simplest tool to backup to Google drive

Without the need for versioning, I think rclone fits the description. For backup into USB drive / remote SSH server I would recommend rsync.

Wireguard config already includes “::/0”

That is what I was thinking, yes.

In my case just disable IPv6 in WiFi is enough.

sysctl looks like the most universal way.

net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1

I tried the same setup with Ubuntu 24.04.1 desktop live system and I can replicate this IP leak issue, I guess I will have to disable IPv6.

I am born too late to understand what Y2K problem was, this (the result) might be what people thought could happen.

try ncdu?

sudo ncdu --one-file-system /

HTML Form + any backend of your choice (that can handle HTML form)

One thing notable of Sierra Forest is that the CPUs don’t have SMT (only 1 thread per core), so in theory it doesn’t suffer from speculative execution attacks.

Epyc CPUs still provides more PCIE lanes, which is crucial for GPUs.

asyncio provides “cooperative concurrency” for python.

Lets say you need to download 10 webpages in python, someone might do

result1 = requests.get(...)
result2 = requests.get(...)
....
result10 = requests.get(...)

Down side is that each requests.get() blocks until HTTP request is done and if each webpage loads in 5 seconds your programs needs 50 seconds to download all pages.

You can do something like spawn 10 threads, but threading has it’s own downside.

What coopertive concurrency does is allowing these coroutine(tasks) that can tell Python to do something else while a function is waiting for something… I think it’s the best to read some Python examples. https://docs.python.org/3/library/asyncio-task.html#coroutines

examples that solves requests.get() problem with asyncio but it’s probably better to use libraries that builds around asyncio.

ASUSTOR has NAS that can have up to 12 NVME SSDs (but speed is very limited by PCIE lanes).

NVME SSDs are still very expensive compares to HDD.

NAS that have many HDD bays are expensive but designed for easy setup and easy management.

Fractal Design Define 7 (XL) can have up to 18 HDDs by design, but then you will need to search for PCIE to SATA cards and PSU that have many SATA connectors (for example RM850x/RM1000x) and Molex to SATA cables.

FSP CMT370 is a much cheaper case with up to 3.5" HDD *9 or 2.5" SSD *10 but it’s not on amazon, it probably doesn’t sell to western world.

SAS drive enclosures (and SAS cards) are also an option, but the cages might be very loud because they are designed for servers that also are very loud.

Important things about dual booting:

1. Configure your Windows to use UTC time https://wiki.archlinux.org/title/System_time#UTC_in_Microsoft_Windows

2. Disable “Fast startup” in Windows (can possibly cause hardware issues if not disabled and it really doesn’t improve things in computers with SSD)

What do you recommend I do about disk partitions?

I recommend separate EFI partitions while dual booting, I haven’t seem issues with my separate EFI partition setup yet.

If Mint provides Btrfs filesystem I personally recommend looking into timeshift (snapshot software that can be setup to automatically snapshot your computer).

Is disk encryption straightforward?

According to Linux Mint forum, you need to choose an option in “Advanced features” while going through installer, that seems straight forward

Is cloud storage sync straightforward?

Don’t have experience with this but I can tell you: While rclone supports bi-directional sync, you need some setup for make it run periodically.

Should I just use apt to install software?

In the end you have to give trust to someone, I think it’s fair to say if you already choose Mint you probably trust whatever options comes with Mint more than 3rd party options (but is it theoretically possible that backdoored program exists in Mint repository? of course yes).

While my solution isn’t perfect (if someone key logged my computer I am very screwed), I think it’s better than (1) have a much higher chance of losing my 2FA tokens altogether (2) put all hope on Bitwarden being not compromised

Do you want to have 2fa keys on all your devices?

Yes

Doesn’t that defeat the purpose?

I use different password between KeepassXC and Bitwarden. (On my phone one of them is unlocked by fingerprint because I am lazy but not both)

And I don’t store KeepassXC password in Bitwarden.

Syncthing and KeepassXC for syncing 2FA between devices. (I use Bitwarden for passwords)

If your command doesn’t change (doesn’t require dynamic input), sudoers file can make specific command+argument run without password required.

https://www.cyberciti.biz/faq/linux-unix-running-sudo-command-without-a-password/ (ctrl+f search “A better solution”)

(You can also use wildcards in sudoers file but with nftables I imagine it’s a big security risk)

sudo chattr +i (folder) prevents anything to modify/delete folders and files

Add -R for setting the flag for all subdirectory/files

hmm… I would skip dpkg command in this case.

Maybe try command listed here

https://askubuntu.com/questions/775328/is-dpkg-reconfigure-all-still-available-in-16-04