I just want S3. My needs are pretty basic. I don't need to scale out. I don't need replication. I just need something that can do S3 and is reliable and not slow.<\/p>\n
Minio is dead, they pulled the plug after axing the interface. They archived<\/a> the repo so they can chase AI industry dollars because those folks have heavily utilized Minio. Good for them, but I always wrote them off after pointing out a bug their tests weren't catching because they were mocking responses, not actually testing the code, and they shrugged it off. (deletes were broken at one point)<\/p>\n Garage<\/a> is new and interesting being built in Rust, but last I tried (6 months ago?) it was also unnecessarily complex. It's very young, development was paused for a while (funding), and was missing a couple normal S3 features I wanted last I checked. Maybe it's better now. Still feels too heavy.<\/p>\n SeaweedFS<\/a> is honestly super cool. I like their approach and how they added layers on it so they can do things like support WebDAV. I don't know what's wrong, but I run it with a master and volume node, it's slow. I switch to the new weed mini<\/tt> approach -- still slow. I'm storing a couple GBs of normal files in here, it's nothing fancy, but even on my own LAN I try to download a file and it chugs and chugs -- starts downloading at maybe a few hundred KB\/s, eventually ramps up to ~10mbit\/s. I don't know why. It's on my LAN<\/em>, why isn't it instant?<\/p>\n CEPH<\/a> is a monster. It's huge. We have it at work. Way more complex than I need, but if you really wanted to build something that can compete with Amazon's S3 you probably want CEPH. SeaweedFS is close to being capable as well...<\/p>\n Versity GW<\/a> -- oh bless you, Reddit commenter, for bringing this one up in a thread about benchmarking S3 backend performance. Nobody seems to know it exists except... Sandia National Labs, Los Alamos National Lab, the military, bunch of universities...!<\/p>\n I don't know what the main use case is for Versity. It can proxy to other S3 backends so you don't have to expose auth or can provide a custom auth layer. Does it do read-through caching? Don't know, didn't check. Can you have some local buckets and some that are proxied? Don't know, didn't check.<\/p>\n But what it can do is just use the local filesystem for S3 storage and that's good enough for me. And I get a web interface to manage it all, it can do anonymous\/public read buckets and handles policies. Interesting is that it uses xattrs for storing metadata of the objects.<\/p>\n So I drop this in, rclone my data over, do some testing, and I get lightning fast performance on my LAN like I expect -- line rate downloads! Finally, sanity is restored.<\/p>\n Now I just wait to replace this with a true ZFS native object storage that someone is working on...<\/p>\n Didn't know about the following until after I deployed Versity, but here are some notes:<\/p>\n RustFS<\/a> is a newer contender also written in Rust. Also seems heavier than I need. Benchmarks show it's faster than Minio (also POSIX fs backed), they claim 100% S3 compatibility which is impressive if true. "Development began in December 2023, and we officially launched as an open-source project on July 2, 2025." and "users can now migrate from MinIO to RustFS through direct binary replacement." Have not evaluated it yet, not thrilled with adding more Rust to my environment as the compile times are so long and it's not in FreeBSD ports, so I'd have to port it myself. Its usage of the filesystem instead of packing the objects into a custom data format means it would be less performant for small objects, but I want regular fs backed anyway. Give it entire disks\/filesystems and it can distribute the data across them, repair\/heal when replacing broken disks. Neat!<\/p>\n rclone<\/a> has the ability to act as an S3 server, but that's not its main purpose and I'm hesitant to rely on it. I knew about this, but wrote it off. If I had to guess I'd say the server is mostly implemented to make it easier for them to test their client.<\/p>\n filestash<\/a> seems like a nice all-in-one that I should look into. "It started as a storage agnostic Dropbox-like file manager that works with every storage protocol: FTP, SFTP, S3, SMB, WebDAV, IPFS, and about 20 more."<\/p>\n Zenko CloudServer<\/a> is another I've never heard of. Written in NodeJS, so enjoy your single threaded event loop...<\/p>\n Supabase Storage<\/a> is also NodeJS, but stores metadata in Postgres. Authorization is handled with Postgres Row Level Security. Interesting concept.<\/p>\n<\/div>\n","category":[{"@attributes":{"term":"tech"}},{"@attributes":{"term":"s3"}},{"@attributes":{"term":"object"}},{"@attributes":{"term":"minio"}},{"@attributes":{"term":"seaweedfs"}},{"@attributes":{"term":"garage"}},{"@attributes":{"term":"versity"}}]},{"title":"Iran Would Already Have A Nuke","link":{"@attributes":{"href":"https:\/\/blog.feld.me\/posts\/2026\/04\/iran-would-already-have-a-nuke\/","rel":"alternate"}},"published":"2026-04-10T16:00:51-07:00","updated":"2026-04-10T17:10:07-07:00","author":{"name":"feld"},"id":"tag:blog.feld.me,2026-04-10:\/posts\/2026\/04\/iran-would-already-have-a-nuke\/","summary":" 1984: West German intelligence sources claim that Iran\u2019s production of a bomb "is entering its final stages." US Senator Alan Cranston claims Iran is seven years away from making a weapon. (Iranian nuclear specialists had no knowledge of how to enrich uranium and had no technology with which to \u2026<\/p>","content":" 1984: West German intelligence sources claim that Iran\u2019s production of a bomb "is entering its final stages." US Senator Alan Cranston claims Iran is seven years away from making a weapon. (Iranian nuclear specialists had no knowledge of how to enrich uranium and had no technology with which to do it.)<\/p>\n 1987: Iraq targeted Iranian civilians with chemical weapons. Iranian Prime Minister Mir Hossein Mousavi said in a late December 1987 speech that Iran "is capable of manufacturing chemical weapons" and added that a "special section" had been set up for "offensive chemical weapons." Mousavi refrained from saying that Iran actually had chemical weapons, and he hinted that Iran was constrained by religious considerations.<\/strong> Rafighdoost recalls Khomeini asking rhetorically, "If we produce chemical weapons, what is the difference between me and Saddam?". The supreme leader was unmoved by the new danger presented by the Iraqi gas attacks on civilians. "It doesn\u2019t matter whether it is on the battlefield or in cities; we are against this," he told Rafighdoost. "It is haram [forbidden] to produce such weapons. You are only allowed to produce protection." A few days after Mousavi\u2019s speech, a report in the London daily the Independent referred to a Khomeini fatwa against chemical weapons. Former Iranian nuclear negotiator Seyed Hossein Mousavian, now a research scholar at Princeton University, confirmed [for this article] that Khomeini\u2019s fatwa against chemical and nuclear weapons, which accounted for the prime minister\u2019s extraordinary statement, was indeed conveyed in the meeting with Rafighdoost.<\/p>\n 1992: Israeli parliamentarian Benjamin Netanyahu tells the Knesset that Iran is 3 to 5 years from being able to produce a nuclear weapon.<\/p>\n 1995: The New York Times reports that US and Israeli officials fear "Iran is much closer to producing nuclear weapons than previously thought" \u2013 less than five years away. Netanyahu claims the time frame is three to five years.<\/p>\n 1996: Israeli Prime Minister Shimon Peres claims Iran will have nuclear weapons in four years.<\/p>\n 1998: Former Secretary of Defense Donald Rumsfeld claims Iran could build an ICBM capable of reaching the US within five years.<\/p>\n 1999: An Israeli military official claims that Iran will have a nuclear weapon within five years.<\/p>\n 2001: The Israeli Minister of Defence claims that Iran will be ready to launch a nuclear weapon in less than four years.<\/p>\n 2002: The CIA warns that the danger of nuclear weapons from Iran is higher than during the Cold War, because its missile capability has grown more quickly than expected since 2000 \u2013 putting it on par with North Korea.<\/p>\n 2003: A high-ranking Israeli military officer tells the Knesset that Iran will have the bomb by 2005 \u2014 17 months away.<\/p>\n 2004: Iran began publicizing Khamenei\u2019s fatwa against nuclear weapons.<\/p>\n 2006: A State Department official claims that Iran may be capable of building a nuclear weapon in 16 days.<\/p>\n 2007: U.S. National Intelligence Estimate assessed that Iran had halted its nuclear weapons program in 2003.<\/p>\n 2008: An Israeli general tells the Cabinet that Iran is "half-way" to enriching enough uranium to build a nuclear weapon and will have a working weapon no later than the end of 2010.<\/p>\n 2009: U.S. President Barack Obama revealed the existence of an underground enrichment facility in Fordow, near Qom. Israeli Defense Minister Ehud Barak estimates that Iran is 6-18 months away from building an operative nuclear weapon.<\/p>\n 2010: Israeli decision-makers believe that Iran is at most 1-3 years away from being able to assemble a nuclear weapon.<\/p>\n 2011: An IAEA report indicates that Iran could build a nuclear weapon within months.<\/p>\n 2012: Secretary of State John Kerry: "The fatwa issued by a cleric is an extremely powerful statement about intent," but then added, "It is our need to codify it."<\/p>\n 2013: Israeli intelligence officials claim that Iran could have the bomb by 2015 or 2016. Joint Comprehensive Plan of Action (JCPOA, "Iran Nuclear Deal") talks begin.<\/p>\n 2016: Iran Nuclear Deal is agreed to.<\/p>\n 2018: President Trump withdraws from the Iran Nuclear Deal.<\/p>\n 2018-2022: The Iran Watch<\/a> project documents "violations" of the 2015 accord which did not even exist anymore.<\/p>\n March 2025: At a Senate hearing, Gabbard said the intelligence community "continues to assess that Iran is not building a nuclear weapon and Supreme Leader Khamenei has not authorized the nuclear weapons program that he suspended in 2003."<\/strong><\/p>\n June 2025: President Donald Trump said Iran was "weeks away" from having a nuclear bomb. The United States Air Force and Navy attacked three nuclear facilities in Iran as part of the Twelve-Day War, under the code name Operation Midnight Hammer.<\/p>\n July 2025: A Pentagon assessment found that Iran's nuclear program was likely set back around 2 years.<\/p>\n March 2026: Israel starts a war with Iran, drags the United States into it.<\/p>\n We're either gullible or Iranians are too stupid to build a nuclear weapon and it just keeps slipping through their fingers. Which one do you think it is?<\/p>\n","category":[{"@attributes":{"term":"politics"}},{"@attributes":{"term":"iran"}},{"@attributes":{"term":"nuclear"}}]},{"title":"Immich: Ending The Blood Pact With iCloud Photos","link":{"@attributes":{"href":"https:\/\/blog.feld.me\/posts\/2026\/04\/immich-ending-blood-pact-with-icloud-photos\/","rel":"alternate"}},"published":"2026-04-06T10:16:42-07:00","updated":"2026-04-06T11:29:27-07:00","author":{"name":"feld"},"id":"tag:blog.feld.me,2026-04-06:\/posts\/2026\/04\/immich-ending-blood-pact-with-icloud-photos\/","summary":" This poor guy<\/a>\nwrote about his frustrations escaping iCloud Photos. I went down this\npath last year and it was annoying. You can't just trust the copies of\nphotos on your device because they might not be the original\/full\nversion, and forcing them to all download might not work \u2026<\/p>","content":" This poor guy<\/a>\nwrote about his frustrations escaping iCloud Photos. I went down this\npath last year and it was annoying. You can't just trust the copies of\nphotos on your device because they might not be the original\/full\nversion, and forcing them to all download might not work as expected.\nI was running into duplicates, missing files (my local count didn't\nactually match the official Library count), etc.<\/p>\n Go to privacy.apple.com<\/a>. Request\na copy of your iCloud Photos data. Be patient.<\/p>\n You will get an email when it's ready, and then you'll have a webpage\nwhere they have links to download your entire iCloud Photos library as archive\nfiles of a few gigabytes each.<\/p>\n Congrats, you escaped with your data.<\/p>\n<\/div>\n If you want your own hosted photos service, you probably want Immich<\/a>. Install that, you'll get all the modern\nfeatures you expect from an image hosting service.<\/p>\n<\/div>\n There's a tool for this, and it specifically supports these iCloud\nPhotos backup archives! The tool is called immich-go<\/a>. There's a helpful iCloud\nimport guide<\/a>\nwhich you can follow. It's fast and worked great for me.<\/p>\n<\/div>\n","category":[{"@attributes":{"term":"tech"}},{"@attributes":{"term":"icloud"}},{"@attributes":{"term":"apple"}},{"@attributes":{"term":"immich"}}]},{"title":"Blocking Traffic to Docker Containers","link":{"@attributes":{"href":"https:\/\/blog.feld.me\/posts\/2026\/03\/blocking-traffic-docker\/","rel":"alternate"}},"published":"2026-03-27T13:07:03-07:00","updated":"2026-03-27T13:24:00-07:00","author":{"name":"feld"},"id":"tag:blog.feld.me,2026-03-27:\/posts\/2026\/03\/blocking-traffic-docker\/","summary":" I had an issue the other day where a VPS hosting services with Docker was being hammered by a scraper and I wanted to block the IPs of this traffic to reduce the load on the server. Running Linux\/Docker is not my preferred platform, but I'm not that rusty \u2026<\/p>","content":" I had an issue the other day where a VPS hosting services with Docker was being hammered by a scraper and I wanted to block the IPs of this traffic to reduce the load on the server. Running Linux\/Docker is not my preferred platform, but I'm not that rusty when it comes to Linux or so I thought...<\/p>\n First try: add a rule to the That makes sense, it's host traffic. I know we need forwarding enabled for Docker though...<\/p>\n Second try: add a rule to the Alright, I guess since there's some NAT involved and whatnot maybe it needs something else. Documentation says there's a specific chain for this...<\/p>\n Third try: add a rule to the What the heck is going on?<\/p>\n Digging, digging digging... somehow Put that in I have a Windows 11 gaming PC and was struggling to get my PS5 DualSense controller to show up and pair correctly with Bluetooth. I tried resetting the controller, etc etc but it would never show up. I had plugged it in via USB-C before, so the controller was known \u2026<\/p>","content":" I have a Windows 11 gaming PC and was struggling to get my PS5 DualSense controller to show up and pair correctly with Bluetooth. I tried resetting the controller, etc etc but it would never show up. I had plugged it in via USB-C before, so the controller was known at least as a USB device and that perhaps could be part of the problem. Dunno for certain.<\/p>\n\nThe Versity S3 Gateway currently supports generic POSIX file backend storage and Versity\u2019s ScoutFS filesystem.<\/blockquote>\n
Late Contenders<\/h2>\n<\/a>
![\"Imaginary](\"\/static\/iran\/iran_nuclear.png\")
\n\n
\nGet Your Files<\/h2>\n<\/a>
Immich<\/h2>\n<\/a>
Importing data<\/h2>\n<\/a>
INPUT<\/code> chain of iptables [failure]<\/p>\nFORWARD<\/code> chain of iptables [failure]<\/p>\nDOCKER-USER<\/code> chain of iptables [failure]<\/p>\ndocker-proxy<\/code> is bypassing iptables completely. I get that there are network namespaces, but this makes no sense to me. How do you control the iptables rules for another namespace? Is that a thing? In FreeBSD we'd have VNET and separate firewalls completely for them. Apparently the fix is to disable the userland proxy in Docker. This has some potential drawbacks (go look them up), but for most people it's probably fine. This is not the same thing as running with "host" networking in Docker.<\/p>\n<\/span>{<\/span>\n <\/span>"userland-proxy"<\/span>:<\/span> <\/span>false<\/span>\n}<\/span>\n<\/pre><\/div>\n\/etc\/docker\/daemon.json<\/code>, restart dockerd<\/code> and now the DROP rule will work when placed in the DOCKER-USER<\/code> chain.<\/p>\n","category":[{"@attributes":{"term":"tech"}},{"@attributes":{"term":"docker"}},{"@attributes":{"term":"firewall"}}]},{"title":"Pairing A PS5 DualSense Controller On Windows 11","link":{"@attributes":{"href":"https:\/\/blog.feld.me\/posts\/2026\/03\/pairing-ps5-dualsense-bluetooth-windows\/","rel":"alternate"}},"published":"2026-03-25T18:49:11-07:00","updated":"2026-03-25T18:57:28-07:00","author":{"name":"feld"},"id":"tag:blog.feld.me,2026-03-25:\/posts\/2026\/03\/pairing-ps5-dualsense-bluetooth-windows\/","summary":"