NixOS because it’s the only usable stab at sustainable system configuration.

I recommend borgbackup.

It has since taken away Gentoo’s raison d’être a bit in my head.

I wouldn’t say so. We currently don’t hold a candle to USE-flags. Many packages are already configurable but there’s no standard on anything w.r.t. that.

There’s no technical reason we couldn’t have such a standard but it hasn’t happened yet.

That’s Nix, not NixOS.

I also wouldn’t be too sure on that “explicit” part for Docker. It’s somewhat isolated, sure, but everything but explicit: you can download arbitrary data from wherever you like.

That isn’t going to help them one bit if they have a SteamVR HMD.

It recommends AMDVLK… meh

Is there a bridge like they have for IMAP btw?

It’s a LineageOS thing AFAIK. I’d be a bit surprised if GrapheneOS had it since they’re quite close to stock AOSP when it comes to customisations that don’t relate to security or privacy.

Great way to show off you haven’t actually read any of the article past its title.

You’re comparing apples to oranges. One is a declarative Linux system environment creation solution and the other a daemon that starts sub-system environments using Linux namespaces.

You could in theory use NixOS to define a system environment that you’d run inside of a docker container. It’s a bit harder to get systemd running inside of Docker which NixOS heavily relies on but that’s beside the point. Easier integrations exist for LXD and systemd-nspawn which actually fulfil an equivalent purpose to Docker. The single component that is most comparable to Docker in a typical NixOS deployment would arguably be its init process (systemd), though its use extends far beyond setting up the namespace (the root namespace in this case).

Having a record which defines exactly what to fetch is the necessary condition, not the sufficient condition.

The actual artifacts fetched to disk must be stable, not just the record.

That’d hit the source fetcher just as much. That’s an issue on a different layer.

You should scrub your data regularly with btrfs. That’s just a mean to verify the data is in-tact though; to detect corruption.

You cannot really do anything actively to keep the data in-tact. Failure can and will happen. To keep your data safe, you must plan for failure to happen:

Expect a power surge to fry all your disks at the same time.
Expect your house to burn down or flood.
Expect to run the wrong command and istantly hose your entire array.
Expect your backup server to get ransomware’d.
…

Only if you effectively mitigate these dangers will your data stay safe.

It’s nice that it’s well integrated but that doesn’t mean it works well.

Power management of AMDGPUs has always been an absolute shitshow from my perspective.

With dGPUs they’ve now resorted to always running them in the highest power mode because they couldn’t get power management to properly function.

I can’t speak for modern intel GPUs but my old ones were fine.

Stable distros can and will backport security fixes. Good ones that is.

Does this now also allow for proper swapping?

Previously, if the VRAM was full, data would spill into system memory and there was no way to get it to move back into VRAM. One of the reasons cited was the lack of support for defragmentation.

Pretty cool!

Have you thought about whether this could also be used for limited write access? A common use-case for abusive image gallery services that you cannot ordinarily fulfil with Immich is shared albums where multiple people that e.g. attended the same event can collect pictures in without complex authentication (just a single shared secret or even just the link to the album).

Ahhhhh whyyyyy, you’ve got all of these standard response codes made for you, why would you blatantly ignore them like that?!

Sadly ours isn’t in this regard.

Gaming with VRR is finally viable in this version!