It might turn out to be something different - but just in case it does log you out after a system restart (but maybe not after network disconnect) it would probably have something to do with kwallet (the key ring which has your credentials) not unlocking correctly.

If that’s the case this or this might be further pointers to look into.

I think you really nailed the crux of the matter.

With the ‘autocomplete-like’ nature of current LLMs the issue is precisely that you can never be sure of any answer’s validity. Some approaches try by giving ‘sources’ next to it, but that doesn’t mean those sources’ findings actually match the text output and it’s not a given that the sources themselves are reputable - thus you’re back to perusing those to make sure anyway.

If there was a meter of certainty next to the answers this would be much more meaningful for serious use-cases, but of course by design such a thing seems impossible to implement with the current approaches.

I will say that in my personal (hobby) projects I have found a few good use cases of letting the models spit out some guesses, e.g. for the causes of a programming bug or proposing directions to research in, but I am just not sold that the heaviness of all the costs (cognitive, social, and of course environmental) is worth it for that alone.

I’ve been exclusively reading my fiction books (all epubs) on Readest and absolutely love it. Recently I also started using it for my nonfiction books and articles (mostly pdf) as an experiment, and it’s workable but a little more rough around the edges still.

You can highlight and annotate, and export all annotations for a book once you are done, for which I have set up a small pipeline to directly import them into my reference management software.

It works pretty well with local storage (though I don’t believe it does ‘auto-imports’ of new files by default) and I’ve additionally been using their free hosted offering to sync my book progress. It’s neat and free up to 500mb of books, but you’re right that I would also prefer a byo storage solution, perhaps in the future.

The paid upgrades are mostly for AI stuff and translations which I don’t really concern myself with.

Been seeing the posts pop up recently and I really like the look of your software, bookmarked for future jrnl integration possibilities.

But what a missed opportunity to not have a Journiv Ahead in your second headline :)

Open source/selfhost projects 100% keep track of how many people star a repo, what MRs are submitted, and even usage/install data.

I feel it is important to make a distinction here, though:

GitHub, the for-profit, non-FOSS, Microsoft-owned platform keeps track of the ‘stars of a repo’, not the open-source self-host projects themselves. Somebody hosts their repo forge on Codeberg, sr.ht, their own infrastructure or even GitLab? There’s generally very little to no algorithmic number-crunching involved. Same for MR/PRs.

Additionally - from my knowledge - very few fully FOSS programs have extensive usage/install telemetry, and even fewer opt-out versions. Tracking which couldn’t be disabled I’ve essentially never heard of in that space, because every time someone does go in that direction the public reaction is usually very strong (see e.g. Audacity).

Interesting, so Metal3 is basically kubernetes-managed baremetal nodes?

Over the last years I’ve cobbled together a nice Ansible-driven IaC setup, which provisions Incus and Docker on various machines. It’s always the ‘first mile’ that gets me struggling with completely reproducible bare-metal machines. How do I first provision them without too much manual interference?

Ansible gets me there partly, but I would still like to have e.g. the root file system running on btrfs which I’ve found hard to accomplish with just these tools when first provisioning a new machine.

When I was stumbling on some of his output it unfortunately felt very click-baity, always playing on your FOMO if you didn’t set up/download/buy the next best thing until the other next best thing in the video after.

In other words, I think he’s cool to check out to get to know of a thing, but to get a deeper level of understanding how a thing works I would recommend written materials. There are good caddy/nginx tutorials out there, but a linux networking book will get your understanding further yet.

If it has to be video, I would at least recommend a little more slowed down, long-form content like Learn Linux TV.

I’ve been using NetBird for quite a while now. It has grown from an experiment in connecting to the server without exposing it to quite a stable setup that I make use of every day, and even got my partner and some of my family to use. That is the hosted offering, however, not me self hosting my own server component.

For a couple of months now, I’ve been eyeing pangolin though. It just seems like such an upgrade concerning identity and SSO - but equally a complete overhaul of my infrastructure and a steep learning curve.

I am itching to get it running but would probably have to approach it step-by-step, and roll it out pretty slowly, while transferring the existing services.

No worries, mostly thought I’d point it out to others reading who might be a little confused by the close naming scheme and don’t know exactly what tool provides which functions.

(And since I love incus but think for most people atm IncusOS is not the right choice)

Though perhaps it is important to make the distinction clear:

Incus is the software that supports running OCI and LXC containers, and VMs. It is the functional equivalent to the Proxmox virtualisation suite, storage, network, image and container management and also the management web UI.

IncusOS tries to support this program for your bare-metal servers by providing an immutable OS underneath which hosts Incus but cannot be reached via shell access at all. It intends to form a super locked-down base from which to use Incus, but which also comes with preinstalled goodies such as ceph, linstore, zfs, and some service setups (afaik).

So the closest comparison to Proxmox currently is a simple Incus installation on a Debian bare-metal host. IncusOS I would argue is actually moving further away from that comparison with its locked down base and immutable nature.

In a way the project reminds me much more of TalosOS which creates a similarly locked down base environment to work with Kubernetes on top.

Wow, I’ve been a longtime user of restic and never knew about resticprofile, it seems super nice. Already at a glance through the docs, the ease of doing an inherited stdin-enabled sql backup group alone is super exciting.

Thank for pointing this one out!

It’s a little older, so I don’t have an extensive recollection. Things I have saved are the Poettering tweet pointing out their hostname being ‘Wolfsschanze’, doing their own torch march just after Unite the Right Charlottesville happened, and the expected anti-sjw, cultural marxism rhetoric to go along with it.

It’s a case of no one individual instance being drastic (well, perhaps except for Wolfschanze), but coming together to form a picture which I firmly file into icky-politics.

Sure, no argument with that - although I am happy piefed is rising as an alternative.

I did not intend to claim moral superiority or any absolutes, which is, again, why I just tend to also provide a small disclaimer while recommending that kind of software.

It’s more about giving a small preface to people I care about should they ever end up intending to contribute to certain projects. I don’t think that’s an unreasonable stance to take. But if you think it is and weren’t just doing a social media zinger let me know.

I’m always a little torn on projects like this.

On the one hand, I know a few people who have hosted tt-rss and the software worked very well for them and their needs.

On the other hand, software whose maintainers have fascist tendencies, or are at best super edge-lords, and which maintains a culture in the developers and community that’s just super toxic is not something I ever wish to support or be associated with.

I have similar feelings on the hyperland project, or suckless software. What i have personally settled on is to not touch the software myself, and give a slight disclaimer when recommending it to others.

I suppose unmaintained can be added to the disclaimer for this one now. At least we have a plethora of very nice alternatives in the rss space with projects like freshrss, miniflux, and nextcloud news.

But, how do folks manage this mess?

I generally find it less of a mess to have everything encapsulated in docker deployments for my server setups. Each application has its own environment (i.e. I can treat each container as its own ‘Linux machine’ which has only the stuff installed that’s important) and they can all be interfaced with through the same cli.

Is there an analogue to apt update, apt upgrade, systemctl restart, journalctl?

Strictly speaking docker pull <image>, docker compose up, docker restart <container>, and docker logs <container>. But instead of finding direct equivalents to a package manager or system service supervisor, i would suggest reading up on

1. the docker command line, with its simple docker run command and the (in the beginning) super important docker ps
2. The concept of Dockerfiles and what exactly they encapsulate - this will really help understand how docker abstracts from single app messiness
3. docker-compose to find the equivalent of service supervision in the container space

Applications like immich are multi-item setups which can be made much easier while maintaining flexibility with docker-compose. In this scenario you switch from worrying about updating individual packages, and instead manage ‘compose files’, i.e. clumps of programs that work together to provide a specific service.

Once you grok the way compose files make that management easier - since they provide the same isolation and management regardless of any outer environment, you have a plethora of tools that make manual maintenance easy (dockge, portainer,…) or, more often, make manual maintenance less necessary through automation (watchtower, ansible, komodo,…).

I realise this can be daunting in the beginning but it is the exact use case for never having to think about downloading a new Go binary and setting up a manual unit file again.

I also switched to gonic over navidrome (even though I liked it a lot) because iirc I couldn’t get navidrome to pull Artist pictures in correctly. gonic i could just connect to lastfm and everything worked - and i could still connect to listenbrainz for my actual scrobbling.

For the OCR process you can probably wrangle up a simple bash pipeline with ocrmypdf and just let it run in the background once until all your PDFs have a text layer.

With that tool it should be doable with something like a simple while loop:

find . -type f -name '*.pdf' -print0 |
    while IFS= read -r -d '' file; do
        echo "Processing $file ..."
        ocrmypdf "$file" "$file"
        # ocrmypdf "$file" "${file%.pdf}_ocr.pdf"   # if you want a new file instead of overwriting the old
    done

If you need additional languages or other options you’ll have to delve a little deeper into the ocrmypdf documentation but this should be enough duct tape to just whip up a full OCR cycle.

In case you are already using ripgrep (rg) instead of grep, there is also ripgrep-all (rga) which lets you search through a whole bunch of files like PDFs quickly. And it’s cached, so while the first indexing takes a moment any further search is lightning fast.

It supports a whole truckload of file types (pdf, odt, xlsx, tar.gz, mp4, and so on) but i mostly used it to quickly search through thousands of research papers. Takes around 5 minutes to index everything for my 4000 PDFs on the first run, then it’s smooth sailing for any further searches from there.

I used the recommended migration tool and it worked okay for many containers but iirc the docker ones had to have one of the security options manually changed in their config which didn’t transform properly with the tool (maybe nesting enable?).

May very well have changed in the meantime or I only made a mistake, that was in my experimentation phase.

Ultimately, I did rebuild my instances from the ground since I also switched file system, and to make better use of incus profiles (e.g. one with docker provisioned, one with monitoring and so on) so I couldn’t give you a long-term migration review.

For me that was (relatively) painless by just migrating the docker volumes in place and rebuilding the stacks, of course ymmv.

If you decide on migrating and stumble upon issues don’t hesitate to hit me up - I’m only an amateur but maybe I can still help!

After having my dinky homelab machine on proxmox for a couple years, since the start of the year I am now running basically everything under a clean Debian system using incus and docker on the individual lxc guests.

Incus has completely replaced proxmox for me and it’s so much easier to reason about (for me at least) that I wanted to maybe point your cold hands in that direction too ;)