What do you (think you) need a VPN for?
gomp
joined 1 year ago
Lineage OS is not designed to relock the bootloader.
I don't understand why so many people worry about that... doesn't it only ensure that data is wiped if some agent secretly installs a rootkit or sorts on your phone before giving back the device to you?
To me, bootloader locking is mostly a way for phone manufacturers to make it harder to run anything but the ROM they have chosen (and it's a PITA and the most laborious part of installing a ROM).
I hate them (seriously).
It's basically a second distro inside your distro (try du -chs /var/lib/flatpak/) and if something breaks (eg. last year mesa with my graphics card) it isn't easy to identify were the problem is (because all libs update at the same time), plus you can't just try a newer (or older) version of some lib as you would in your distro.
Moreover, you can't flatpak CLI tools (also servers and OS components, but I guess the ubuntu folks are the only ones who care about those).
https://wiki.lineageos.org/devices/ and make sure to double-check that unlocking the bootloader isn't too much bother (ie. read the installation instructions)
only dangerous for around 500 years
That "only" is just ridiculous :)
Just try to imagine the history of a nuclear waste storage site from the 1500s... how many budget cuts would have it seen? how much buck-passing when it changed hands as a result of war of revolution? how many times would it have been bombed? (and it's not like we've had bombing for a very long time).
We are just not responsible enough to play around with nuclear. Hell, we are showing we are even not responsible enough for hydrocarbons.
(yes, I do know some amount of nuclear waste, from medical applications etc., is definitely worth it and unavoidable - let's just keep it to a minimum)
AFAIK a sunken reactor is not as big of a threat to life as a one (marine or land-based) that releases nuclear material in the atmosphere, so the biggest issue should be what may happen before the reactor sinks.
Anyway IMHO the biggest issue with nuclear is not its safety, but rather that, even when it operates without the slightest of incidents, it produces waste that needs to be kept "safe" for periods of time that exceed the age of most nation states (let alone private companies).
I fear I am not enough reverse (or Polish, for that matter) :)
Anyway, I have great esteem for you (if you actually use forth and are not just trolling)
Also you mentioned provisioning scripts, is that Ansible? If so python is already there, if you mean really just bash scripts I can tell you that does not scale well. Also if you already have some scriptsz what language are they on? Why not write the function there??
Currently it's mostly nixos, plus a custom thing that generates preconfigured openwrt images that I then deploy manually. I have a mess of other vms and stuff, but I plan to phase out everything and migrate to nixos (except the openwrt stuff, since nixos doesn't run on mips).
I don't really need to run this specific synchthing-ID script except on my PC (I do the provisioning from there), but I have written scripts that run on my router (using busybox sh) and I was wondering if there is a "goto" scripting that I can use everywhere.
Elixir is quite big (yeah, it's certainly smaller than something like java... sorry for not specifying what I mean by "small disk footprint").
Thats basically what ansible does. Thats basically what ansible does. If you plan on doing this to multiple machines you should just use ansible.
Ansible requires python on the target machine (or a lot of extra-hacky workarounds) so... I could just use python myself :)
BTW getting ansible to do anything besides the very straightforward usecases it was meant for is a huge pain (even a simple if/else is a pain) and it's also super-slow, so I hate it passionately.
Also how do you plan on ensuring the scripting interpreter is installed on the machines?
Ideally I'd just copy the interpreter over via ssh when needed (or install it via the local package manager, if it's available as a package)
I have no idea what a DreamMachine is (and wikipedia does not help) so here's the long answer :)
If you want a VPN tunnel to your own home, for secure access to your LAN, I'd recommend you look into NetBird and/or TailScale, which at their core are wireguard plus NAT punch-through (you can also run wireguard or openvpn directly, but it may be a pain since you most probably have a dynamic IP and possibly a CGNAT).
If you want to hide your traffic while connecting through networks you don't trust (such as the work one or some cafe's wifi), you can either use NetBird/Tailscale as above and connect though your home (well, assuming you trust your ISP of course) or some third party VPN which connects to their servers (I'd say look into Proton first).
Keep in mind that VPNs actually do very little for your online privacy (ie. it's not like google or facebook can't track or fingerprint you). They do is prevent man-in-the-middle traffic analysis from your ISP (or the admin of whatever LAN you are using), but then the VPN provider can do the exact same things, so... make sure to double-check the privacy guarantees of your VPN provider and compare them with those of your ISP.