FrederikNJS

@FrederikNJS@piefed.zip

• ⁨Comment⁩ on ⁨SSL certificates for things inside the lab⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:

  I have my Firefox configured to force HTTPS, so it’s rather inconvenient to work with any non-HTTPS sites.

  Because of that I decided to make my own CA. But since I’m running in Kubernetes and using cert-manager for certs, this was really easy. Add a resource for a self-singed issuer, issue a CA cert, then create an issuer based on that CA cert. 3 Kubernetes resources total: https://cert-manager.io/docs/configuration/ca/ and finally import the CA cert on your various devices.

  However this can also be done using LetsEncrypt, with the DNS01 challenge. That way you don’t need to expose anything to the Internet, and you don’t need to import a CA on all of your devices. Any cert you issue will however appear in certificate transparency logs. So if you don’t want anyone to know that you are running a Sonarr instance, you shouldn’t issue a certificate with that in it’s name. A way around that is a wildcard cert. Which you can then apply to all your subservices without exposing the individual service in logs. The wildcard will still be visible in the logs though…

• ⁨Comment⁩ on ⁨TV remotes should have an easy-to-find by touch "volume" toggle button that toggles between two volume settings.⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:

  Why not select the 2.0 channel audio track?

• ⁨Comment⁩ on ⁨VLAN’s and Subnets For Home Networks⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:

  In addition people often use VLANs for security segregation. For example you might buy a bunch of cheap Chinese security cameras, but want to ensure that they can’t send anything back to the manufacturer. Then you can make a VLAN with no Internet access for the cameras.