I adore Nebula and half wish I had chosen it instead of Tailscale+Headscale, the one thing about headscale that I really like is how easy it is for users to just grab the client and then login using their gmail account and they're on the network. The biggest downside I've found to tailscale is their "network shenanigans" with firewall rules and route tables on Linux. In my testing 3-5 years ago, Nebula worked great in my test environment.
I'm tempted to add Nebula support to WeEncrypt for automated handing out of the certs using a LetsEncrypt-style short lived certs. I could even imagine a fairly easy to build workstation client that would require end-users to login to get their refreshed certs once they expire, like we do with Tailscale+Headscale.
> I adore Nebula and half wish I had chosen it instead of Tailscale+Headscale...
Could I ask you to expand on that a little? Besides Tailscale's "network shenanigans" with firewalls and routing tables, what else do you find that Nebula does better than Tailscale? Why would you recommend Nebula instead of Tailscale to someone who hasn't used either one before; what's Nebula's big "win" over Tailscale? (Assuming that this person's usage would fit within Tailscale's free tier so price isn't a consideration, because obviously free is nicer than $$$/month if your usage is large enough to be outside free-tier limits).
(preface: I'm talking about personal/homelab experience and usage)
I know this is not going to be popular, however: I still use plain and simple OpenVPN and frankly i've been very happy. It can do both ipv4 and ipv6 and with some more work also layer-2 bridging.
Yeah performance is lower in theory but frankly that has never been the issue for me.
I'm pretty much always bottlenecked by bandwidth rather than cpu time.
So I understand how you could onboard hosts on a static network using reverse DNS, but I do not understand how you would unboard a portable laptop onto Nebula using reverse DNS
Just a couple days ago my CTO was saying he was reluctant to clone all our git repos into github because of the AI training possibility. All our code is in bitbucket now, so not sure what our plan now is.
Very timely. I literally ran a Claude prompt "compare and contrast Notion vs Obsidian" and flipped over to HN while it was thinking, and this comes up. Thanks HN!
For a personal knowledge base? I would stay far away from anything proprietary for personal notes. I love logseq though I'm increasingly worried it's abandonware
Logseq was captured by VC a long time ago. They switched from open files to a database, their synching product is closed source (not selfhostable), and they have built-in telemetry.
I don't think I've updated my Logseq since 2022. As far as that is concerned, it's Markdown files that I can sync with an open-source tool like Syncthing-Fork.
My use case isn't likely to be a personal knowledge base, I've just never had any traction on that sort of thing beyond a blog/microblog. I'm wanting to use something specifically for organizing the building of a shop/ADU: todo lists, pinterest-like inspiration boards, costing spreadsheets...
Anytype is a well-made product, but its data format is somewhat opaque and like Notion suffers from significant complexity. I switched to Obsidian last year, which while proprietary at least gives me the option to move my data somewhere else if I should need to. Anytype doesn't make it easy to get your data off its platform.
For the sake of staying a computer nerd I decided to put all my notes in a private GitHub repo with help of a local 5b Gemma4 LLM. Is working extremely well. It doesn't matter in what format i type. I Use opencode for entering new notes.
Logseq isn't abandonware - they're in the process of rebuilding the app from the ground up to be database-driven, rather than house-brand Markdown as the source of truth and a database constructed from the files afterwards.
I'm not saying it's the most likely project to survive, but they've been working in quiet mode for a good while now.
Thanks for the pointers everyone, there were quite a few that weren't on my radar. My use-case isn't a "personal knowledge graph", I'm building an ADU and so I'm looking for a lot of components: todo lists, inspiration boards, costing/spreadsheets, ordering lists, documents.
Notion looks to be pretty capable in that regard, so the knowledge graph options really fell short (Logseq, Obsidian, Joplin, Trilium, Craft). They are likely good if your use case is in their lane.
Anynote looks like a good option, except it doesn't have a web client, just the Android/iOS (and MacOS I guess?).
Milanote sounds like a possible option if my use were more inspiration-board heavy.
I'll probably give Anynote a try, but Notion really does seem to be a compelling product if it weren't for the jackassery that lead to this thread to begin with.
FYI: I spent around 30-45 minutes trying Anynote, trying to match what they were showing in the introduction video (a todo list of tasks, where each task was a list), but it looks like creating a new space results in standard objects like "Task" needing to be recreated; the new Space had like 2 standard objects included. So I switched over to Notion and in <5m I was able to get going.
I was just trying to get a list of building supplies, one of which was the doors I wanted to use, to have a page where I could put a link to the product page for the doors I found.
Anynote looks promising, if I could understand why I didn't have what look to be the "standard objects" in a new space.
I kinda dislike where Notion is heading though, forcing more and more things on their users without any ways to disable them. But yes, it's capable to do what you are looking for.
Maybe Affine could also work though, you can self-host it and it's more customizable: https://affine.pro/
I self host https://www.getoutline.com/ instead, they might not have the latest AI features but it has everything I could ask for from a Notion alternative.
Consider Trilium if the collaboration stuff people use Notion for isn't important. It's open source, uses SQLite, and does automatic daily and weekly backups.
I was going to say that I assumed the video was cut together from multiple sessions like the original announcement video of FSD (in 2016) was, but in this one they aren't even trying to hide the cuts...
That I bought a Model S in 2016, and they outright lied about its abilities and timelines. The source of this "conspiracy theory" was a sworn deposition by Tesla's Director of Autopilot Software as reported by Reuters and The New York Times. Here's one source reporting it: https://www.cbsnews.com/news/tesla-autopilot-staged-engineer...
I don't trust any videos they put out, for what some would say are reasonable reasons.
Wsl2 runs a Linux vm so it definitely feasible and has the api's necessary.
It is on the roadmap, but frankly I haven't used Windows in a decade. I would love for a contributor to take that on as part of the free and open source spirit.
Don't make your password requirements less strict. Don't encourage people to use weak passwords that are likely shared across sites. That leads to pain and suffering over the long term.
If you want to reduce friction for people who don't/won't use a password manager, provide a passwordless option like a login link that is e-mailed to them. Yes, people will likely complain about "your service is supposed to be my email, why are you requiring an e-mail to login", in which case they should be using a strong password.
To the person requesting weak passwords: Just set up google or firefox password password manager, it will auto suggest a strong password on the registration page and save it for use across devices. There is zero reason to be using the same password across accounts, and a lot of reason not to.
Attackers do actively try passwords you have used on other sites to try to compromise your accounts elsewhere. This happens when services leak passwords or password hashes. If your password is short and lowercase, it really doesn't matter if only your password hash has been leaked, it might as well have just been the password itself. This is the lowest-hanging fruit for attackers.
Thanks for your opinion. I appreciate it. I think that makes a lot of sense.
I also like the idea of passwordless, I'll definitely have a look at that!
For over a decade I ran a small scale dedicated and virtual hosting business (hundreds of machines) and the sort of setup you describe works very well. Software RAID across 2 devices, redundant power supplies, backups. We never had a significant data loss event that I recall (significant = beyond user accidentally removing files).
For quite a while we ran single power supplies because they were pretty high quality, but then Supermicro went through a ~6 month period where basically every power supply in machines we got during that time failed within a year, and replacements were hard to come by (because of high demand, because of failures), and we switched to redundant. This was all cost savings trade-offs. When running single power supplies, we had in-rack Auto Transfer Switches, so that the single power supplies could survive A or B side power failure.
But, and this is important, we were monitoring the systems for drive failures and replacing them within 24 hours. Ditto for power supplies. If you don't monitor your hardware for failure, redundancy doesn't mean anything.
> But, and this is important, we were monitoring the systems for drive failures and replacing them within 24 hours. Ditto for power supplies. If you don't monitor your hardware for failure, redundancy doesn't mean anything.
It does still mean something.
If you have a 5% annual chance of failure and no redundancy, your five year failure chance is 23%.
If you have redundancy and literally never check for five years, your five year failure chance is 5%. That's already a huge improvement. If you do an inventory of broken parts twice a year, still no proper monitoring, it goes down to 0.6%
For 2% the numbers are: 10% 1% 0.1%
For 10% the numbers are: 41% 17% 2.6%
(The approximations for small percents are x*5, x²*25, and x²*2.5)
Somewhat related: I have a branch of Ganeti that has first-class ZFS support baked in, including using ZFS snapshot replication to do live migration without shared storage or CEPH: https://github.com/linsomniac/ganeti
Current status is I'm looking for more feedback. In a few weeks when Ubuntu 26.04 comes out I'm going to set up my dev/stg clusters at work with it, at the moment I've only tested it in a test cluster at home.
It works this way: It creates a snapshot of the zvol, and replicates it to the secondary machine. When that's done, it does another snapshot and does a "catch up" replication (the first replication could take hours on large volumes). Pause the VM, do a final snapshot+replication. Replicate the working RAM. Start up the VM on the new host.
Agreed. It's not like humans can produce the same output given the same input for anything more than trivial inputs.
I'd argue that it's actually a benefit; I like that I can do several generations and compare them and pick the best result. HP, for example, used to do this with software teams, and that's how we got Rocky Mountain BASIC (AIUI the competing team was East Coast BASIC).
I'm tempted to add Nebula support to WeEncrypt for automated handing out of the certs using a LetsEncrypt-style short lived certs. I could even imagine a fairly easy to build workstation client that would require end-users to login to get their refreshed certs once they expire, like we do with Tailscale+Headscale.
That would dove-tail nicely with the existing TLS and SSH signed host keys support. https://github.com/linsomniac/weencrypt
reply