We need FOSS phones badly and in numbers that manufacturing isn’t horrible. That is until our governments force carriers not to connect them.

If I could find a reasonably priced 8" Linux tablet, I’d sell my phone and buy a cellular wifi AP.

Everything you expose is fine until somebody finds a zero day.

Everything these days is being built from a ton of publically maintained packages. All it takes is for one of those packages to fall into the wrong hands and get updated which happens all the time.

If you’re going to expose web yourself, use anubus and fail2ban

Put everything that doesn’t absolutely need to be public open behind a VPN.

Keep all of your software updated, constant vigilance.

Europe: Companies can’t lock down your operating system.

Also Europe: Companies must force back doors into their operating systems.

I wonder how long those two things can coexist.

Enter AI for its first white hat job…

Okay, it’s no steam deck, but the GPD-4 6xxx model looks like it supports Linux reasonably well.

https://gpdstore.net/blog/gpd-pocket-4-review/

https://github.com/aarron-lee/gpd-win-tricks?tab=readme-ov-file#disable-fp-sensor-6800u-untested-on-newer-win-4-models

It’s an 8.8 inch 180 degree touchscreen and it has a keyboard built in.

It’s a pricey sausage, but not more expensive than my flagship phone.

I keep hoping the Halium project will pick up support for some small tablet, but those are almost all bootloader-locked. I don’t love Halium, but anything is better than what we have, I could deal with some UBPorts.

I even looked at DIY. There’s no lack of 7" touchscreens, but Pi’s are apparently bad on power. There are a couple of mini clone boards that might work, but they all have tradeoffs and red flags.

When I started with it, I looked through references all over and just felt f’ing lost, and I do this kind of stuff all the time. I am intimately familiar with AWS and Azure, but setting K8S up is just very different than the normal stuff we’re used to. I’m big on installing a package and screwing with it until it works, but this doesn’t work like that.

At the risk of being criticized here, and I’m very sorry if you’re strongly opposed to AI, consider asking ChatGPT or Copilot to guide you through setting up Kubernetes step by step. Out of desperation, I figured I’d give AI a shot, and for the most part, it was really great at teaching it to me.

Ask it to give you the different options for setting up Kubernetes on your home lab (there are numerous ways to do this). You can save a lot of steps by using something like Rancher (k3s), which is a simplified version, but I prefer starting with the official kubeadm first. It’s harder, but it gives you a better feel for what’s happening, and it’s more capable and closer to what you’d experience when crafting a production deployment.

Indicate your level of experience in the next prompt and specify which systems you’re familiar with so it can tailor training to your existing knowledge and play to your strengths. Ask it to make a lesson plan first, and then pick what items you want it to walk you through. If anything feels weird or you have questions, stop it and ask away. You’re working on something from scratch, so there’s little to lose if it gets something wrong, but honestly, teaching technical things with tons of documentation available is probably the best use of LLMs that has ever existed.

If you decide against AI, focus your research on Docker cli, Kubeadm installation (the control plane/controller) and creating/joining nodes, persistent storeage and networking, K8S Namespace, then pod deployment. Complicated parts that might hang you up are getting logs from PODS that die on startup, and getting interactive prompts in a cluster are a little different than Docker (have to specify namespace)

For persistent storage, you then have numerous options. For a homelab, I like Longhorn; it’s a RAID-like system that stores data blocks across the nodes, and it easily backs up to S3 if you want it to.

For homelab learning and testing, I just crapped out a Proxmox and started 3 VMs, setup kubeadm on the control plane and then joined two nodes, then spent I an hour getting NTFY to run in it for the first time, I really should have done a python hello world, NTFY is fiddly. But, it’s super fun to stop a VM and watch the app come back up like nothing happened.

Once you get a base system up, whatever you choose, do check out https://www.ansibleforkubernetes.com/

Jeff Geerling did a bang-up job on the book, and it supports his cause. It just doesn’t go into the detail you need to get started with k8s.

The nodes go on x86. You use the pi’s for control planes. They sit around doing pretty much nothing until a pod get’s wrecked or upgraded then they spin a new one. You use 3’s or 4’s clocked down to save power.

You really only need one, but for $50 two gives your fault tolerance, fault tolerance.

yup, I want no parts of that.

Here’s my license, here’s my phone. here’s my travel laptop.

K8s is pretty cheap for fault tolerance

Two VM’s and two Pi

If my wife decides whe wants to watch the wedding video or the kids first TKD break and it’s down, she’ll clamor to move back to Google/Apple. I can also move my piholes over there and some of my arr stack.

Resillient hosting for zero cost is pretty hot.

I didn’t say copy facebook

I’m not saying don’t decentralize at all

Forcing people to decentralize isn’t* going to work in most places.

I’m not spending any more time on the subject, I think we’re at an impassse and neither of us are going to change our minds.

Honestly, it’s a great project though,

best of luck

edit: brain said isn’t, fingers wrote is’t, autocorrect did me dirty

GrapheneOS provides users with the ability to set a duress PIN/password that will irreversibly wipe the device along with any installed eSIMs.

That’s a good way to get locked up for 6 months while they ‘investigate’ you

What are you trying to hide RUMBA??? Ihre Papiere bitte

the explicit design goal

IMO, it’s a bad goal. Not that decentralized is a bad goal, but dictating the amount of decentralization will decimate wide adoption.

A server for every community is also a Mastodon goal that never really happened. Sure there are some out there, but the general public doesn’t want that. It’s a waste of compute resources to run a 24x7 server for every community. It’s a problem of scale. I get the decentralized point, but I think it’s going to utterly fail at widespread adotion if it needs a technical caretaker and a $20 a month bill evey time a zipcode wants to sell things. It migth work well in Germany, it’s not going to work well in most places.

I’m just going by what’s said here because i’m not about to go through installing it to find out.

So every town that wants to sell things needs to host their own instance? And make sure that their instance doesn’t federate with other towns that are ‘too far away’?

edit:

OK I read the readme.

Why not just setup communities on the server as locations? Why is there a need to install another server for every location that wants to sell things? Certainly one server could handle thousands of locations.

I can’t speak for everyone, but if I’m using a dumb phone, I’m not going to be doing any of the things that I’m worried about them hearing.

If ICE grabs my phone right now and beats me until I lock it. They’re going to be looking through my lemmy history.

I’m not going to hold a long political dissertation over SMS or during a phone call.

What I really want to at this point is a pager, a cellular Wi-Fi access point, and an 8" tablet that can run Linux and sip power so I can just pretend I don’t have a device.

Wait, you mean it actually won’t let you set your location and search for local ads?

If someone is going to build a site for selling things, that’s ‘kind of’ the most important part of the site. Having it be federated makes that a thousand times worse. Now I’m supposed to find other local federated services in my area?

That is so against how any of this works.

God damnit, now I need to set up k8s and install it.

I’ve been putting off moving out of Google photos for years. No, no, I shouldn’t spend the time to host it. It has that scary banner.

Way to ruin my weekend! /s

Congrats Immich Team! /and if you’re listening, thanks!

There’s a million different design problems in all of Windows. There’s probably a million better ways to fix the problem.

I’m just saying that what they did isn’t without merit. And they did leave you the option to turn it off.

It is admittedly not the best IDE for your computer.

They were archived as they restored them several times. But I kept the account and every time they restored them, I used software to go in and wipe them back out. They’re still not visible on the front end to this day. Maybe they’ll do something AI with them, but they don’t show up in Google search anymore.