--- title: "Software and hardware
I use and recommend" date: 2022-09-28 layout: "blog" toc: true --- I use a lot of software, most of it free and open-source. I've tried to use much more, but it didn't always go so well, so I've made a list of the programs I like enough to recommend. Such a list has been on my website for a long time already; this is its official publication. Last updated on 2022-12-05. ## General * [Neovim](https://neovim.io/): A modernized fork of the venerable [Vim](https://www.vim.org/) text editor, which has shaped my brain to the point that I find myself typing its commands in other applications. * [restic](https://restic.net/): Good command-line backup program. You'll need to provide your own storage. * [Syncthing](https://syncthing.net/): Synchronizes folders across devices. Decentralized and easy to set up. * [tinc](https://tinc-vpn.org/): Self-hosted VPN that lets you set up mesh networks. Relies on public-key cryptography to recognize its peers. Can run over TCP or UDP. * [Wireguard](https://www.wireguard.com/): Conceptually similar to tinc, but slightly easier to set up, and integrated into the Linux kernel. Only runs on UDP. ## Desktop * [Arch Linux](https://www.archlinux.org/): The distribution that, for me, delivers the best cost-benefit ratio. I'm not a big fan of [systemd](https://freedesktop.org/wiki/Software/systemd/) or [glibc](https://www.gnu.org/software/libc/), but the fantastic package manager and the huge repositories make Arch Linux unbeatable for working techies' day-to-day computing. * [Alacritty](https://github.com/alacritty/alacritty): Simple, lightning-fast terminal emulator with extra goodies like 24-bit colours and live configuration reloading. * [Anki](https://ankiweb.net/about): Flashcard studying software, with a [big library](https://ankiweb.net/shared/decks/) of community-made decks. Frankly it's not very user-friendly, but it does the job. * [EasyEffects](https://github.com/wwmm/easyeffects): Real-time audio effects on Linux. I use it to tweak my headphones' response according to the awesome [AutoEQ](https://github.com/jaakkopasanen/AutoEq) project's data. * [Firefox](https://www.mozilla.org/en-US/firefox/): Web browsers suck. This ones sucks the least, and is developed by Mozilla, who still seem to care about privacy and security, and who created the [Rust](https://www.rust-lang.org/) language. Firefox has all the necessary modern features, and provides an excellent curated set of add-ons. + [uBlock Origin](https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/): The best adblocker out there. It's free *and* open-source! + [HTTPS Everywhere](https://www.eff.org/https-everywhere): In today's world, this should be included in all browsers. The fact that it's rule-based is unfortunate, but hey, it works. * [i3](https://i3wm.org/): Lightweight window manager. Once you go tiling, you can never go back. * [KeePassXC](https://keepassxc.org/): User-friendly open-source password manager. It stores everything in a local encrypted database file, which is your responsibility to back up and sync. * [KLayout](https://klayout.de/): Open-source chip layout editor, with advanced scripting functionality. I would've liked some more keyboard shortcuts by default, but at least I can make my own. * [pass](https://www.passwordstore.org/): Password manager for techies. It's simple, secure, and extensible. However, I don't think I'll ever understand how to properly manage [GnuPG](https://gnupg.org/) keys, so I gave up and switched to KeePassXC instead. * [Sway](https://swaywm.org/): Another tiling window manager, originally aiming to be a clone of i3 for Wayland. * [Thunderbird](https://www.thunderbird.net/): Email clients suck, just like email itself. This one just sucks less, since it's also made by Mozilla. * [Veusz](https://veusz.github.io/): Fantastic plotting software, and one of the most underrated open-source tools that I know of. It gives beautiful plots, can handle *huge* data files, and, because its files are just plain Python, you can automatically generate plots with a bit of scripting. ## Server * [Alpine Linux](https://alpinelinux.org/): Minimalist distribution powered by [BusyBox](https://www.busybox.net/) and [musl](https://musl.libc.org/). It has a large-enough selection of both cutting-edge and stable packages to be practical. * [acme.sh](https://github.com/acmesh-official/acme.sh): Straightforward tool to manage TLS certificates issued by [Let's Encrypt](https://letsencrypt.org/). * [cgit](https://git.zx2c4.com/cgit/about/): JavaScript-free online Git frontend, perfect for private setups. If you need something more advanced like user accounts, [Gitea](https://gitea.io) is a good choice too. * [Dante](https://www.inet.no/dante/): Server for the SOCKS proxy protocol, which is directly supported by browsers. * [Dovecot](https://dovecot.org/): One of the, if not *the* most popular email IMAP server. And for good reason: it's fast, secure, and a pleasure to set up. * [Hugo](https://gohugo.io/): Powerful static site generator in Go, although it's a bit of a mess in my opinion. * [Jekyll](https://jekyllrb.com/): Another static site generator, in Ruby this time. It's very popular for good reason, and has a wealth of plugins if you need extra features. This is what I'm currently using. * [nginx](https://nginx.org/): Fast, secure and popular HTTP server used by many major websites. * [OpenSMTPD](https://opensmtpd.org/): Email SMTP server by the venerable [OpenBSD](https://www.openbsd.org/) project, and the only one of its kind that nails the setup experience. * [Rspamd](https://www.rspamd.com/): Spam filter for email. I haven't looked into this one much, it has lots of advanced features that I barely understand, but still seems to be the most modern and usable spam filter out there. * [Zola](https://www.getzola.org/): Another static site generator, written in Rust. It's fast, flexible and stays out of your way, making it my go-to recommendation for beginners. ## Android * [LineageOS](https://lineageos.org/): Had enough of vendor-specific crap in Android? This open-source distribution has good hardware support and enough momentum to be the *de facto* standard version of Android for tinkerers. * [microG](https://microg.org/): Takes the Google out of Android by reimplementing proprietary libraries. It works very well; the only problem I've experienced is that push notifications take longer to arrive than usual. Installation is tricky, but they offer a [custom LineageOS](https://lineage.microg.org/) to make it easy. * [AdAway](https://adaway.org/): Effective system-wide adblocker that should work for all your apps. * [Aegis](https://getaegis.app/): Secure open-source 2FA authenticator app. I was pleasantly surprised when it told to me how to get past Microsoft's insistence on using their proprietary 2FA app. * [AnkiDroid](https://f-droid.org/en/packages/com.ichi2.anki/): Good mobile frontend for [Anki](https://ankiweb.net/about). Available for free on F-Droid. * [F-Droid](https://f-droid.org/en/): Like the Google Play Store, but only contains free and open-source apps. * [Insular](https://f-droid.org/en/packages/com.oasisfeng.island.fdroid/): Isolates untrusted apps in an Android Work Profile, so they e.g. can't read your real contacts if you give them contacts permission. ## Hardware * [PC Engines APU2](https://www.pcengines.ch/apu2.htm): x86-based single-board computers designed in Switzerland. A bit pricey, but they're clearly committed to making well-supported long-lasting hardware. Perfect for a server or router at home. * [SoloKeys](https://solokeys.com/): Open-source USB keys for 2FA via the FIDO standards. Their V1 products still work fine, but are effectively unsupported, as they focus their efforts on V2. This is unfortunate, but I can still recommend them. Not many websites support FIDO though... ## Services * [Gandi](https://www.gandi.net/): European domain registrar with the motto "No bullshit since 1999". They provide an honest, high-quality service at a competitive price. This statement is not sponsored. * [Let's Encrypt](https://letsencrypt.org/): Provides free TLS encryption certificates to anybody who asks politely, thereby making online security more accessible for small sites like this one.