Oops, I didn’t know about the SX line, and didn’t know they had auction servers with large amounts of disk space. Thanks!! I’m not familiar with all of Hetzner’a products.

For pure file storage (ie you’re only using SFTP, Borgbackup, restic, NFS, Samba, etc) I still think the storage boxes are a good deal, as you don’t have to worry about server maintenance (since it’s a shared environment). I’m not sure if supports encryption though, which is probably where a dedicated server would be useful.

One of SQLite’s recommended use cases is as an alternate to proprietary binary formats: https://sqlite.org/appfileformat.html. Programs often store data in binary files for performance, but you get a lot of the same functionality included with SQLite (fast random access, concurrent usage, atomicity, updates that don’t need to rewrite the whole file, etc) without having to implement a file format yourself.

I’m not sure if this is still the case, but Facebook’a HHVM used to store the compiled bytecode for the whole site in a single SQLite database: https://docs.hhvm.com/docs/hhvm/advanced-usage/repo-authoritative/. Every pageload loaded the bytecode for all required files from the DB.

SQLite is underrated. I’ve used it for high traffic systems with no issues. If your system has a large number of readers and a small number of writers, it performs very well. It’s not as good for high-concurrency write-heavy use cases, but that’s not common (most apps read far more than they write).

My use case was a DB that was created during the build process, then read on every page load.

MariaDB is not always a drop-in replacement. There’s several features that MySQL has that MariaDB doesn’t, especially related to the optimizer (for some types of queries, MySQL will give you a more optimized execution plan compared to MariaDB). It’s also missing some newer data types, like JSON (which indexes the individual fields in JSON objects to make filtering on them more efficient).

MariaDB and MySQL are both fine. Even though MySQL doesn’t receive as much development any more, it doesn’t really need it. It works fine. If you want a better database system, switch to PostgreSQL, not MariaDB.

AWS Glacier would be about $200/mo, PLUS bandwidth transfer charges, which would be something like $500. R2 would be about $750/mo

50TB on a Hetzner storage box would be $116/month, with unlimited traffic. It’d have to be split across three storage boxes though, since 20TB is the max per box. 10TB is $24/month and 20TB is $46/month.

They’re only available in Germany and Finland, but data transfer from elsewhere in the world would still be faster than AWS Glacier.

Another option with Herzner is a dedicated server. Unfortunately the max storage they let you add is 2 x 22TB SATA HDDs, which would only let you store 22TB of stuff (assuming RAID1), for over double the cost of a 20TB storage box.

I think sometimes people forget that one of the main features of Git is that it’s decentralized. You don’t need Github; just push your repo to a different remote.

Everyone that clones the repo (usually) has a full copy of it, including all history, and theoretically you can clone the repo directly from their copy. Of course, that’s often not practical, which is how we ended up with these centralized services.

The main issue with losing a Github repo is the auxiliary non-Git-powered features of Github, like issue tracking.

They lose money from it (people that used to pay for an account to get private repos no longer need to) which is why Github didn’t do it when they were independent.

Plenty of open-source projects that I use are happy with them though. I see far fewer projects using Travis CI and AppVeyor these days for example.

Every new feature added to Github has made it more unpleasant to use

Free private repositories, Github Actions, and Github Packages are all pretty useful though. All of those were added under Microsoft’s ownership. Actions got a head start because it was built on top of Azure DevOps infra that Microsoft had already created.

I get the Pro version for free since I’ve worked on a few popular open-source projects. I’m using it in VS Code and it’s helped me write code for systems I’m unfamiliar with. I’ve used it to summarize the architecture of open-source projects so I understand how to contribute new features. The autocompletion can be pretty good too. I also use it to review my code.

We use Claude Code with the Opus 4.5 model at work, and it’s quite a bit better, but I don’t want to pay that much for an AI model for personal projects since I use it so infrequently.

hold hold

Maybe he just needs to rest his arm.

Are you including Github Copilot in that count? Technically that’s a Microsoft product. It’s probably the only Copilot that’s actually useful.

Unfortunately they no longer include elaborate Easter eggs like that, since they adopted a security policy around 20 years ago that forbids them. https://learn.microsoft.com/en-us/archive/blogs/larryosterman/why-no-easter-eggs

I don’t know many people that still call it “Microsoft Office”… They usually refer to the individual apps they use (Word, Excel) rather than the suite as a whole.

Some people just call it “Microsoft” (“please install Microsoft on my computer”), especially if they’re on MacOS where it’s the only Microsoft software they use.

Some people assume it’s part of Windows since they’ve only ever used computers that have had it preinstalled.

THE CHEESE IS UNDER THE SAUCE

Both of those documents agree with me? RedHat are just using the terms “client” and “server” to make it easier for people to understand, but they explicitly say that all hosts are “peers”.

Note that all hosts that participate in a WireGuard VPN are peers. This documentation uses the terms client to describe hosts that establish a connection and server to describe the host with the fixed hostname or IP address that the clients connect to and, optionally, route all traffic through this server.

–

Everything else is a client of that server because they can’t independently do much else in this configuration.

All you need to do is add an extra peer to the WireGuard config on any one of the “clients”, and it’s no longer just a client, and can connect directly to that peer without using the “server”.

There’s no such thing as a client or server with Wireguard. All systems with Wireguard installed are “nodes”. Wireguard is peer-to-peer, not client-server.

You can configure nftables rules to route through a particular node, but that doesn’t really make it a server. You could configure all nodes to allow routing traffic through them if you wanted to.

If you run Wireguard on every device, you can configure a mesh VPN, where every device can directly reach any other device, without needing to route through an intermediary node. This is essentially what Tailscale does.

I know of at least one big tech company that uses a self-hosted, self-contained Mattermost instance, hosted with a major cloud provider totally separate from all their infra, for communication in major outages when all their internal tools are down.

Thanks - I forgot about that.

The hostname will be encrypted eventually (ESNI) but you’re right that the IP address is visible.

Destination IP is starting to mean less and less these days, given there’s a large amount of sites that use shared IPs rather than dedicated ones (for example, if they use Cloudflare, Vercel, Netlify, AWS CloudFront, etc.)