RegalPotoo

RegalPotoo , 2 days ago

So I pull out my keyboard

And I pull out my Glock

And I dismount your girl

And I mount slash proc

Cos I've got your PID

And the bottom line

Is you best not front

Or its kill dash nine

RegalPotoo , 4 days ago

I was in the same place as you a few years ago - I liked swarm, and was a bit intimidated by kubernetes - so I'd encourage you to take a stab at kubernetes. Everything you like about swam kubernetes does better, and tools like k3s make it super simple to get set up. There _is& a learning curve, but I'd say it's worth it. Swarm is more or less a dead end tech at this point, and there are a lot more resources about kubernetes out there.

RegalPotoo , 6 days ago

thats_a_bold_move.gif

Trying to extort the federal government like that seems like a really quick way to end up with your face, phone number and home address in a press release, along with a note from the NSA that basically says "this guy has $33 million in Bitcoin, would be a shame if someone kicked in his door and beat him with a bat until he gave up the keys :)"

RegalPotoo , 8 days ago

Especially when "tmpfiles" is an existing term of art with a very specific meaning

RegalPotoo , 9 days ago

its more likely than you think

RegalPotoo , 13 days ago

They are, but I think the question was more "does the increased speed of an SSD make a practical difference in user experience for immich specifically"

I suspect that the biggest difference would be running the Postgres DB on an SSD where the fast random access is going to make queries significantly faster (unless you have enough ram that Postgres can keep the entire DB in memory where it makes less of a difference).

Putting the actual image storage on SSD might improve latency slightly, but your hard drive is probably already faster than your internet connection so unless you've got lots of concurrent users or other things accessing the hard drive a bunch it'll probably be fast enough.

These are all Reckons without data to back it up, so maybe do some testing

RegalPotoo , 22 days ago

My 10 year prediction - Microsoft does a full transition to a services company:

• Basic Windows is free, even for OEMs
• Windows Professional becomes a subscription thing, maybe you get it as part of your Azure AD sub
• Things like Recall or not having ads are extra subscriptions

RegalPotoo , 24 days ago

Taking donations for a specific purpose (developing jellyfin core) then spending it on something else (donations to other related projects) is something donors and tax authorities generally frown on

RegalPotoo , 26 days ago

pg_dumpall on a schedule, then restic to backup the dumps. I'm running Zalando Postgres in kubernetes so scheduled tasks and intercontainer networking is a bit simpler, but should be able to run a sidecar container in your compose file

RegalPotoo , 26 days ago

Pretty much - I try and time it so the dumps happen ~an hour before restic runs, but it's not super critical

RegalPotoo , 28 days ago

If you thought the bots were obnoxious now....

RegalPotoo , 1 month ago

Fun fact, a significant proportion of the people doing these scams are victims of human trafficking who are being forced into it with threats of violence

RegalPotoo , 1 month ago

This is where I'd put my Framework laptop

IF THEYD SELL ME ONE

RegalPotoo , 1 month ago

Well well well, if it isn't the consequences of my own actions

RegalPotoo , 1 month ago

Will be interesting to see if this is useful for non-PC platforms as well; I've got a Myioo Mini Plus (basically an ARM SBC in a GameBoy-esque case designed to run RetroArch) - it's not really powerful enough to run a N64 emulator, but if I could recompile the games in my PC and run them natively then maybe that'll work better?

RegalPotoo , 1 month ago

Yeah, I was a little surprised - the MMP can do PS1 emulation no issue, but apparently N64 is too much. I would have thought it would be the other way round

RegalPotoo , 1 month ago

Seems pretty reasonable. At the end of the day people have to eat, so projects like this either trundle on as hobby-and-spare-time projects for a few years until people get bored and burnt out, or you find a way to make working on the project a paid gig for the core people

RegalPotoo , 1 month ago

"is not exactly tailored to my specific requirements, aesthetic preferences and built using technology I'm familiar with" = "sucks" apparently

RegalPotoo , 2 months ago

At some point every professional computer person - programmer, sysadmin, whatever - will seriously consider piling all their computers into a big pile, lighting them on fire, and moving to the country to start a new life making things with their hands

RegalPotoo , 2 months ago

Things made out of wood don't suddenly stop working cos you looked away for 15 seconds and Wood v2.1.4 is incompatible with Nails v4.0, but if you upgrade Nails you also have to upgrade Paint to v2.2 and they completely changed their API because the old API wasn't sufficiently cool anymore

RegalPotoo , 2 months ago

Oh don't get me wrong, 99% of the time I love my career and 15 years in I still get a kick out of crafting code to make the stupid little machines do what I want.

The other 1% of the time - a couple of days a year - I get home at the end of the day with a profound sense that these machines are driving me slowly mad

RegalPotoo , 2 months ago

Yeah, I've learnt over the years that having non-computer based creative hobbies is really important. I did a bit of leather working for a bit - tools are cheap on AliExpress and it doesn't take up a ton of space unless you go really deep. Spend a few hours on a weekend in the garage making a thing that is tangible and I can hold and doesn't require maintenance

RegalPotoo , 2 months ago

Infrastructure of Code?

RegalPotoo , 2 months ago

If I die before I wake /
At least in heaven I can skate /
Cos right now on earth I can't do shit /
Without the man fucking with it

RegalPotoo , 2 months ago

This is an "x-y question" - what are you actually trying to achieve?

Clearly you are concerned about... someone.... knowing your home IP address - who, and why?

RegalPotoo , 2 months ago

Soooo... out of unrelated curiosity, have there been any significant security disclosures in Mastodon recently?

RegalPotoo , 2 months ago

I have a machine at work (no screenshots sorry) that is using ~200GB of RAM as disk cache and still has over 100GB of free RAM - not "used for cache but can be freed if an application needs it", actually genuinely unallocated.

RegalPotoo , 2 months ago

As in, hardware RAID is a terrible idea and should never be used. Ever.

With hardware RAID, you are moving your single point of failure from your drive to your RAID controller - when the controller fails, and they fail more often then you would expect - you are fucked, your data is gone, nice try, play again some time. In theory you could swap the controller out, but in practice it's a coin flip if that will actually work unless you can find exactly the same model controller with exactly the same firmware manufactured in the same production line while the moon was in the same phase and even then your odds are still only 2 in 3.

Do yourself a favour, look at an external disk shelf/DAS/drive enclosure that connects over SAS and do RAID in software. Hardware RAID made sense when CPUs were hewn from granite and had clock rates measures in tens of megahertz so offloading things to dedicated silicon made things faster, but that's not been the case this century.

RegalPotoo , 2 months ago

Por qué no los dos?

RegalPotoo , 3 months ago

It's a really wicked problem to be sure. There is work underway in a bunch of places around different approaches to this; take a look at SBoM (software bill-of-materials) and reproducible builds. Doesn't totally address the trust issue (the malicious xz releases had good gpg signatures from a trusted contributor), but makes it easier to spot binary tampering.

RegalPotoo , 3 months ago

The reason openssh links liblzma in the first place is to enable a systemd feature, so naturally "systemd bad, it's proximity to a security issue is yet more proof that a pile of shell scripts in a trenchcoat is a superior init system" etc

RegalPotoo , 3 months ago

https://arstechnica.com/security/2024/03/backdoor-found-in-widely-used-linux-utility-breaks-encrypted-ssh-connections/

There are no known reports of those versions being incorporated into any production releases for major Linux distributions, but both Red Hat and Debian reported that recently published beta releases used at least one of the backdoored versions [...] A stable release of Arch Linux is also affected. That distribution, however, isn't used in production systems.

Ouch

RegalPotoo , 3 months ago

Also,

Arch is the most stable

Are you high?

RegalPotoo , 3 months ago

This is the way. I have a Brother B&W laser printer/scanner combo because I fairly regularly need to print/sign/scan/email forms for various things, but if I need something colour or really.good quality the local print shop is the way to go

RegalPotoo , 3 months ago

I can't remember the details anymore, but for a year or two I had a bad run of absolutely hosing my boot config and leaving myself in a state where the system either couldn't find it's kernel or couldn't find the root partition and would drop me into an initramfs emergency shell. I got pretty good at booting into a live environment, getting all my dm-raid and lvm disks discovered, mounting all the relevant file systems in the right place, chrooting in and rebuilding the pieces that were broken

RegalPotoo , 3 months ago

Given that the snap store is a closed source proprietary component, I'd argue that snaps are a walled garden

RegalPotoo , 3 months ago

It's not just let's encrypt - the common names of any SSL cert issued by a public CA have to be recorded in a public certificate transparency log. You can use tools like https://crt.sh to search the logs

RegalPotoo , 3 months ago

Previously Gandi, but they've jacked up their prices and cut features, so in the process of moving to AWS Route53.

My main requirements are:

• Competitively priced (doesn't need to be the absolute cheapest, but the feature set better justify the price)
• Able to manage domain with Terraform (I've got 10 domains, and copy-pasting DNSSEC keys around gets old really fast)
• Not be CloudFlare (fuck those guys in particular)

RegalPotoo , 3 months ago

I'd considered doing something similar at some point but couldn't quite figure out what the likely behaviour was if the workers lost connection back to the control plane. I guess containers keep running, but does kubelet restart failed containers without a controller to tell it to do so? Obviously connections to pods on other machines will fail if there is no connectivity between machines, but I'm also guessing connections between pods on the same machine will be an issue if the machine can't reach coredns?

RegalPotoo , 3 months ago (edited 3 months ago)

bold_move.gif

The thing about shipping internationally is that you generally need a logistics partner to actually physically move the packages for you, and they also have a legal responsibility to ensure that what they are carrying is legal. I don't know what number of packages you need to have seized by customs before they stop doing business with you, but I'd doubt it's much more than 1.

As a bonus, there are only a handful of logistics companies in NZ that do international outbound, and they are the major domestic delivery companies as well, so if you fuck around enough you could end up finding out that no one will deliver your packages locally either

RegalPotoo , 3 months ago

Honk. Yup

RegalPotoo , 3 months ago

• I think you'll find "millions" is an exaggeration
• Depends on how happy you are with risking prison

RegalPotoo , 4 months ago

Yeah, that's going to be the thing. LTO tapes/drives would be dirt cheap if the demand was anywhere near where DVDs were at their peak

RegalPotoo , 4 months ago

1.4Pb (~175TB), the quoted number of movies is based on a 14GB movie which is very small (most BluRay disks hold somewhere between 25 and 50GB) and no discussion about write speed, so basically this is cool research that someone has done and is no closer to a commercial product that any of the dozens of other articles that have come out on this topic in the last 15 years

RegalPotoo , 4 months ago

I've started a similar process to yours and am moving domains as they come up for renewal, with a slightly different technical approach:

• I'm using AWS Route 53 as my registrar. They aren't the cheapest, but still work out at about half the price of Gandi and one of my key requirements was to be able to use Terraform to configure DS records for DNSSEC and NS records in the parent zone
• I run an authoritative nameserver on an OCI free tier VM using PowerDNS, and replicate the zones to https://ns-global.zone/ for redundancy. I'm investigating setting up another authoritative server on a different cloud provider in case OCI yank the free tier or something
• I use https://migadu.com/ for email

I have one .nz domain which I'll need to find a different registrar for, cos for some reason route53 doesn't support .nz domains, but otherwise the move is going pretty smoothly. Kinda sad where Gandi has gone - I opened a support ticket to ask how they can justify being twice the price of their competitors and got a non-answer

RegalPotoo , 4 months ago

Cloudflare would probably meet my technical needs, but I refuse to give them any money due to how enthusiastic they are to have white supremacists on their platform

RegalPotoo , 4 months ago

HYPE

RegalPotoo , 4 months ago

This is relevant to my interests, thanks. Looks like it's pretty early stages though?