Well, at least for nginx, you can specify the root (or alias if required) directive; to me, it makes very little sense to rely on defaults, you need to specify your servers / virtual hosts anyways, might as well make the configuration more self-documenting…

There’s also https://uapi-group.org/specifications/specs/linux_file_system_hierarchy/ nowadays, which aims to build on the FHS.

Well, /var/www is in fact not part of the FHS, not even optional… it doesn’t exist on my machines either. I think the better choice would be /srv/www which is an example given at https://refspecs.linuxfoundation.org/FHS_3.0/fhs/ch03s17.html

Is /var really such a mystery? I always understood it as the non-volatile system directory that can be written into. Like log files, databases, cache etc. /var/tmp it’s somewhat weird because a non-volatile temporary folder for me is just cache, and /var/lib is named somewhat weird because it doesn’t hold what I’d usually call libraries.

Not pictured: /opt, the raccoon

Well I sit kind of between these

Like I’m not getting a dedicated router and have no server room in my apartment, and my consumer router only supports two VLANs (main and guest). But I’d say the rest is rather sophisticated with all machines defined in my NixOS config, including automated generation of firewall and reverse proxy rules for which I wrote custom modules.

Media server isn’t super full but connected to jellyseer and the rest of the stack, accessible over TLS (Let’s Encrypt certificates) only, with the option to have users managed via IDM.

However, I only have devices on my network that I somewhat trust, with an Android TV box being the worst offender. The smart TV was never connected to my network.

Would be cool to isolate my work PCs somewhat (I work from home with company provided equipment) but it’s just not worth the trouble in my opinion. Not switching out a low power device that does most for two different devices that both use more power (since you usually need a router and a modem).

I don’t only run a reverse proxy because of having only a single public IPv4 address, but that probably is the best part

In general, I’d say reverse proxies make things somewhat easier to manage, especially when it comes to TLS. No need for every service to integrate it.

That would have been a brilliant move with wav vs MP3

How would a new format be backwards-compatible? At least JPEG-XL can losslessly compress standard jpg for a bit of space savings, and servers can choose to deliver the decompressed jpg to clients that don’t support JPEG-XL.

Also from Wikipedia:

Computationally efficient encoding and decoding without requiring specialized hardware: JPEG XL is about as fast to encode and decode as old JPEG using libjpeg-turbo

Being a JPEG superset, JXL provides efficient lossless recompression options for images in the traditional/legacy JPEG format that can represent JPEG data in a more space-efficient way (~20% size reduction due to the better entropy coder) and can easily be reversed, e.g. on the fly. Wrapped inside a JPEG XL file/stream, it can be combined with additional elements, e.g. an alpha channel.

That doesn’t help you if you want to get the result of something that happened in the function without capturing stdout, does it?

I didn’t mean that bash has no local variables, but rather that if you want to use a function as such without capturing stdout, you need variables that are scoped across your functions, which is usually global or at least effectively global.

Bash has its upsides too, like the fact that it has arrays / lists and dictionaries / hashmaps. In my opinion, it gets iffy though when you need to do stuff with IFS; at that point one might be better off just using specialized tools.

Not saying working bash isn’t good enough, but it can break in very surprising ways is my experience.

Functions are definitely not subshells in Bash

You’re right, my bad, I got this mixed up with something else.

Not sure I’d call what bash has functions. They’re closer to subroutines in Basic than functions in other languages, as in you can’t return a value from them (they can only return their exit code, and you can capture their stdout and stderr). But even then, they are full subshells. It’s one of the reasons I don’t really like Bash, you’re forced into globally or at least broadly-scoped variables. Oh, and I have no clue right now how to find where in your pipe you got a non-null exit code.

It’s not a big problem for simple scripting, but it makes things cumbersome once you try to do more.

In all seriousness though, the core of the technical stack has become very robust in my opinion (DNS being the exception). From a hobbyist’s perspective, things work much better than when the Web was still young. I can run multiple sites (some of them being what are today called apps) on a domain with subdomains, everything fast, HTTP3-capable, secured via valid free TLS certs, reverse proxied, all of that running on a system deployed in minutes…

If you focus on the part of the Internet that you have control over, it’s a lot better than back in the simple days.

Not sure the term applies to MS Teams. It was always a rushed shitty product, pushed onto customers during COVID when companies like Zoom gained tons of users. Few people if any asked for it

No issues here, but I haven’t benchmarked anything and any improvement could be placebo. It’s trivial with flakes

You probably know this, but you can even run the CachyOS kernel on NixOS. Currently doing exactly that

You can actually invoke the binary inside a venv using πthon as an Easter egg as far as I know

Didn’t try it, but it’s discussed in an issue

Similarly here. Have an Odroid with that platform, it wasn’t cheap but it came with several advantages:

• 4 SATA ports on addition to the M2 slot
• Intel QSV
• 2 x 2.5 Gbit Ethernet (I only have gigabit at home though)

Very powerful machine for the power usage, I ran a really old Athlon before though (from 2010 or so that I retrofitted with 16GB RAM) that did most stuff just fine. But I wanted some transcoding and also possibly a smaller case.

I run everything bare metal though.