You’re right, the tap water isn’t completely sterile and still has some contaminants but it’s nothing to be super concerned about if you’re not regularly shitting yourself after drinking tap water everything is fine

You definitely want some contamination in the form of minerals as they give your water its taste. You can buy a fairly cheap “TDS” meter online which will show you the Total Dissolved Solids. This won’t give you a complete picture of what’s there but will let you know if your water is more or less "minerally " ( I.e soft or hard )

Outside of that you can look into getting an ICP test which will give you a break down of the exact minerals in your water, depending on the brand they may also test for bacteria but most don’t. The ICP still won’t pick up on other contamination like PFAS but they’re incredibly difficult to remove anyway so it’s best not to think about them…

You can also look into installing an RO-DI system which will filter out minerals and other organic compounds like ammonia etc but it won’t do anything for bacteria or PFAS. You shouldn’t regularly drink de-ionised water though as it strips the minerals out of your body ( like the calcium from your bones ) so you’d have to re-mineralise it.

Your water is totally fine and safe, don’t overthink it!

I appreciate you taking the time to implement this and answering some questions! I have a follow up question- What’s the benefit of using asymmetric encryption here? You’re not signing the message ( you probably should imo ) and you don’t appear to support sharing encrypted notes ( i.e a user provides one or more additional public keys that a note is encrypted for ). You’re basically doing symmetric encryption with the pain of key management

It’d be simpler ( from a user and code perspective )to use symmetric encryption ( something like aes-256-gcm or ChaCha20-Poly1305 for example ) and use key wrapping to avoid encrypting user data directly and you’d have stronger crypto as a result

You’re right that PGP is a valid encryption method but it’s not very popular in the modern day because it’s very hard to get right. Latacora has a great post on the PGP Problemand the Soatok blogs that u/litchralee linked are well worth a read too

I believe us-east-1 is the default region so it’s probably a case of devs not changing their region unless they need to.

Also, 1000s of companies use AWS. In issue in any of their regions is likely to have significant impact on internet services

I used to run PFSense ( pretty much the same as Opensense ) and really liked it but moved over to Ubiquity in the last year or so. Here’s my 2 cents…

Go with Ubiquity if you want a single unified interface for managing all your devices. You’ll have “soft vendor lock in”, their kit will work just fine with a mix of hardware but it’s best if everything is Ubiquity

Go with Opensense if you want complete flexibility in the kit you’re using. I feel likeI had more fine grained control with PFSense than I do with Ubiquity but I think that’s a symptom of how the UI/UX rather than the features

You can do the same stuff with both options. I’m very happy with my Ubiquity set up, I don’t see myself changing anything anytime soon