plateee
@plateee@piefed.social
- Comment on Jensen Huang says gamers are 'completely wrong' about DLSS 5 — Nvidia CEO responds to DLSS 5 backlash 2 weeks ago:
His statement reeks of “Don’t you all have phones” energy.
- Comment on SSL certificates for things inside the lab 2 weeks ago:
it’s not security, just obscurity
IIRC for my setup it’s a bit of both. My DNS API key is scoped to only handle the specific subdomain updates instead of my entire DNS account.
I still use a wildcard for that subdomain for non-kubernetes systems, but the cert plugins for kubes is excellent at handling a LE cert per lan fqdn.
You don’t need to register a local CA
This was my biggest reason to move to Let’s Encrypt. I have a Hashicorp Vault instance in my homelab for secrets and I tried using it for an internal CA (like how the lab at work is set up), but trying to get on every device and add the full Vault chain to each individual system’s trust store was massive pain in the ass.
- Comment on SSL certificates for things inside the lab 2 weeks ago:
I do DNS challenges with let’s encrypt for either host fqnds (for my kubes cluster) or wildcard for the few other services.
The trick is to do a subdomain off of a domain that you own (e.g.
thing.lan.mydomain.com) this way, you can scope the DNS to only*.lan.mydomain.comif you’re conscious about scoped api security.Using let’s encrypt is nice because you can have a valid ssl chain that android, iOS, windows, and Linux all trust with their default trusts without having to do something with a custom CA (ask me how awful that process can be).
- Comment on fuck it, just paste your clipboard in the comments 2 weeks ago:
- Comment on Avocado. Is it really so untasty or I am doing something wrong? 3 weeks ago:
Hey, how fresh are they? I never liked avocados until I tried them in California, in season. It was like night and day.
But as others have said, they’re not really “sweet”.
- Comment on Claude Code deletes developers' production setup, including its database and snapshots — 2.5 years of records were nuked in an instant 3 weeks ago:
Jesus Christ people. Terraform has a plan output option to allow for review prior to an apply. It’s trivial to make a script that’ll throw the json output into something like terraform visual if you don’t like the diff format.
I’ve fucked up stuff with Terraform, but just once before I switched to a rudimentary script to force a pause, review, and then apply.
- Comment on I'm struggling to think of any online services for which I'd be willing to verify my identity or age 4 weeks ago:
Someone else in here said the laws are confusing age verification for identity verification. If anything, I’d be okay with identity verification for banking as an additional check. (Plus my bank already knows what I spend money on)
- Comment on Your car’s tire sensors could be used to track you 4 weeks ago:
They mention this in the article. The difference is that since the tire sensor sends out an RF signal, direct line of sight isn’t necessary. You could throw a tracker up on a roof and grab signals from a block over.
The missing part may be tying that signal to a specific car, but say your car gets pulled over - they could read your tires’ sensor ID and compare it to where they captured it and bam! Now you’re fucked.
- Comment on Papa Johns is closing 300 locations 4 weeks ago:
IIRC, Mr Papa John has long since left the company and Shaq took over.
Their pizza still sucks though.
- Comment on 5 weeks ago:
I wonder if you could run it on a dedicated piece of gear like FlockYou…
- Comment on Thanks Alot 1 month ago:
I haven’t kept up, is she still around? I think last I heard Allie and her long time partner split.
- Comment on But the Canadien stock market is over 33,000! 1 month ago:
Hey buddy, you just need to keep your eye on the button and wait to see how they use the hammer to clear the house - and pray they don’t cross the hog line while holding on to the stone handle.
- Comment on How to Use Local IP for Services when at Home? 1 month ago:
Yeah, in that case, I’d probably split my DNS duties. I started with internal resolution by having Pihole do hard coded DNS entries for internal systems, but my current setup seems to be much more resilient.
I have two PowerDNS servers (main and replica) with recursors to Open DNS internet servers and resolvers for my lab network. It plays very nicely with Terraform or (crucially lately) Kubernetes.
- Comment on How to Use Local IP for Services when at Home? 1 month ago:
Could you do a subdomain for internal? Using Nginx host base routing to get to the same port would let you have a valid cert for both
service.lan.your.fqdnandservice.your.fqdn.Let’s Encrypt wildcard certs for the
*.lan.your.fqdnwould simplify things.Your DNA server could then resolve the lan fqdns to your internal network and the non-lan to your Internet exposed?
- Comment on System Redundancy 1 month ago:
Yup, shared storage is a requirement. I’m using a combination of Ceph and NFS at the moment, but I wouldn’t recommend Ceph unless you’ve got a 10gb connection between nodes.
Here’s a guide to set up high availability with Proxmox: https://kiwicloud.ninja/2024/02/improved-high-availability-ha-for-vms-on-proxmox-ve-pve/
- Comment on System Redundancy 1 month ago:
For me, I have three proxmox nodes that are configured to restart VMs and LXC containers if a host goes offline. There’s a Palo Alto pa-440 for my fw/router and a brocade switch (they were something work gave me for practicing for a network exam).
The nodes, Palo, brocade, and AT&T modem are all on two UPS 1500va systems along with my wifi ap. Run time in case of power loss is around an hour.
I’m this close to getting a comprehensive shutdown script working from a raspberry pi that is triggered if there’s power loss (most UPS systems have some capability to trigger scripts on a host that’s connected to the UPS’s console port).
If I can get that script working, the battery backup will run a PI for several days.
Back on the redundancy side, I host two PowerDNS systems in the proxmox cluster along with a 3 node/LXC container Vault.
- Comment on There is *shower*thoughts, but is there a "snowstorm thoughts" for when you have random nostalgia moments about the past? Particularly about a past snow storm in your childhood, like the SNOW DAYS 2 months ago:
Do you want to know something awful? There might not be snow days anymore. Not because of climate change, but because of COVID.
Days where school used to be called off could just be “remote learning” days and instead of getting to go play in the snow like we did when we were younger, kids will have to sit and zoom all day.
- Comment on Survey reveals most people are holding onto their phones for a long time, and it makes sense 3 months ago:
Same here, and I’m not sure what I’ll go to next - the USB port has gotten flakey.
I want to try a Linux phone, but hardware seems to be made of unobtainium, and the software seems like it’s not quite there yet.
Part of me is tempted to just get another pixel 7 Pro on swappa.
- Comment on Apple, Google tell workers on visas to avoid leaving the U.S. amid Trump immigration crackdown 3 months ago:
Not only never go on holiday or see your family ever again, but crucially “you better be loyal/work harder than citizens lest we fire you and your visa expires.”
- Comment on Word. 3 months ago:
I’ve never used it, does it handle docx authorship better than libre?
Honestly, I’m not even 100% sure they *need* Word or if they’re just being told that by their boss.
- Comment on Word. 3 months ago:
It’s $150 for a “perpetual” license - but that’s not including any one drive storage. The Office 365 SaaS (I think now it’s Microsoft 365?) starts at $99/year.
I know this because I’ve been trying to find a solution for my sister who *absolutely needs* office to get a workable solution for Linux. Supposedly, she has to submit papers/writing as docx and can’t trust LibreOffice not to fuck up formatting.
- Comment on What are your opinions of using Pi-hole for DNS within a homelab environment? 3 months ago:
Maybe a controversial take, but I like pihole for blocking only - I have a pair of powerDNS servers set up for my internal name resolution. They recurse to Pihole, but can fall back to internet DNS servers if Pihole isn’t responsive.
I tried pihole for local resolution and found it to be a fairly large pain to automate. Plus kubes has PDNS hooks for auto-updating DNS entries.
- Comment on Larian CEO Responds to Divinity Gen AI Backlash: 'We Are Neither Releasing a Game With Any AI Components, Nor Are We Looking at Trimming Down Teams to Replace Them With AI' 3 months ago:
Or just have a hard cut-off for software released after 2022.
It’s the only way I search for recipes anymore - a date filter from 1/1/1990 - 1/1/2022.
- Comment on What DDNS providers you guys recommend? 3 months ago:
I have dyndns. I don’t recommend them, unless a coworker just gave you their lifetime pro account for free.
Thanks Roody, wherever you are!
- Comment on Oh yes daddy credit please 3 months ago:
I’ve gotten dinged for not having *enough* accounts/credit lines.
My old car payment fell off last month, and I bought a car with cash (not a great car, but it was cheap) - now I’m in the “fair” zone.
But fuck me for not wanting a shitload of credit cards/loans, right?
- Comment on idk abbout this one discord 3 months ago:
Yeah, if you don’t worry about someone impersonating your account you don’t have to reserve.
- Comment on idk abbout this one discord 3 months ago:
Come with me back to IRC land. The water’s fine.
(Technically you should log in to nickserv, but that’s it)
- Comment on The Bat 3 months ago:
https://youtu.be/KOOhPfMbuIQ?si=5sZbKGGdVRDAib_r
You weren’t lying. I’ve never heard of Half Alive before, they’re not bad!
- Comment on When the AI bubble bursts.. 3 months ago:
No, in addition to the reasons brought up by the other commenters, I’m starting to think that “computers as a service” will start to be a thing.
Google’s Stadia by all accounts wasn’t horrible, but it was pricey and the selection was subpar.
But what if Amazon, Azure, and Google start up some post-AI burst equivalent that provides a use case for all that processing power? Sure, the GPUs used by commercial AI aren’t designed for gaming, but Nvidia could see the writing on the wall and start partnering with hyper scalers to create massive racks of gaming GPUs. *And* it would be one step closer to the ultimate goal of removing personal ownership of things! Pay a subscription for a cloud gaming PC or try your luck on building your own.
- Comment on It's nothing 3 months ago:
Do you have issues with anxiety/panic attacks? Fun fact, panic attacks can manifest physically with nearly identical symptoms to a heart attack!
(This doesn’t mean you shouldn’t get things checked out though)