mlaga97

If the actual error rate were anywhere near that high, modern enterprise hard drives wouldn’t be usable as a storage medium at all.

A 65% filled array of 10x20TB drives would average at least 1 bit failure on every single scrub (which is full read of all data present in the array), but that doesn’t actually happen with any real degree of regularity.

I think it’s worth pointing out that this article is 11 years old, so that 1TB rule-of-thumb probably probably needs to be adjusted for modern disks.

If you have 2 full backups (18TB drives being more than sufficient) of the array, especially if one of those is offsite, then I’d say you’re really not at a high enough risk of losing data during a rebuild to justify proactively rebuilding the array until you have at least 2 or more disks to add.

Stop using a rolling release distro for something that you actually rely on day-to-day.

If you are dead set on a specifically certificate-backed access control scheme, a VPN with the ability to use the hardware-backed certificate store (such as OpenVPN) is likely easier to set up as it is better supported on mobile devices and doesn’t require application-level support (i.e. everything is protected, not just the apps w/ mTLS support)

https://openvpn.net/faq/how-do-i-use-a-client-certificate-and-private-key-from-the-android-keychain/