towerful
@towerful@programming.dev
- Comment on Why isn't the rest of the world doing anything about the USA? 15 hours ago:
I hear that the US has oil and WMDs
- Comment on YSK - the crazy questions all jobs on usajobs.gov now ask 1 week ago:
Id love to believe this is to weed out the bad applicants.
People that answer “lol, I just want a job” actually get the interviews - Comment on Today's Massive AWS Outage That Took Down Your Favorite Sites Is Still Going On 1 week ago:
Um, akshually it’s a DNS issue not a router issue.
I think.
It looks like a router issue. But it’s always a DNS issue - Comment on Microsoft is making every Windows 11 PC an AI PC 1 week ago:
I installed endeavouros on my windows laptop.
The installer guided me through the partitioning, setting up systemd-boot, and it was all great.
I had to disable bitlocker in windows (not that bothered about) and secure boot in bios (also not that bothered about).Ran smoothly dual booting both for about 4 months.
Then a windows update hit, and fucked the boot.Thankfully, this is a common enough thing that there are plenty of tutorials out there.
A liveUSB of endeavouros, some tinkering, and I was back up and running.The cause seems to be FastBoot, where windows keeps the boot partition mounted. What I think happens is that bios tries to read the boot partition, which is configured/loaded for windows (because it never cleaned up after itself due to FastBoot being on) and boots into windows.
Since turning off FastBoot, I haven’t had any issues in the past 8 months. - Comment on Microsoft is making every Windows 11 PC an AI PC 1 week ago:
Steam took the cap off the toothpaste tube.
Microsoft is giving the toothpaste tube a good squeeze! - Comment on Today's Massive AWS Outage That Took Down Your Favorite Sites Is Still Going On 1 week ago:
Oh look, fediverse is still working.
You can share in the smug grin - Comment on £6 million repaid to workers as Government cracks down on employers underpaying their staff 2 weeks ago:
Is this labour doing an actual labour thing?
- Comment on Those who are hosting on bare metal: What is stopping you from using Containers or VM's? What are you self hosting? 5 weeks ago:
Ah, fair.
- Comment on Those who are hosting on bare metal: What is stopping you from using Containers or VM's? What are you self hosting? 5 weeks ago:
3x minisforums MS-01
- Comment on Those who are hosting on bare metal: What is stopping you from using Containers or VM's? What are you self hosting? 5 weeks ago:
A NAS as bare metal makes sense.
It can then correctly interact with the raw disks.You could pass an entire HBA card through to a VM, but I feel like it should be horses for courses.
Let a storage device be a storage device, and let a hypervisor be a hypervisor. - Comment on Those who are hosting on bare metal: What is stopping you from using Containers or VM's? What are you self hosting? 5 weeks ago:
especially once a service does fail or needs any amount of customization.
A failed service gets killed and restarted. It should then work correctly.
If it fails to recover after being killed, then it’s not a service that’s fully ready for containerisation.
So, either build your recovery process to account for this… or fix it so it can recover.
It’s often why databases are run separately from the service. Databases can recover from this, and the services are stateless - doesn’t matter how many you run or restart.As for customisation, if it isn’t exposed via env vars then it can’t be altered.
If you need something beyond the env vars, then you use that container as a starting point and make your customisation a part of your container build processes via a dockerfile (or equivalent)It’s a bit like saying “chisels are great. But as soon as you need to cut a fillet steak, you need to sharpen a side of the chisel instead of the tip of the chisel”.
It’s using a chisel incorrectly. - Comment on Those who are hosting on bare metal: What is stopping you from using Containers or VM's? What are you self hosting? 5 weeks ago:
I would always run proxmox to set up docker VMs.
I found Talos Linux, which is a dedicated distro for kubernetes. Which aligned with my desire to learn k8s.
It was great. I ran it as bare-metal on a 3 node cluster. I learned a lot, I got my project complete, everything went fine.
I will use Talos Linux again.
However next time, I’m running proxmox with 2 VMs per node - 3 talos control VMs and 3 talos worker VMs.
I imagine running 6 servers with Talos is the way to go. Running them hyperconverged was a massive pain. Separating control plane and data/worker plane (or whatever it is) makes sense - it’s the way k8s is designed.
It wasn’t the hardware that had issues, but various workloads. And being able to restart or wipe a control node or a worker node would’ve made things so much easier.Also, why wouldn’t I run proxmox?
Overhead is minimal, get nice overview, get a nice UI, and I get snapshots and backups - Comment on Those who are hosting on bare metal: What is stopping you from using Containers or VM's? What are you self hosting? 5 weeks ago:
I’ve never installed a package on proxmox.
I’ve BARELY interacted with CLI on proxmox (I have a script that creates a nice Debian VM template, and occasionally having to really kill a VM).What would you install on proxmox?!
- Comment on Today's featured article on Wikipedia: Myst V: End of Ages 1 month ago:
A typo/brainfart
- Comment on Today's featured article on Wikipedia: Myst V: End of Ages 1 month ago:
Myst 6…?
A brainfart/typo
- Comment on Today's featured article on Wikipedia: Myst V: End of Ages 1 month ago:
The remaster of myst 1 is good, the remaster of riven is good.
Must 3-6 felt… Thin. Like, the game was about it being 3d and the tech… Not the puzzles.I feel a true successor to the myst 1 & 2 games is Quern: Undying Thoughts.
Felt like the original premise, but in a modern game engine.Another game that gave me the same hook as Myst is Blue Prince. A rogue lite puzzle game that is amazing.
- Comment on Options for protecting home IP on my self hosted home srver 1 month ago:
In that case, maybe look into proxmox and VMs.
Then run docker inside a VM. Have multiple VMs of docker for different environments (eg a VM for containers that should only use a VPN, another for media server stuff, another for experimenting… Whatever)Learning proxmox (or another hypervisor) is well worthwhile, because the base installer sets things up to just work for virtualization. And VMs are great for learning to run services.
Then you can spin up VMs for isolating environments, and have the benefit of oversight and management tools as well as snapshots. Snapshots means you can take a snapshot, tinker and break things, then roll back to a known good snapshot and try again.I use proxmox on any bare metal before I start setting up VMs for services. Even if it’s just a single VM with the majority of resources allocated to it.
Is proxmox overkill for running a server for some docker containers? Yes.
Does it make things easier? IMO, yes. At least operationally safer/easier. - Comment on Options for protecting home IP on my self hosted home srver 1 month ago:
Imo, only services that require a VPN exit node should use a VPN exit node.
github.com/qdm12/gluetun
Is a well known VPN container that people use, and works with ProtonVPN.I don’t know anything about how to do this, but a cursory search for “gluetun qbitorrent docker” suggests that gluetun gets
network: “host”. Any container that has to use a VPN exit node getsnetwork_mode: “service:gluetun”. Adepends_on: {gluetun details}style option will ensure that any service that should use a VPN exit node will not run unless gluetun is running.Then it’s getting the data out of the qbittorent container into whatever you are using as a media server.
- Comment on Options for protecting home IP on my self hosted home srver 1 month ago:
Ah, gotcha.
So… You generally have to pay a VPN company to get access to their VPN exit nodes, and “hide” in among all the other traffic.
There is nothing you can self-host to do that.ProtonVPN used to be a popular recommendation, however they are slipping out of favour due to behaviour over the last couple of years.
If you are looking for a VPN for anonymity, be careful of “review” articles posted on blogs owned by dodgy VPN providers.
I’m not sure who the “go to” VPN provider is these days.If you rent a VPS (virtual private server) in order to run your own VPN exit node, and the VPS provider gets a letter regarding illegal activity, then your VPS will be deleted.
I don’t know of a VPS provider that will protect customers privacy WRT legal requests (maybe there are, but they will be exceptionally expensive).So everyone pays a VPN provider that doesn’t keep logs in order to hide amongst the herd.
In order to make sure that your file downloading system uses a VPN instead of the default gateway for internet access is a huge field.
So you need to describe exactly the software you want to use the VPN exit node, and how it’s installed.
Because the solution could be host firewall, docker networking, isolated networks… Pretty sure there are many others. - Comment on Options for protecting home IP on my self hosted home srver 1 month ago:
You can’t hide your public IP. It’s public.
I presume your servers sit on your home network, and it’s a basic flat network. And you have a basic home router. And you forward a port on your router to your server that’s running wireguard.
Sound about right?You already use a VPN to access your homelab/home-servers.
So the only ports you are forwarding (presumably) relate to wireguard. So the only accessable ports are secured sensibly (by wireguard, cause thats what it is).So you are already doing everything right.
If you want a fancier router/firewall, then OpnSense or OpenWRT are good options.
But I wouldn’t run everything through your server. Let your server serve. And use a router to do network things.
If you really want to hyperconverge onto a single server like that, then I’d do it inside different VMs (probably running on a proxmox host). Have a VM running OpnSense that only does network and routing. Then VMs for other services.
You’re directly coupling your home internet access to the proxmox host and the VM, tho.
Which is why I prefer using a more embedded/dedicated router appliance (I’m a huge fan of mikrotik stuff, but my home network is TP-Link Omada. Tho I think I’ll move to Unifi) - Comment on What is in for the antivax in a government? 1 month ago:
“God will protect us. He has sent judgement on those unworthy” also contributes. Not directly eugenics, but damn fucking close
- Comment on Larry Ellison overtakes Elon Musk as world’s richest person 1 month ago:
Anyone with more personal wealth than can be spent in a lifetime is exploiting humanity.
If you spend $1k per day to live, that’s $11m over 30 years.
Fuck it, spend $10k per day. Have a family of 5 each spend $10k per day, so $50k PER DAY (that’s probably an average salary).
That’s still less that $200m over 30 years.
Make it 60 years, thats $400m.Anyone with more than $500m is exploiting humanity.
- Comment on "Very dramatic shift" - Linus Tech Tips opens up about the channel's declining viewership 1 month ago:
But if less people are watching the other big channels because the content quality has slipped, then there is less people spending less time on the platform, so less non-subscribers that might be recommended an LTT video.
- Comment on "Very dramatic shift" - Linus Tech Tips opens up about the channel's declining viewership 1 month ago:
Probably doesn’t help that a bunch of the decent channels were bought by private equity and are now churning out boring, safe and uninteresting content.
youtu.be/hJ-rRXWhElI (a yt link, lol).
A brief summary from dailydot.com/…/youtube-channel-private-equity/
Some channels like Donut Media, Veritasium, and Task and Purpose have been acquired publicly. Others, such as Dude Perfect and Coco Melon, have been acquired more privately, with no public disclosure.
Plenty others. A key giveaway is when a channel diverges their risk. When the front man who is the reason you have watched the channel suddenly has co-hosts and large segments from other channels in their regular content.
- Comment on "Very dramatic shift" - Linus Tech Tips opens up about the channel's declining viewership 1 month ago:
Steve and GamersNexus is a gem.
They’ve figured out what viewers want: honesty and transparency. - Comment on Wikipedia is resilient because it is boring 1 month ago:
I would love some of those less exciting times.
May you live in exciting times
Is the worst curse
- Comment on Emoji Recently Added 1 month ago:
🍆
- Comment on U.S. Government Starts Pushing Economic Data Onto Blockchains as 'Proof of Concept' 2 months ago:
Yes. I’m laying on the sarcasm heavily.
I presume that’s what these oracle services provide.
Essentially hosts the us governments GDP NFT, so you can right click and download it just like every NFT crypto bro hates you doing.
Whether its actually the US Government hosting the file, or these oracle services hosting it… It doesn’t matter.Why not just host the files on a government website with appropriate file hashes (so users can verify the file is still the same), let the internet archive and the national archives take a snapshots of the files and pages and hashes etc… ? That’s a well regarded site archival system, and the governmental archival system. Has redundancy, pedigree and public acceptance.
Fuck it, publish just the hash on some block chains so the “fingerprint” of the report is immutable. But call it what it is.The report isn’t “published on the Blockchain”.
It is linked from some blockchains.
There is still a file hosted by some servers.
You can’t download your favourite blockchain, take it to the top of Mount Rushmore with no internet and inspect the US GDP figures without first downloading the file linked in the block chain.Blockchain oracles are entities that connect blockchains to external systems, allowing smart contracts to execute depending on real-world inputs and outputs. Oracles give the Web 3.0 ecosystem a method to connect to existing legacy systems, data sources and advanced calculations.
- Comment on U.S. Government Starts Pushing Economic Data Onto Blockchains as 'Proof of Concept' 2 months ago:
Yay, decentralised and immutable!
Data integrity at source: If the BEA’s initial data is wrong (as sometimes happens with revisions), blockchain only makes the error permanent until corrected with new updates
Oh, so… Like previously just publishing a pdf on a website, then.
I guess it means they can’t hide revisions. Which is what archive.org (and the us government equivalent that archives government sites) does.At least it’s decentralised!
Over-reliance on oracles: Chainlink and Pyth are powerful, but their centrality creates new concentration risks. If they malfunction or face attacks, critical data feeds could be disrupted.
Gotcha, still has centralised services.
Quotes taken from ccn.com/…/gdp-on-blockchain-us-government-data-bi… which seems to have the best technical info I could find
Still not much information. I’m presuming an “oracle” is something that gives you a hash of the “immutable” data, so you only have to pay to get that hash recorded on a blockchain instead of however many kB of PDF.
- Comment on The recent Steam censorship debacle actually sort of opened me up to adult games. 2 months ago:
Imagine the debuff that blueballs would inflict because you missed the quicktime event