer to run Android apps on it), with bank apps it’s often a problem.

Yeah, my disk’s not even full.

So, where are the people who were telling me how it’s a move in the right direction?

I’ve seen it all the time like a decade before crypto was a thing.

The biggest problem with Rust are its users. They somehow think that having a safe memory access means fewer bugs. While it only means fewer memory management related bugs. Which honestly isn’t even a problem with modern C++.

Yeah, if you hash your passwords with unsalted md5 it’s much more secure in Rust than PHP!

Congrats!

Why limit it to friends? In my company, we do scope creep for everyone!

Oh yeah, I love playing with Linux phones. I once created a container, installed Proton bridge in it and enjoyed having my mails in the native phone app.

That really depends on the implementation. In the case of gluetun, yes, no data can leak.

In Linux, by interface binding, no data can leak as well. No idea how Windows network stack is implemented.

1. Install Caddy on the host
2. Configure each service to forward to unique ports (say, 5001 for one service, 5002 for a different service)
3. Inside Caddyfile add a block like this for each service:

service1.example.com {
  reverse_proxy localhost:5001
}

It can be done in Apache as well, but Caddy is simply better and simpler.

As for images, take a look at Immich if that’s something you might want.

Monthly unless I learn about a vulnerability that would require it sooner.

What’s gluetun? Seems like it’s a VPN client? What’s special about it?

Gluetun can connect to multitude of VPNs, but most importantly it can be used to force other containers to use only the gluetun network, meaning if you disconnect from VPN for whatever reason, the other containers don’t suddenly send data over non-VPN network.

So if you’re torrenting and use gluetun to provide internet to the qBittorrent container, you won’t accidentally reveal your real IP if your provider’s server goes down for a few seconds.

How do you use it in your setup?

Configure it to connect to my VPN, create a file with the public port it uses, configure qBittorrent to only use gluetun for network and some script which reads the file with public port and changes it in qBittorrent.

Do I need to know about this if I use Tailscale on the host for connecting to my VPN?

Depends. I like having everything container related in the containers. Sometimes I need to do something without VPN, this would limit me. Also, if you don’t configure disconnect on VPN connection loss in a different way (interface binding), you risk revealing your IP.

Would gluetun allow me to use an additional VPN provider for certain apps without messing with the host Tailscale?

Yes. Though you would be double VPNed: App -> gluetun -> host VPN -> target server. That would probably add some latency.

I’d give Syncthing a try. Though you should make some kind of tunnel so that they can communicate without relays, the speed there really depends on what traffic the relay is going through.