You’re not wrong. NIV is very generic. Lol.

The thing that stands out to me in the translation you have is making idles to yourself. Instead of for yourself. That and using the term Jehovah. Those to me are major pointers to using the NWT, which among the Christian diaspora is seen as less reputable.

I’m a secular person now but as a formally very religious person I know a bad Bible translation when I see it.

Assuming you a referring to Leviticus 26:1 a better translation from the NIV is:

Do not make idols or set up an image or a sacred stone for yourselves, and do not place a carved stone in your land to bow down before it. I am the LORD your God.

Given this I can see how Catholics can justify having statues and art and the like.

In case you don’t like the NIV here is a meta comparison.

https://biblehub.com/leviticus/26-1.htm

I do most of my cad stuff on openscad and I will say that is impressive!

Particularly since the openscad language is purely functional and side effect free.

Yes. The left side of the : in the volume is the file on the host. You can see this directory on the host. The right side of the : is where that directory is replicated into the docker container.

All you need to do is to interact with the directory on the host.

You should use volumes over bind. You just move your media into the volume location on the local host and try will show up in docker. You should never need to ssh or sftp into the container.

There is a lot here but I think the most important thing is that docker containers should always be disposable. Don’t put any data into the container ever.

All of your data and configuration should be done in volumes. Local disk to inside the container is all you really need.

By doing this you make updating any given docker container easy as just pulling the newest tagged version of the container. If you are using docker and not podman you can use tools like watchtower to do this automatically.

As for what distro, it depends on your goals. Do you want to learn and improve your skills? Stick with Fedora or Rocky or Debian or openSUSE. I recommend learning the command line as you go, but if you want a nice UI openSUSE has Yast which is a very robust tool.

If you want to just have a home NAS but don’t want to learn that’s a different question. In this case if you’re getting a proprietary NAS anyway you could just get one that supports docker (like synology) and kill 2 birds with 1 stone.

https://codeberg.org/forgejo/discussions/issues/67

The biggest issue is they require your to give them your rights as they pertain to copyrights.

That means even if you submit MIT or GPL licensed code they can just instantly say “we relicense this code as proprietary” and there is nothing anyone can do.

They rejected a bunch of valid PRs. Including the one linked here because the author refused to assigned their copyrights to the Gitea corporation.

Right now Forgejo is a drop in replacement. This article is them announcing that Forgejo will eventually not be one.

Because gitea is fully the victim of corporate capture. Any PRs that make gitea better in a way that would reduce the main corporate “sponsor” profit are rejected.

The company has a conflict of interest with the community and it shows. Forgejo is sponsored by a non profit open source cooperative.

+1 For Seafile. They put out a docker image that works well. It hasthe fastest sync I’ve ever seen and it has good clients.

Modern smart phones were architected from the beginning to have app isolation. That makes the difference.

Your phone runs by default like a Linux system with selinux in mls mode with 100% coverage mls isolation policies baked in. That’s just a more secure foundation to build on. No Linux distro today has selinux in mls mode with 100% binary coverage with isolation policies.

Using your phone is a good safe compromise. Unless you are running Qubes OS you aren’t going to beat it.

It’s the second factor that adds security. Aka “something you have”.

If you use totp on your phone to log into an app on your phone yah it’s true it’s not much more secure (although I would argue app isolation does make it more secure) but using your phone to provide totp for your desktop proves that second factor.

You’re right. Yah. Still at least those use “secure element” equivalents at least.

For less important things I keep my TOTP credentials on my phone. Not perfect but definitely safer than a PC statistically speaking.

For more important things I use either a passkey or yubikey or a gpgsmart card depending on what is supported. All three work via usb or NFC.

Edit: I was wrong and mixed up passkeys with something else. Passkeys I think are still better than desktop totp apps because at least they work with secure hardware on the platform.

Slightly off topic but desktop 2FA apps kind of kill the point of 2FA.

2FA protects you by ensuring that even if your computer is compromised your account will have a layer of protection in that second factor “aka something you have”.

If you have that on your desktop, you might as well not have it.

If you find 2FA off of your desktop annoying I recommend looking into passkeys. Open standard and less annoying. Just not well supported.

No problem. It should be wayyy faster than sshfs for the record. Both NFS and WireGuard are best in class tools.

NFS over WireGuard is probably going to be the best when it comes to encrypted file shares without the need to set up Kerberos. Just set up the WireGuard tunnel and export over those ips.

In addition to what other people are saying there are additional factors like minimum layer time. If you find that layers with less material are being done slower it might be because of this.

In general a well tuned profile will prioritize quality over speed. You can bump things up or use a more aggressively tuned profile but your results may vary.

I understand. But do you see what you wrote could be seen as toxic? Intent is nice, but what and how you write really determines the tone of a community.