stares at 300 line shell script+ansible mess that updates/sets up Forgejo, Nextcloud, ghostcms
“Yes… It’s automated”
Exactly. Unless you are actively doing maintenance, there is no need to remember what DB you are using. It took me 3 minutes just to remember my nextcloud setup since it’s fully automated.
It’s the whole point of using tiered services. You look at stuff at the layer you are on. Do you also worry about your wifi link-level retransmissions when you are running curl?
Here you dropped this:
#define ifnt(x) if (!(x))
Some people play games to turn their brains off. Other people play them to solve a different type of problem than they do at work. I personally love optimizing, automating, and min-maxing numbers while doing the least amount of work possible. It’s relatively low-complexity (compared to the bs I put up with daily), low-stakes, and much easier to show someone else.
Also shout-out to CDDA and FFT for having some of the worst learning curves out there along with DF. Paradox games get an honorable mention for their wiki.
Also if the router blocks icmp for some reason you can always manually send an ARP request and check the response latency.
Is there a specific reason you’re looking at shadowsocks? The original developer has been MIA for years. People who used it in the past largely consider it insecure for its original stated purpose
trojan-gfw is a better modern replacement. However that requires a certificate in order to work. You can easily get one via lets encrypt.
At this point, let Shadowsocks, obfs, and kcp die a graceful death like GoAgent before it did.
Another thing you can look into is apptainer/singularity. Basically portable container binaries. Executing the binary automatically runs a program/drops you into a shell inside the container with your $HOME mounted inside. Stuff like cuda also work as long as your host system has appropriate drivers.
You can also port docker containers to apptainer directly via cli.
Just in time to move to IPv6!
What someone does with their 16,777,215 private IPv4 addresses is none of our business…
Now just connect all of that with dumb L2 switches and watch those broadcasts fly!
Can’t comment much about the docker side since it’s not something I’m familiar with.
For the kernel part, assuming what you’re referring to as UUIDs is the pid namespace mechanism, I’m failing to see how that would add overhead with containers. The namespace lookups/permission checks are performed regardless of whether the process is in a container or not. There is no fast path for non-containerized processes. The worst overhead that this could add is probably one extra ptr chase in the namespace linked list.
Make sure to test your setup if you are using DAV. Large files can fail if your nextcloud setup is done incorrectly.
Source: idiot who misconfigured PHP that resulted in a DAV client stuck in a retry loop, then getting banned by my own firewall for DoS.
I might switch to it once bitwarden support comes out.
Worst case I lose my Google account. Which I only use for Android (no sync, no mail, no purchases)
Best case, Google no longer defaults to mobile 2fa and finally accepts i want to use totp every time.
Also, how would the biometrics requirement work if all im doing is storing the whole thing in a Bitwarden vault?
Isn’t the whole point of these things the “bloated” (CI/CD, issue tracker, merge requests, mirroring, etc) part? Otherwise we’d all be using bare git repos over ssh (which works great btw!)
It’s like complaining about IDE bloat while not using a text editor. Or complaining there’s too many knives in a knife set instead of buying just the chef knife.
CrowdSec has completely replaced fail2ban for me. It’s a bit harder to setup but it’s way more flexible with bans/statistics/etc. Also uses less ram.
It’s also fun to watch the ban counter go up for things that I would never think about configuring on fail2ban, such as nginx CVEs.
Edit: fixed url. Oops!
Of all things, how does core functionality NOT have 4 nines???