towerful

joined 2 years ago
[–] [email protected] 8 points 1 year ago

Its one reason i use DNS challenge wildcard domains.
I know security through obscurity is not security, and that a leaked wildcard cert is more damaging... However the likelihood of a leaked cert is slim, the convenience is huge, the attack window isn't huge (well, 90 days) and less published information about internals feels more secure.

[–] [email protected] 2 points 1 year ago

If its just yourself (or up to 3 people), go with tailscale. Sign up for a free account, looks like there is an installer in the asusator (or whatever its called) app store.
Start reading up on tailscale. Its essentially a managed VPN designed for enterprises with features for servers and infrastructure.

[–] [email protected] 4 points 1 year ago (2 children)

I want to access my Jellyfin over the web

Do you want other people to access jellyfin? Or strangers?
Or would a VPN like wireguard (or even tailscale) be more appropriate?

[–] [email protected] 1 points 1 year ago

Eh, often updated privacy laws (a good thing) can lead to an aweful lot of work (and confusion) for developers.
A local news company probably doesnt want to deal with privacy laws that do not effect their target audience (despite those privacy laws being a good thing).
The other option is to be a part of a global news conglomerate that ensures everything is in compliance, but that often leads to some sort of adjenda of what can & cant be published.
Or you pay a platform to host your articles. Which is awesome for anyone that doesnt have devs on staff (or retainer). But you are beholden to that platforms desires

[–] [email protected] 1 points 1 year ago (1 children)

Thank fuck it wasnt kelvin!

[–] [email protected] 4 points 1 year ago

Uft, imagine if that happened and musk chose a single unicode character as the domain?!
Unicode are already sanitised from domains, because there are ubicode characters that look like - but are distinct from - ascii characters... which opens a huge pandoras box of MITM attacks of malicious sites on domains that visually look the same as legit domains.

If musk wants a single unicode character, all the browsers are going to have to figure out that can of worms

[–] [email protected] 6 points 1 year ago

Its cheaper, has better visibility for drive health, and things like CoW means a file is extremely unlikely to be corrupt on a power failure (with hardware raid, you are relying on the battery in the raid controller for that protection. I guess you could run CoW ontop of a hardware raid). CoW also helps spread wear on SSDs.
ZFS will heal data if it finds corrupted blocks, not sure that a hardware raid does.
ZFS is the same anywhere, and is adjusted via software (as opposed to the dell PERCs which i believe require booting into essentially bios. Certainly ive never had the work through iDRAC), and you dont have to learn that raid controllers control UI (altho, they are never difficult).
Its also another part that could fail and require like-for-like replacement. ZFS on satas just needs to be able to access the drive.

I looked into it ages ago, and ZFS on HBA made so much more sense than a $300 used raid controller.

[–] [email protected] 1 points 1 year ago

I have a K7.
My only con with it is that the headphone jack doesnt cut the line outputs. So, i had to make an inline switch to mute my speakers for headphones only.
I am now wishing it also had XLR outputs, but Im sure i can pick up a nice transformer balancing box from somewhere.

[–] [email protected] 4 points 1 year ago (4 children)

I have a Fiio DAC and i have no complaints.
But i dont have golden ears that can hear the difference between good dacs, excellent dacs etc.
Above a certain level, its good enough for me

[–] [email protected] 23 points 1 year ago

But not the Fremans Front of Arrakis. Bunch of splitters

[–] [email protected] 1 points 1 year ago (1 children)

I use ghcr, i have no issues pulling images from amazon ECR or wherever.
Docker got there first with the adoption and marketing.

Automation tools like ansible and terraform have existed for ages, and are great for running things without containers.
OCI just makes it a hell of a lot easier and portable

[–] [email protected] 1 points 1 year ago (1 children)

but I want to simply remind you that containers are the successor of VMs

Successor implies replacement. I think containers are another tool in the toolkit of servers/hosting, but not a replacement for VMs

view more: ‹ prev next ›