It’s being deiven by the browsers. Shorter certs mean less time for a compromised certificate to be causing trouble.

https://cabforum.org/working-groups/server/baseline-requirements/requirements/

Will we need to log in every morning and expect to refresh every damn site cert we connect to soon?

Automate your certificate renewals. You should be automating updates for security anyway.

“Bare metal” has traditionally meant without any os either. Your code executes directly on hardware and has direct control over everything. Like a micro controller.

Code in a container executes on the hardware in exactly my the same way as code not running in a container - with the os as an intermediary.

“not running in a container” is not “running on bare metal”. It’s just running outside a container.

enough, a lot, more demanding.

You need to give some sort of guidance here.

How much money are you willing to spend? Resiliency is expensive.

Self-hosting is trivial and everyone can do it.

So is open heart surgery. Unless you want it to end successfully.

Have you forgotten that you too started at 0?

Not at all. In fact I remember the day my server was hacked because I’d left a service running that had a vulnerability in it. I remember changing passwords, calling my bank to ensure there had been no fraudulent charges, etc. I remember “war driving” to find vulnerable WiFi networks. I remember changing default passwords on a service setup by a client of mine.

As I said - it’s not gate-keeping it’s experience.

Yes, it sometimes can be difficult and frustrating, but so long as someone, anyone, is willing to try and learn and fail and retry, they can get my help

Teaching is “gate-keeping” apparently. You can’t tell somebody that they need to learn something! You just need to give them a link to a url and say “run this thing as root and your stuff will work - totally not a scam tho”.

“Has anyone noticed that medical doctors gate-keep people doing open heart surgery?”

Why do you assume self-hosting is and can be trivial? It is NOT for everybody. You should have some base level of technical knowledge. You should expect to need to learn some things. It’s not a badge of honor, it’s experience.

My project focuses on building a tool that makes self-hosting more accessible without sacrificing data ownership

Good luck with that. Don’t get your users pwned in the process. You’re now responsible for the security of people who think “opening a command line” is too difficult.

I’m happy you’re discovering the Linux CLI, but this is pretty ridiculous. mpv, vlc, mplayer, etc. all serve very different uses from jellyfin.

I don’t.

Clearly you don’t know.

If I wanted to run updates frequently I would run arch lmao. Even if I did apt update every day, debian stable doesn’t get that many updates.

You’re not updating for features you’re updating for bug and security fixes. That’s why Debian stable doesn’t have many updates. But the ones they do are typically important.

That’s… Not how it works… Debian is “stable” not “secure”. You use Debian so that is easier to run updates frequently since they’ll be unlikely to break things.

All systems, daily via a single ansible script. That’s apt update, upgrade and reboot if needed (some systems set to only reboot with a separate script so I can handle them separately).

Rarely have any sort of problems.

I’m going to go out on a limb and say that the world does not, in fact, need a BASIC transpiler…

Sounds like you bookmarked the while flippin’ Internet.

“The one that makes sense”

Patterns and principles are guidelines, not rules. You don’t want to just apply them blindly.

You need to balance principles. Over-applying the DRY principle can lead to more complex logic that’s harder to understand than if you just wrote code in-line.

God yeah - this hits hard with me. I work in a place where the DRY principle is chanted like a mantra and I have to push back against it constantly. It’s like the one principle jr. devs learn (along with “never hardcode anything”) that just gets applied to everything whether it makes sense or not.

"These lines of code are very similar, let’s factorize them ! "

“We should take three simple functions that run similar (but different) things and make them call a single large complicated function that takes a parameter that tells it how to execute!”

::shudder::

Linux works out of the box when it comes with your system like Windows does.

The only reason the windows experience is that good is because the vendor did that motherboard/component research for you.