Huh - you’re right. I went back to Signal’s X3DH spec because I was sure I was right, but it seems I misremembered how the “prekey bundles” work: Users publish these to the server, allowing (in my original assumption) for the server to just swap them out for a server/attacker-controlled key bundle for each Alice and Bob.
However, when Alice wants to send Bob an initial message and she gets a forged prekey bundle, Bob will simply not be able to derive the same key and communication will fail, because Bob knows what his SPK private key is, while the server only knows the public key.
A compromised server would allow the server to man-in-the-middle all new connections (as in, if Alice and Bob have never talked to each other before, the Server/Eva can MITM the x3dh key exchange and all subsequent communication). That’s why verifying your contact’s signatures out-of-band is so important.
(And if you did verify signatures in this case, then the issue would immediately be apparent, yes.)
Edit: I was wrong. See below.
It’s a very steep curve to start, with some additional minor steep parts along the way, but it’s not a long curve. Once you got the core concepts and the basic language constructs, you’ve learned most of what you’ll ever need.
Two nice resources: search.nixos.org is super handy, and you can search GitHub with language:nix and a search term to get tons of examples from other people.
Oh, and nix and just is actually a pretty common combo!
Yep, exactly.
To be fair, if you use Debian, Arch, Fedora,… long enough, you also know how to tweak your machine for every purpose. In Nix, it’s just somewhat of a self-fulfilling prophecy, because you have to know how to tweak your system to achieve… anything, and then it’s the same tweaking mechanics for every other purpose as well.
My Steam Deck also runs NixOS.
Because this way I can much more comfortably configure it, plus everything game related I automated through nix for my Desktop (e.g. mod installs, reShade config,…) immediately and without any extra steps also applies to the Steam Deck.
Yes. Everything is NixOS. Because it’s perfect for everything.
Not to dimish your work at all, but: the Sonarr upgrades absolutely do work.
Ah, too bad. IMO better clients would make it drastically easier to convince people to switch.
Hm, I can create groups (also with muc), and the other members are added, but writing a message triggers “x left the group” for everyone. Dunno. Probably something trivial I overlooked. But honestly… Weather is too good today to be bothered 😄
Ah, I already had a TURN/STUN coturn server set up for matrix and jitsi, so it was just a matter of telling prosody about that. So I cheated a little I guess 😄 Here is my full config for that, in the unlikely event that you’re using NixOS.
Very cool!
Re: the backup / restore of state in NixOS: I found myself writing the same things over and over again for each VM/service, so finally wrote this wrapper module (in action e.g. here for Jellyfin), which confgures both the backup services and timers, as well as adding a simple rsync-restore-jellyfin command to the system packages. In case you find this useful and don’t already have your own abstractions, or a sufficiently different use case 😄
Nice, same! Was also really positively surprised by how great the Android app(s) for XMPP feel.
Only thing not working yet for me is group chat creation. Oh well. Maybe this weekend.
On the other hand though, voice and video calls have worked flawlessly.
Awesome! And good job, looks great!
Why are there no screenshots in the README.
Yes I know I can just install the app, but for an app that primarily seems to define itself by its UI improvements over the established competitor, the screenshots are the deciding factor in the question “Should I download and install this?”, and no screenshots defaults to “no”.
Interesting discussion on this from yesterday on the NixOS forums:
https://discourse.nixos.org/t/compliance-with-u-s-age-verification-laws/75791
Yeah the UX for setting it up was not great. Conversely though, the UX for using it has been fantastic so far. My biggest concern was that the clients would feel dated (on Android esp), but no, they’re surprisingly polished!
Oh no! And just when I finally got around to setting up an XMPP server, too!
Please tell me this is a satirical nod towards Honey & Co.
So do they
Here’s the email I got from them:
Dear xxx,
This mail is to inform you about an unfortunate, but necessary price change that we must make.
There have been drastic price increases in various areas in the IT branch recently. That is why, unfortunately, we must also increase the prices of our products.
The costs to operate our infrastructure and to buy new hardware have both increased dramatically. Therefore, our price adjustment will affect both your existing products and new orders.
The underlying causes of the increased costs are, among others, the exploding demand for AI-related computing power and for cloud services. In addition, raw material prices and production costs have also generally risen for manufacturers. The costs for RAM and SSDs especially have risen by a large amount. For example, the cost for DRAM memory has increased up to 500% since September 2025. And according to market researchers like TrendForce, this price trend will continue throughout the year.
We have genuinely tried hard to optimize our costs and to prevent increasing our prices for as long as possible. But we can no longer compensate for the strain that it has placed on our operations. We want to continue to deliver quality products that meet both our standards and your expectations, so we must take this step.
The price changes will take effect on 1 April 2026 for both new orders and existing products. For orders placed before 1 April 2026, but delivered after 1 April 2026, the adjusted prices will apply.
The following existing products, listed under the customer number specified in the subject line, are affected by the price increase as follows.
Product previous price New price as of 1 April 2026 Server Auction € 43.56 € 44.87 all prices incl. 21% vat
We know that price changes are always a challenge for everyone. However, we believe that our products’ prices and conditions still have a competitive price-to-performance ratio.
We have prepared a list of all new prices for you on Hetzner Docs at https://docs.hetzner.com/general/infrastructure-and-availability/price-adjustment. Starting on 1 April 2026, the new prices will also be on our website.
If you do not wish to continue your contract, you can cancel the products within the regular cancellation periods via your administration interface.
We hope that you will be able to understand and accept our decision, and that we are sorry that we have to change our prices.
If you have any questions, we will be happy to help. Please log onto your account and go to “Support” in the menu and create a support request.
Kind regards,
Hetzner Online
