foonex

He is also great in Fight Club where Edward Norton beats him to a pulp.

Are you going fangless?

I would definitely go fangless. I have been bitten enough times. A bite might also transfer viruses. Nowadays I defang all my computers.

Kann aus eigener Erfahrung berichten, dass dabei der Durchsatz leider oft auch nicht berauschend ist.

Sorry, but you are mistaken. Joplin definitely encrypts data at rest if you enable end-to-end encryption: https://joplinapp.org/e2ee/

Deswegen habe ich die Hoffnung, dass sich Typst mittelfristig zu einer echten Alternative entwickelt. TeX merkt man seiner Alter leider an. Vieles würde man heute anders machen. Da Typst ein komplett neu entwickeltes Textsatzsystem ist, können sie alte Zöpfe abschneiden und müssen nicht den Ballast eines halben Jahrhunderts mitschleppen. Es ist beeindruckend, was das Projekt schon erreicht hat.

tl;dr Duplicity does full or incremental backups, BorgBackup only does full backups but with deduplication.

After the first backup with Duplicity, you can choose to do an incremental backup which will only store the data that has changed since the last backup. This saves time and disk space but you have to do slow full backups regularly. See question 3 of the FAQ.

BorgBackup alway does a full backup. But it divides all data into chunks or blocks (don’t know what they call it exactly at the moment). It then hashes those chunks and stores them in a content-addressed storage layer. So it basically works like Git under the hood (plus encryption). If a chunk doesn’t change between backups it‘s already there and does not have to be stored again. A backup is always a full index of the data.

With today‘s fast processors and hashing algorithms, a backup with Borg should be just as fast as an incremental backup with Duplicity. If you ask me deduplicated backups are just plain superior.

Another tool that works like BorgBackup is Restic, which I prefer. Both are good choices that I would trust with my data.

Great, I accidentally deleted my original comment because the Lemmy web interface doesn’t ask for confirmation when you click the delete button. And the buttons are so small on mobile that it‘s really easy to click the wrong button.

If you want to use these features for security, access them manually. But, OP said they are kind of a noob. Telling them to just use containers is dangerous and leads to false assumptions.

You are absolutely correct. I should have stated explicitly that I didn’t mean docker and/or using pre-built container images. I was talking about something like systemd-nspawn. And you are right that I should not have brought this up in this context. I will edit my original comment.

So, putting a process in its own network, file-system, user etc. namespace does not increase security in your opinion?

I see. That‘s a valid use case. Although, in the spirit of self-hosting, I personally would either get another ISP or run a reverse proxy on a cheap VPS and connect the homeserver to that via Wireguard.

Why would anyone DDOS a random home server? I don‘t think OP has to worry about that.