Newer macOS is not Unix certified.

It’s UNIX 03 compliant https://en.m.wikipedia.org/wiki/Single_UNIX_Specification

One or two Linux distros were (are?) UNIX certified, though.

I think mplayer has an ASCII output mode (VLC, too?), and I believe youtube-dl can output to stdout.

The rest is, as they say, left as an exercise to the reader.

Haha yeah that was the counter example I was thinking of. I agree completely — you could make a Gentoo from source beginner distro, and I think you could make it reasonably “idiot proof,” but it would still be a bad user experience most likely (too much time spent compiling).

If your distro can’t be forked into a “beginner distro” then it’s fundamentally flawed IMHO.

To be clear, I’ve used Arch as my daily drivers for a while, and while it’s not the best fit for my needs (I use Debian mostly), there’s nothing that I experienced that was incompatible with a “beginner” distro.

You can also drop cache for debugging by running something like echo 3 | sudo tee /proc/sys/vm/drop-caches

But remember that the kernel knows best — this RAM will automatically be freed up when needed and you should never run this except for debugging (or maybe benchmarking).

You can turn it off, at least for ext4: https://lwn.net/Articles/784041/

Although you can use case insensitive filesystems with Linux, and case sensitive filesystems with macOS. I believe the case sensitivity is a function of the specific filesystem — but yeah, practically, the root for Linux is always case sensitive, and APFS ain’t is only if you ask it to be ( https://support.apple.com/lv-lv/guide/disk-utility/dsku19ed921c/mac ).

Not sure why you’re saying Python forces everything to be object oriented…?

Pick your favorite tech company, pick a small team with a “nerdy” engineering mandate, and I’m confident you’ll find the academic, geeky science and engineering types you’re talking about.

They probably aren’t very vocal though, because 1) there’s a huge PR/marketing budget which is responsible for being the face of the company, and 2) well…these are nerdy STEM folks who probably like their job because they get very well compensated to be nerdy STEM types, and not because they’re fanboys/girls.

And environment — DISPLAY and PATH in particular.

Add to that photo editing (as much as GIMP is great…). I would guess DAW and video editing would fall under that category, too…and good luck finding many AAA open source games.

It’s mostly so that I can have SSL handled by nginx (and not per-service), and also for ease of hosting multiple services accessible via subdomains. So every service is its own subdomain.

Additionally, my internal network (as in, my physical LAN) does not have any port forwarding enabled — everything is over WireGuard to my VPS.

My method:

VPS with reverse proxy to my public facing services. This holds SSL certs, and communicates with home network through WireGuard link configured on my router.

Local computer with reverse proxy for all services. This also has SSL certs, and handles the same services as the VPS, so I can have local/LAN speeds. Additionally, it serves as a reverse proxy for all my private services, such as my router/switches/access point config pages, Jellyfin, etc.

No complaints, it mostly just works. I also have my router override DNS entries for my FQDN to resolve locally, so I use the same URL for accessing public services on my LAN.

Getting TLS certs will be complicated

I just use Let’s Encrypt with a wildcard domain — same certs for public and private facing domains. I’m sure this isn’t best practice, but it’s mostly just for me so I’m not too worried :)

Yeah I don’t expose Jellyfin over the Internet, so it doesn’t matter for me, and wouldn’t work at all over WAN (unless VPN’d to home network).

Also, it’s all reverse proxied, and there’s nothing preventing having two Jellyfin hostnames, e.g., jf-local.mydomain.com and jf-public.mydomain.com.

Another fun trick you can play is to use a private IP on your public DNS records. This is useful for Jellyfin on Chromecast for instance — it uses 8.8.8.8 for DNS lookup (and ignores your router settings), so it wants a fully qualified domain name. But it has no problem accessing local hosts, so long as it’s from 8.8.8.8’s record.

I have set up local DNS entries (with Pi-Hole) to point to my srrver, but I don’t know if it possible to get certs for that, since it is not a real domain.

So long as your certs are for your fully qualified domain there’s no problem. I do this, as do many people — mydoman.com is fully qualified, but on my own network I override the DNS to the local address. Not a problem at all — DNS is tied to the hostname, not the IP.

…and I don’t see it motivating people to go vote.

But it can do the opposite perhaps — “motivate” people to stay home who would otherwise vote R. Not that, in general, we should be celebrating voter apathy, but I think that some of these endorsements could dishearten folks enough that they end up abstaining.

So we need to freeze our farts and thaw them out when we need them. Got it.