Bitwarden keeps working just fine.

This is the way.

There is no definitive roadmap.

How do you not do that? It’s all in your local network, how would it not work offline…?

I’m waiting to see how DeepComputing’s RISC-V mainboard for the Framework turns out. I’m aware that this is very much a development platform and far from an actual end-user product, but if the price is right, I might jump in to experiment.

What I mean by that is that they will take a huge disservice to their customers over a slight financial inconvenience (packaging and validating an existing fix for different CPU series with the same architecture).

I don’t classify fixing critical vulnerabilities from products as recent as the last decade as “goodwill”, that’s just what I’d expect to receive as a customer: a working product with no known vulnerabilities left open. I could’ve bought a Ryzen 3000 CPU (maybe as part of cheap office PCs or whatever) a few days ago, only to now know they have this severe vulnerability with the label WONTFIX on it. And even if I bought it 5 years ago: a fix exists, port it over!

I know some people say it’s not that critical of a bug because an attacker needs kernel access, but it’s a convenient part of a vulnerability chain for an attacker that once exploited is almost impossible to detect and remove.

That’s so stupid, also because they have fixes for Zen and Zen 2 based Epyc CPUs available.

Intel vs. AMD isn’t “bad guys” vs. “good guys”. Either company will take every opportunity to screw their customers over. Sure, “don’t buy Intel” holds true for 13th and 14th gen Core CPUs specifically, but other than that it’s more of a pick your poison.

Temporarily connect the new drives via USB enclosures and clone the data via ZFS snapshots.

BorgBase allows for append-only backups.

Is your typical noise floor even under 20 dB? HDDs are also a lot louder than 5-10 dB, and manufacturers usually list dBA in their spec sheets, not dB.

I was gonna suggest the same.

Just always keep in mind that you might not be home and that this might not be your priority in the heat of the moment (no pun intended).

Today’s CPUs usually expose some USB connections directly. Ryzen 7000 desktop CPUs expose 4 USB 3.2 Gen 2 directly on their on-package I/O die for example. So if you connect your USB drives directly to the ports your mainboard connects directly to the CPU, the chipset (“southbridge”) and any third-party USB controllers are out of the equation.

This is just information, I’m not advising to use USB for fixed storage.

“ASRock” and “ASRock Rack” are two different series of motherboards.

Here’s the QVL of one of their AM5 mainboards: https://www.asrockrack.com/general/productdetail.asp?Model=B650D4U-2L2T/BCM#Memory - it doesn’t limit these modules to specific CPUs. All CPUs with ECC compatibility also support these modules on this mainboard. Some of these Rack boards are over a year old, and they always had some ECC modules on their QVL. This - again - isn’t EPYC 4004 specific, they couldn’t have validated it with EPYC 4004 CPUs a year ago. In fact, their CPU support list doesn’t even list EPYC 4004 CPUs as of today, as they haven’t released a BIOS update adding (official) compatibility in for these CPUs (it will probably be released shortly though).

ASRock Rack AM4 mainboards also officially support ECC memory. So if you wanted verified ECC support on a comparatively cheap AMD platform you could’ve always gone for one of these boards with a regular Ryzen CPU (not an APU). The boards are a bit on the expensive side but if you want official support (for whatever reason you’d need that in a homelab environment) you can get it.

The server/workstation focused ASRock Rack AM5 mainboards list plenty of ECC modules in their QVL. The “gaming-focused” ASUS B650E-E I’m using even has two ECC modules listed in its QVL.

So you could’ve already gotten verified ECC support, the fact that the same CPUs now exist with a different (EPYC) branding doesn’t change that. Finding these mainboards isn’t particularly tricky either.

Could’ve just gotten a Ryzen then. These Epycs are essentially relabeled Ryzen CPUs.

Many boards support ECC even when not mentioned. Most ASUS and ASRock boards do for example.

PCIe is back- and forwards-compatible, so even an RTX 4090 would in theory work in a PCIe 2.0 x4 slot.

Now, PCIe 2.0 x4 is obviously really slow compared to what most current cards support (PCIe 4.0 x16), but I doubt transcoding is bandwidth sensitive on the PCIe link.

So pick pretty much any card, be wary though that some consumer-focused cards artificially limit the amount of concurrent transcoding sessions they support. Seems like Nvidia is limiting consumer cards to now 8 sessions, which is probably plenty.

Like others said an Intel CPU with iGPU, alternatively the cheapest Intel Arc GPU (A380?) supports the latest spec of Intel QSV as well.

I also recommend a stable/LTS distro like Debian or AlmaLinux (or other RHEL-based distros). Or just keep using Ubuntu Server LTS.

The OS packages being hopelessly outdated doesn’t really matter when you’re running most services inside containers.