Pi-hole does have a feature where you can temporarily disable it for exceptional cases like that. You could have used that instead of uninstalling it altogether.
The issue is that I did not discover the problem until it was already too late. Then I asked myself is DNS level filtering even useful for me? A traditional browser based adblocker already does the job. Pihole does not block ads YouTube.
The quality of life improvement of having pihole was minimum. I would rather just use cloudflare or google's DNS. What value prop pihole provides I have no idea. I think that is what I feel about many if not all privacy focused tooling this way.
Privacy tooling often is devoid of common human nature which is get shit done without making a religion out of it. Good tools are not configurable or dynamic, they just serve a purpose. A hammer or a toaster over...these are good tools. The issue with privacy tools is more about the movement and mission aspect of it.
I underestimated how prolific the idea of tracker - first engineering. Tracking (by the defintion of privacy advocate) is inherent in many if not most system. The privacy preaching that I have been subject to made me believe that privacy is a one button tool.
Whether open source or privacy, I feel like has very little net utility when you offset it by convenience or consequences. You can pay for YouTube premium or you can update the sideloaded app every other week.
I haven't read through the entire thing yet, but looks conceptually similar to Zenstack (https://zenstack.dev) with the auth plugin and auto-generated APIs, so I'd be interested in a comparison with that.
Fwiw, I went down the path of trying to do something similar with Drizzle and gave up since it was in such a state of flux (this was last year). There are (were) a ton of edge cases around trying to add automatic filters to queries to the point that it was hard to justify not just rolling my own ORM.
- How does authz work? Can I use Postgres RLS? If not, how would you address row or column-level permissions in a system that uses this?
- If you're using logical replication to sync with PG, is there a limit to the number of clients you can have connected? I see there is a lot of work around de-duping live queries, but how well does that work in practice?
- Any thought to making an extension for Postgres? My main hesitation right now is that I have to go through an NPM package to use this but a lot of our tooling expects a plain Postgres connection.
- REALLY looking forward to seeing how the schema migration story looks.
Overall, it seems to address most of the use-cases where I'd reach for an ORM or API server so I'm really interested to see where this could go.
Thanks for reading through and for these questions. I'll take them in their order:
---
Auth / RLS
Yes — LinkedQL works with Postgres Row-Level Security. Each LinkedQL connection is equivalent to a regular DB connection (e.g., new LinkedQLClient(connectionInfo) is like new pg.Client(connectionInfo)). There’s no new permission model to maintain — the DB remains the enforcement point.
Live queries always execute under the same authenticated role you provided, so RLS policies apply on every refresh or incremental update. LinkedQL never uses a “superuser” backend that could widen visibility.
--
Replication limits & scaling
Right now, each database connection supports one logical replication slot. LinkedQL dedupes overlapping live queries on top of it — so 1,000 clients watching the same underlying SELECT only cost the DB one change stream.
We plan to support a distributed architecture as well — multiple instances of the live query engine coordinating load for high-traffic deployments.
---
Why an npm package (and future extension)
Right now LinkedQL plugs directly into JavaScript apps, matching how many teams already query Postgres from frontend or backend code.
We definitely have a Postgres extension in the roadmap for your exact use case – tighter operational integration.
---
Schema migration story
This is also one I’m personally excited about. We previously had an automatic schema versioning layer in the earlier LinkedQL prototype:
The goal in the current version is a cleaner rewrite of that whole feature. So, migration support is returning – with everything we learned in the previous baked in.
For example, while the previous implementation of the diff-based migration feature spoke JSON for schema declarations, we plan to let that be pure SQL – yet, diff-based.
---
Thanks again for the thoughtful look!
We can zoom into any other area of your choice.
Yep, I've had mine running for over a year now without issue. It idles at 34w with all 4 drives running. I ended up making a custom "case" for it: https://github.com/cbsmith402/storage-loaf
I haven't used Codex, but my process is the same with Claude Code as if I'm writing the code: branch off of main, tell it to write code. If I like it, commit the code. If I don't, revert the code, then tell it I reverted the code and it should do something different.
I commit on the branch about as often as I did when writing code manually: before I'm about to do something big or try something that might break other things.
I'll push the metaphor a bit: I think the point is that if you have a fleet of vehicles you want to fuel, go ahead and get a fuel truck and bite off on that expense. However, if you only have 1 or 2, a couple of jerry cans you probably already have + a pickup truck is probably sufficient.
This argument is always kind of silly to me. You really think they'd use a weapon of mass destruction just to take out a few people they don't like? On their home soil? I mean, I find myself being surprised by Trump daily, but still... It's far more likely that they'd use more surgical means, like the ICE raids, to root out people they don't like. In that case, I'd say being armed would make at least somewhat of a difference, or at least give pause.
Some guys with AK-47s kept the world's most powerful military pretty busy for 20 years, so I wouldn't underestimate the value of a few rifles against authoritarianism.
Do you think they’d bother shooting anyone themselves?
Either of these situations are going to be stochastic and with difficult attribution.
And don’t forget - they want a degree of unhinged shooting back, it feeds the authoritarian tendencies and ‘justifies’ the increasingly unhinged violent responses.
As someone who has been in the market for something like this, can I ask why it's a monthly subscription? I don't think I would be generating a new brand identity every month so it would make more sense to me to pay a one-time fee for x number of iterations. I have a little subscription fatigue so I'd actually pay a bit more to not have to remember to cancel it.
reply