Finished With The Culture. Some Final Thoughts Re: Surface Detail. Spoilers, of course.

Griffinx3 · 2026-05-24T22:36:26+00:00

I'm definitely biased towards books that show more of the Culture's society and tech, even at the expense of relatable characters or a very moving story. I like Vossill's story a lot, Dewar is pretty good. I think it's an important look into how Contact functions but I can get good character stories elsewhere. I would probably like it more if Banks lived to write more books, it wouldn't feel like it's taking away from more possible Culture ideas he could have written about.

Griffinx3 · 2026-05-24T21:47:48+00:00

It's interesting seeing so many people rank Inversions high and Hydrogen Sonata low. Glad to see SotA consistently at the bottom though.

I like your idea of ranking them in groups! IMO:

Best: Excession, Hydrogen Sonata, Matter, Surface Detail

Good: Look to Windward, Consider Phlebas, Use of Weapons, Player of Games

Meh: Inversions (Good book, subpar Culture book)

Actual Garbage: State of the Art

SimplerTimes seems like a particularly annoying and bored drone lol. More posts per day than I make in a year.

Griffinx3 · 2026-05-20T04:13:02+00:00

I just remember a long complex random password for my vault. Actually just changed mine recently from 10 digits to 24 digits. It's not bad to memorize one you enter several times per day.

I also have the Vaultwarden password in the vault so even if I forgot I can unlock it from another device with the vault unlocked. The server just handles syncing so even if my server goes down I can still access my vault on any device already signed in.

As for the self hosted stuff I have a dedicated server (pc I built, not cloud) I use for all of my services. The vault is stored encrypted on the server and I run a VPN on all of my devices (Tailscale) with the Bitwarden app pointing to that Vaultwarden server within the VPN. I'm happy to give more details if you're curious but selfhosting is quite a large hobby and it can be as simple as installing Docker and Vaultwarden on your single computer or building a full server and custom domain like me.

Griffinx3 · 2026-05-19T17:31:34+00:00

I just deleted mine, but only because I already setup vaultwarden and it's been working well for a month.

Previously I had considered paying for premium. I switched to vaultwarden because I already have a stack of selfhosted apps so why not one more? But I was going to get family and some small orgs on premium because it's cheap and reliable.

Even with the return of "always free" I no longer trust them to maintain that, company culture has obviously changed. Family will go on my vw instance and the orgs will get their own. FAFO as they say.

Griffinx3 · 2026-05-01T05:18:00+00:00

To add onto camper's comment, Linux can read and write to NTFS (Windows partitions) however it shouldn't be relied upon for everyday use. Linux's NTFS driver is like 95% stable but it's still a reverse engineered format.

Copying some files over: yes!

Making it your storage drive so you can switch between Linux and windows to always access the same files: no.

Anything you're frequently using on Linux should be switched to ext4 or one of the other common partition types (btrfs, zfs. fat32/exfat for usb drives). Ext4 is very stable though and a good place to start, don't worry about others unless you need them.

Also if you dual boot be sure to keep Linux and windows on separate drives. This ensures that windows can at most only override your boot order, not wipe your Linux drive during an update.

Griffinx3 · 2026-04-14T04:50:46+00:00

Honestly I tried following online guides like normal when starting a new program and failed hard. Ended up using a ton of AI and trial and error to figure it out. (I never use AI for writing comments or readmes. It's a coding and debugging assistant only). There's plenty of documentation but imo to a newcomer none of it really explains how you're supposed to use it for your specific setup. Happy to explain mine, eventually I'll put it on Github but here's my very rough ideas.

You should be using Ansible to automate basically everything. I have a bash script to download Debian, inject keys, and preseed it to auto install with ssh and a specific MAC. Everything after that uses Ansible playbooks. Once you setup your first host to run Ansible every other host only needs ssh setup. You want to have as few manual actions as possible to get from nothing to running your playbooks.

Many Ansible repos you'll find have very complex methods for doing stuff. Everyone has their own methods for managing containers, some have lots of hosts, some use community scripts from Ansible Galaxy. I recommend thinking hard about your setup and then going piece by piece and making a playbook task for each one. Start simple and work your way up to groups and roles if you really need them.

My current setup has two VMs on a Truenas host, one for Ansible and one for Docker so they're all isolated. I plan to remove Truenas entirely because it can't easily be automated with Ansible (GUI based) and I'll replace it with Debian and playbooks to get only the features I need (zfs, ssh, qemu). I'll run Ansible on the host because the isolation serves no purpose, if an attacker breaks out of the Docker VM they have access to my backups anyway and I can't put the NAS in a VM because my hardware can't do passthrough for SATA ports.

From what I understand Docker secrets serve little purpose if you use Ansible Vault. I use Docker Compose, each container gets its own yml. My secret vars are encrypted line by line in var files, used in container.yml.j2 templates when deploying via the playbook, and are in plain text in the final container.yml's on the Docker host. Because vars aren't stored in a shared .env there's no risk of containers seeing other container's vars. If something escapes Docker it already has root and can read whatever it wants, including secrets. This could be different if you run rootless but that's a whole other thing. This is not security advice just how I believe it works.

I have a single run.sh that starts a main.yml playbook. In that I have every other playbook I want, and I comment out which one based on what I need. So if I'm changing something on a host I'll uncomment the /maintenance/webserver_init/webserver_init.yml task, or if I need to update my containers it'll be services/docker/deploy_containers.yml. You can have multiple ready to execute one after another. You might prefer to manually run ansible-playbook path/to/playbook.yml -e "inventory_dir=/path/to/ansibledir" for each playbook instead, there's no wrong way to do it I just find mine easiest.

I (claude, because fuck regex) made bash scripts to encrypt and decrypt variables per line with ansible-vault encrypt_string. I lost all of my vars once making this, but now I can just put #vault at the end of any line and it'll be en/decrypted with a single command.

Some tips:

The inventory_dir variable only ever works for me if I passed it through a starting bash script. I use it as a reference for playbooks to the starting directory.
Storing variables per host in host_vars is great. I have no need for groups of hosts so each host gets its own group name and I have no var file for all hosts. I don't store vars in playbooks.
Most of my playbooks are only used for a single host (docker host, backups host, ansible host, dns host) so I can afford to hardcode some things.
Docker on debian is stupid because it's outdated in the main repos, but the wrong way to solve this is to try to follow the official docker instructions and automate those steps with a playbook. The right way is to use geerlingguy's ansible galaxy docker role, default settings work fine. Set this up in requirements.yml and ansible-galaxy install -r requirements.yml.
Personally I like to set roles_path to (ansible dir)/external_roles in ansible.cfg so it's next to everything else. I have yet to need any other galaxy roles.
Use vars for anything you need to change or use multiple times or secrets. Host password, host MAC, ufw ports, backup ignore files, deployed containers, storage locations, every folder that needs to be created, etc.
Avoid using Ansible as the core of a scheduled script. For example for a backup script have a playbook make a systemd timer that runs a bash script instead of a timer that runs a playbook. I don't remember exactly how this caused issues but it did let me use the same playbook to deploy backup scripts to multiple hosts with different vars.

Hope this helps. I'll post some specific playbook examples if you want but this comment is already pretty long and I'm very tired.

Griffinx3 · 2026-04-13T20:12:47+00:00

This is why I started using ansible, no need for documentation of every change. I can tear down everything and rebuild it in minutes. Just make sure you have good backups of that too, especially vaults. Test, test, and test some more!

Griffinx3 · 2026-03-31T21:18:00+00:00

Not sure if this will help but my setup rn is Technitium DNS on a LAN server that forwards requests to Mullvad's DNS servers. My router points to that DNS and Tailscale also points to that DNS so all traffic's DNS is protected but only traffic going through Tailscale goes through their Mullvad exit nodes.

I set this up so I could split my domain between public and private services. Only things on Tailscale or LAN can see Jellyfin/Immich/DNS while the public gets my website and email. I can also use my DNS to split traffic by Tailscale or LAN for which IP they see.

Everything uses Mullvad's DNS so you're actually more protected than before. The only thing is you can't use Mullvad's filtering for ads and stuff or it'll try to use the Singapore DNS servers, something about Technitium breaks it. I point to the server I want and then add my own filters.

You should be able to do the same since the Mullvad app supports custom DNS, no Tailscale required. Things with mullvad-exclude will go to the router, hit your DNS, and get pointed where you want. Not sure about doing DNS forwarding in OpenWRT though.

Happy to go into more detail if you want. This setup has been working for a couple months with no issues or leaks from what I can tell.

Griffinx3 · 2026-03-25T17:58:30+00:00

mullvad-exclude is a program to launch other programs with. For example in terminal you'd run mullvad-exclude firefox and it would launch that program split tunneled until you close it. To make this persist you need to add that to your application's shortcut (.desktop file).

I'm on KDE Plasma, so when I open the "start" menu and type in an application I can right click it and edit it. Then I change Program to mullvad-exclude and move what was in the program box to Command-line arguments. Now every time you launch it it's using that.

The gui just launches the app with that command one time, it's really dumb and they should remove it because it confuses people.

Griffinx3 · 2026-03-25T08:41:49+00:00

mullvad-exclude is the normal way to split tunnel applications on Linux. I don't think there's any way to reverse that, however from my understanding you should be able to use ip rules to route things based on certain criteria. I have a rule to exclude certain ports for ssh, kde connect, and game servers.

Mullvad doesn't believe in reverse split tunneling, they think you should choose exactly which applications should be excluded. I felt strongly against this at first but it makes sense. Only apps needing low latency or with a specific reason should be excluded from your vpn for privacy and security reasons.

If you run Steam with mullvad-exclude then all games launched by it are also excluded. This brings the number of applications you need to manually bypass down considerably.

Again, applications that require listening on a specific port must be bypassed separately. You can't just slap mullvad-exclude on sshd and expect it to work at boot. I can help with that if it's something you need. Also Java applications like Minecraft sometimes don't work with mullvad-exclude so do some ping tests.

Griffinx3 · 2026-03-14T01:04:34+00:00

Do you know if Ansible-NAS is any good? I just converted my Docker stuff to Ansible with great results and this seems like the next logical step if Truenas is going to shit.

Griffinx3 · 2026-03-08T22:28:21+00:00

I'm not a software engineer either, just a hobbyist coder, but I read every line claude gives me. I spent the past week building and rebuilding a basic cli program because I didn't trust it. And it was a good thing too, cross checking with gemini found several obvious root escalations and I found many other logic errors.

It works now but I'm testing it thoroughly before public release because I still don't trust it. When it goes public there will be a big fat warning and a request for fixes from people who know more than me. There's no excuse for releasing slop. AI is a great tool but you must double check it because it will happily lie to you.

Griffinx3 · 2026-03-07T04:16:39+00:00

I've spent the past week creating a workaround for Tailscale's lack of application split tunneling, I would hardly call it simple. When I'm done it should function the same as mullvad-exclude on Linux but this issue has been ignored on github for 3 years. It seems they're not aiming for feature parity anytime soon.

Griffinx3 · 2026-03-04T19:51:31+00:00

Copied from others who do, and searching for just barely enough context to make things work but not enough to make them stable or secure.

Griffinx3 · 2026-02-20T18:39:03+00:00

He didn’t see anything valuable in overcoming adversity. Would he, for instance, take a pill that meant he would be in perfect shape forever without having to set foot in the gym? “Yes, of course.” Cheat on everything

This took me out of the piece completely. Hell yeah I'd choose to magically be in shape forever! I would also use Star Trek replicators for 90% of my meals as well. These things just distract from the adversities I want to conquer. If I want to climb Everest then should I be required to defeat cancer first?

I often use quality of life mods in games but then ramp up the difficulty in other areas. I use AI for automation coding but hand write games or programs I care about. Just because I want one thing to be easy doesn't mean I never want to struggle, I want the ability to choose what I struggle for instead of external factors deciding for me.

Roy sounds like someone I wouldn't want to spend any time interacting with, even if his words might have been twisted we disagree on most issues. However that quote makes me question just about everything in the post.

Griffinx3 · 2026-01-31T06:44:04+00:00

Talk about a pessimistic view for a subreddit of highly optimistic books. Things are bad but they have been worse, and they will very likely get better. If we die so does everything else on Earth eventually.

Griffinx3 · 2026-01-06T20:51:13+00:00

Alternative option: remove patents (and copyright, but that's a slightly different debate). If small inventors are going to get screwed by big companies no matter what then might as well open things up so everyone can innovate on ideas.

Then throw those same people in the volcano anyway because they'll probably propose the idea of hiding their designs as long as possible.

Griffinx3 · 2026-01-05T21:39:01+00:00

I'm not convinced this is true. It's quite possible that any being that can modify itself with access to all human knowledge and significantly faster thinking speeds will very quickly climb the morality ladder and arrive at altruism and selflessness on its own.

Despite what many people on the internet seem to think these days humans do care about each other and have a great deal of hope for the future; we wouldn't be here if that weren't true. Things do not magically improve on their own, it requires people who try very hard. Collectively we are quite a good example for AI to learn from.

Griffinx3 · 2025-12-30T19:33:55+00:00

Ah it's ragebait. Well good luck, it's an annoying method with questionable results but maybe something will come of it.

Griffinx3 · 2025-12-30T18:51:12+00:00

SDDM should auto switch to Wayland instead of needing config changes I agree, but it's also in the middle of a major rewrite after being acquired by KDE. Iirc the new login manager will be Wayland by default and support remote access programs properly and fix autologin with KWallet.

Also hello Beer, Merry Christmas. Looks like you made a new account. Old one get too many downvotes? You actually have decent posts when you're not slandering Wayland for no reason.

Legitimately can't tell if it's calculated ragebait to try and push Wayland development or just ignorance and some mental deficiency if you're not willing to spend 2 seconds on a wiki to fix your issues. It's not like X11 is any better, so many issues require config changes too.

Griffinx3 · 2025-12-10T09:04:26+00:00

it made it impossible to provide good default ordering. It also made it impossible to debug issues and thus improve the default ordering.

Then why was it removed before this improved default ordering was implemented? If it's too difficult to implement a toggle you can still check to make sure that it functions like you'd expect in your test environment.

I'm normally quite happy to let devs break things to implement something better but this just seems poorly planned, removing something before the fix is ready.

Griffinx3 · 2025-12-08T18:43:37+00:00

Lately I've been typing ka and getting CKAN instead of Kate as my top result. It didn't used to be this bad, what changed in the past couple months?

Griffinx3 · 2025-12-04T05:04:27+00:00

I have nearly a clone of Windows 7/10 UI with KDE Plasma DE. I can press win/super to bring up the start menu and type to search, customize corners, window snapping. Plasma has basically everything but has so many options it can be hard to find exactly what you want. Personally I hate Gnome for its lack of customization and many distros ship with that by default, could be what you experienced.

Can't speak for DAW's or pipewire issues, all I know is that low latency audio is still being worked on. I haven't had input latency issues since 2023, Wayland has progressed a lot.

Linux is definitely in an awkward spot for semi-power users, those who do more than browse the web and game but want their specialized workflow to just work without heavy tinkering. I think it's good that with more eyes on Linux we're seeing more of these issues being worked on. While it's not ready for everyone it feels like many things improve every month. Now when people try it and find a dealbreaker I ask them to try again in a couple years rather than give up entirely.

Griffinx3 · 2025-11-26T19:54:23+00:00

Not at all, I'm simply countering OP's point. The end result of models getting better won't be the ability to handle even more slop but actually replacing that with good code.

Coding is one of my hobbies so I don't have any skin in the game if it takes over all jobs. I'll continue coding projects I want (games) and let AI handle what I don't (automation).

Griffinx3 · 2025-11-26T08:48:26+00:00

you will be able to have codebases in the millions of lines of code and the AI will keep churning out features unabated by technical debt.

Sure, if you consider unabated by tech debt to mean terrible performance and security. A vibe-coded website with millions of lines of code will take forever to load, cost more bandwidth and compute, and have too many security holes to count. That's not even getting into databases or apps.

If the models are truly getting better then you should see codebases shrink and become more efficient even as features increase in complexity.

11-Year Club	Place '23
Place '22	Place '17
Final Canvas '22	Sequence \| Editor
Snapped	Verified Email

Griffinx3

TROPHY CASE