Oh, Synology. What’s up with them? I heard they’re experimenting with vendor lock-in for their hard drives.

https://www.youtube.com/watch?v=RscBZAiwGkA

Hurray! Congratulations! 🎉

What about connectivity? I’m currently using Tailscale cuz it’s so easy. Maybe I should look into WireGuard? Also, how does Headscale fit into this?

Does anyone have a good guide for installing Seafile? I tried installing it a few months ago, but it’s so damn complicated with load balancers behind load balancers and a bunch of services tied together.

I gotta try again.

Yeah, I’m sure. It’s not something I would do frequently. My work had us on beefy desktops. But, I was totally fine with letting find+parallel+grep run for 30 minutes in the background while I searched docs or messaged people on slack. Depending on your team, getting a response from slack could easily take 24 hours so. Eh.

The other thing I liked to do is directly edit the libraries in the monorepo! No need to figure out how hack some random decency manager. You have the code! Just edit and build!

On the other hand, using ordinary tools like find and grep are exactly what I like about monorepos! Yes, they may take a while, but at least I know I’ll find a file or code that I’m looking for!

With multi-repos I’m constantly searching, but not finding where a particular piece of code comes from. Yes, it’s from library X, but where there heck does that live? Now I really can’t use ordinary tools. I have to rely on coworkers, docs, or GitLab to search for where a piece of code is actually defined.

AI coding tools definitely helpful with boilerplate code

They’re really not. Just because they generated a starter template for you doesn’t mean you actually needed all of that mountain of slop. My coworker recently did a presentation where he generated a starter project for a Go project and most of it was shit and just not necessary. People assume you need mountains of boilerplate, but you may not need that. (Worse, AI is cementing bad practices at work.)

But also, assuming your project does need to generate a ton of boilerplate, should you really be going to the casino and rolling for a fresh mountain of slop that is hopefully correct? We can already generate code: snippets (in your editor), templates (like cloning a template repo), and generators (like create-react-app) already exist. Aaand these are deterministic, debuggable, and fixable.

Have they tried coding a UI in a native library instead of the holy HTML CSS JS trifecta? It’s usually fairly miserable and usually extremely non-customizable by comparison.

🙋‍♂️ I have. Exactly because Electron = bloat. Granted it was just a small side project that I spent like a month or so building. I wanted to learn GTK4, Adwaita, GNOME Blueprints, and Vala.

I personally didn’t think it was too miserable (again small project, not a ton of specialized needs). However, I 10000% completely agree with the “extremely non-customizable by comparison”. I can totally see why companies don’t want to look like a generic OS app. Getting the Bitwarden app to look like Bitwarden on Linux seems like it would be waaay harder and more time consuming than just reusing their existing HTML, CSS, and JS codebase. At least in my month of messing with GTK, it seems like desktop UIs have wwwwaaaaayyyyyyy less control over the UI than webapps do, at least by default. I’m guessing you can write more Vala to get a more custom UI in GTK, but again seems like waaaaayy more work for something highly custom.

By the end, I thought: Electron = bloat, but also Electron = apps existing at all.

I started using Claude Code myself. I got kind of obsessed with it.

Over the last several months, the GitHub username with the most merged PRs in Bun’s repo is now a Claude Code bot. We have it set up in our internal Discord and we mostly use it to help fix bugs. It opens PRs with tests that fail in the earlier system-installed version of Bun before the fix and pass in the fixed debug build of Bun. It responds to review comments. It does the whole thing.

Seems like they’ve bought into the hype.

How the heck did you install Seafile!? I spent a whole day trying to get it to work, but there are so many moving parts and proxies behind proxies behind proxies. I managed to get the UI to load, but other parts of the app didn’t work. I want to like it, but it seems pretty complicated to install… 😢

Frigate + Reolink (or actually Frigate-approved cams)

You know. mTLS might be an option. I have a tiny number of clients. Laptops and Android phones, seems easy to install a client cert. The part I’m not sure about is TVs… Does Nvidia Shield or Firestick allow installing client certs?..

Oh, wait and also: https://github.com/jellyfin/jellyfin-meta/discussions/96

Harden your server first

Do you have any tutorials or guides on this handy?

Use your router/server to block some counties using geoip

Yeah, definitely all my users are in the same town/region/country as me. So this could be doable.

Configure rate limits in Nginx

Hm, currently using Caddy as my reverse proxy. I guess there’s some module for this.

only open ports in your firewall you really want to open

The only port I need open is 443 for accessing Jellyfin and Immich. I can definitely block 22 from the public internet. And fuck it no automatic redirects from 80 to 443. TLS or bust.

GAAH! OK! I’M NOT CRAZY!

The exact same thing is happening to my wife’s phone. We’re both on Pixel 8s, have the same VPN settings, but for some magic reason Tailscale breaks only her phone. She has to turn off Tailscale and reboot her phone to regain connectivity.

These shenanigans is why I’m considering just exposing things to the public internet. I’m using Tailscale on several device types and Tailscale adds friction to all of my devices (except Arch where everything always works).

I understand the friction is there for a good reason, but my family doesn’t. They just see that Jellyfin doesn’t work and that all of this is buggy and maybe they just should sign up for Netflix instead of dealing with all of these bugs.

“roaming” device is always connected to their “home” network by VPN

Ah, right. Well, currently I do have my wife’s and my phone on the Tailscale VPN. The issue I’m trying to solve is that the VPN app on Android (and other environments) isn’t 100% bug-free. For some unknown reason, my wife frequently has issues with Tailscale. It’ll break her entire networking on her phone. The only way to fix it is by rebooting her phone. I have no idea why because we have the same phone and the same settings and it works fine on my phone. I’ve tried turning off Tailscale, logging out, and back in, and the network won’t recover. Sometimes the Tailscale app won’t even trigger the SSO page to sign in. So it just stays permanently logged off.

The Nvidia Shield also has similar issues where I have to fuss around with the VPN.

So at this point, I feel like I’m done debugging VPN apps and maybe it would be easier for users if I expose stuff to the public internet. Obviously, it makes management for me harder, but that’s ok if everything Just Works for everyone without extra steps or without having to reboot your phone every week.

site-to-site VPN configurations between routers at each location … the router itself handle routing of specific traffic over the VPN connection, instead of needing each device to connect to the VPN individually.

Interesting. This could help with my home network and my parent’s, but I also need to handle cases where I don’t control the network. I have clients that are phones. My family would expect that the services keep working even if they’re in a different city on cellular or at a friend’s house.

What kinds of things are you planning to expose?

Primarily Jellyfin and Immich.

What I expose I hide behind a reverse proxy with IP whitelists.

Do all your clients have fixed IPs? I have some clients that are phones or laptops, but I would imagine those change as people drive around to different cities or connect to different coffee shop WiFi.

I am kinda interested in WireGuard, but how does it work with multiple non-PC devices on different networks? Tailscale runs seamlessly on my Arch laptop, but Android, TVs, and streaming sticks have hiccups from time to time.

I have services that I want to share with my non-techie family. If a service stops working, they suck at debugging and fixing the issue on their own.

I’ve noticed the more subscriptions I add, the slower my feed loads. All does seem to load faster for me as well.