• 0 Posts
  • 171 Comments
Joined 2 years ago
Cake day: June 30th, 2023
  • towerful@programming.devtoSelfhosted@lemmy.worldBest Practice IdeasEnglish
    4·
    29 days ago

    I’d still run k8s inside a proxmox VM. Even if it’s basically all resources dedicated to the VM, proxmox gives you a huge amount of oversight and additional tooling.
    Proxmox doesn’t have to do much (or even anything), beyond provide a virtual machine.

    I’ve ran Talos OS (dedicated k8s distro) bare metal. It was fine, but I wish I had a hypervisor. I was lucky that my project could be wiped and rebuilt with ease. Having a hypervisor would mean I could’ve just rolled back to a snapshot, and separated worker/master nodes without running additional servers.
    This was sorely missed when I was both learning the deployment of k8s, and k8s itself.
    For the next project that is similar, I’ll run talos inside proxmox VMs.

    As far as “how does cloudflare work in k8s”… However you want?
    You could manually deploy the example manifests provided by cloudflare.
    Or perhaps there are some helm charts that can make it all a bit easier?

    Or you could install an operator, which will look for Custom Resource Definitions or specific metadata on standard resources, then deploy and configure the suitable additional resources in order to make it work.
    https://github.com/adyanth/cloudflare-operator seems popular?

    I’d look to reduce the amount of yaml you have to write/configure by hand. Which is why I like operators

  • towerful@programming.devtoNot The Onion@lemmy.worldWhite House says slavery is being taught wrong, should not be so negativeEnglish
    1·
    1 month ago

    In his Truth Social website President Donald Trump described the Smithsonian as “OUT OF CONTROL” and said museums across the United States are “WOKE.”

    Convicted felon says museums are woke and out of control.

    In a statement sent to Newsweek the Smithsonian said: "The Smithsonian’s work is grounded in a deep commitment to scholarly excellence, rigorous research, and the accurate, factual presentation of history.

    The world’s largest museum, education and research complex says they are grounded in accurate presentation of history.

    It’s pretty clear that the US government is targeting the Smithsonian and other historical archives to rewrite history.

    Considering the other articles linked which talk about the removal of trump’s impeachments and other pressures on historical facts and accuracy, I’d be worried about the following quote:

    "It’s not about whitewashing it’s about full context, so while slavery is obviously a horrible aspect of our nation’s history you can’t really talk about slavery honestly unless you also talk about hope and progress and I think we need to be focusing on the progress that we’ve made then and we need to stop focusing so much on the lack of progress.

    So, yeh the Nazis killed a bunch of people. But they also developed the Volkswagen, Porsche and Hugo Boss. And we have all come to appreciate fancy cars and fly shirts. So, let’s not focus on what the Nazis did, but instead let’s concentrate on the hope that cars bring!

    And even if you argue that “things are better now”. Sure, somewhat. But, imo, it’s not really something to celebrate. Black people can vote, but shitty racist people in power still suppress the fuck out of them.

    Germany recognises it’s history. It teaches it in school, it’s made memorials & museums of historically abhorrent places, and it’s outlawed everything related.

    US still celebrates Thanksgiving.
    https://www.forbes.com/sites/maiahoskin/2022/11/24/the-real-history-behind-thanksgiving/

    So yeh, here is the directive:
    https://www.whitehouse.gov/fact-sheets/2025/03/fact-sheet-president-donald-j-trump-restores-truth-and-sanity-to-american-history/

    to work to eliminate improper, divisive, or anti-American ideology from the Smithsonian and its museums, education and research centers, and the National Zoo.

    So, eliminate some history.
    But - depending on how carefully that scalpel is wielded - it could cut away the bad parts and leave the “good” parts. Cherry picking, if you will.
    Leaves a generally positive vibe of slavery.
    Divisive and anti-american to whip/hang/rape slaves. So, leave that part out.
    But provide the American dream for a slave by impregnating them and giving them a less crowded room and easier slave labour, or elevating them to a house position, or whatever… THATS the American dream!
    Slaves that behaved were treated well.
    But, just leave out the thousands of slaves that were beaten for sensless reasons because they were considered barbaric and sub-human.
    Just… Ignore the fact that they were kidnapped from their home, transported for weeks in horrendous conditions, then auctioned off to rich white men.

  • towerful@programming.devtoSelfhosted@lemmy.worldYou Should Run a Certificate Transparency LogEnglish
    6·
    3 months ago

    Servers: one. No need to make the log a distributed system, CT itself is a distributed system.

    The uptime target is 99%3 over three months, which allows for nearly 22h of downtime. That’s more than three motherboard failures per month.

    CPU and memory: whatever, as long as it’s ECC memory. Four cores and 2 GB will do.

    Bandwidth: 2 – 3 Gbps outbound.
    Storage:
    3 – 5 TB of usable redundant filesystem space on SSD or.
    3 – 5 TB of S3-compatible object storage, and 200 GB of cache on SSD.
    People: at least two. The Google policy requires two contacts, and generally who wants to carry a pager alone.

    Seems beyond you typical homelab self hoster, except for the countries that have 5gbps symmetric home broadband.
    If anyone can sneak 2-3gbps outbound pass their employer, I imagine the rest is trivial.
    Altho… “At least 2 [people]” isn’t the typical self hosting

    Edit:
    Tried to fix the copy/paste.

    Also will add:

    https://crt.sh/
    Has a list of all certificates issued.
    If you are using LE for every subdomain of your homelab (including internal), maybe think about a wildcard cert?
    One of those “obscurity isn’t security”, but why advertise your endpoints? Also increases privacy (IE not advertising porn(dot)example(dot)com)

  • towerful@programming.devtoAsk Lemmy@lemmy.worldHow much data do you require before you accept something as "fact"?
    0·
    3 months ago

    Yeh it is.
    Proving that a scientific theory is wrong means we don’t understand enough about the thing. And we know we need to look at other theories about the thing.
    Proving things wrong as well as failed hypothesis is as important (even if it is disappointing) as proving things correct and successful hypothesis. It rules the theory out, and guides further scientific study.
    With published papers, other scientists can hopefully see what the publishing scientists missed.
    Scientists can also repeat experiments of successful papers to confirm the papers conclusion, and perhaps even make further observations that can support further studies.

  • towerful@programming.devtoNo Stupid Questions@lemmy.world*Permanently Deleted*
    6·
    3 months ago

    Your threat assessment is way off.
    So, you import a phone. What sim do you use? Where do you use it? When do you use it? Who do you contact with it?
    All of that is more valuable and easier to get for the police than some sort of modification of firmware or platform as it passes through customs.
    If in doubt, flash your own firmware.

    If this is actually a threat assessment to you, asking on Lemmy is the wrong place. You need people with the same experience that an entire country has at their disposal.

    If it’s a concern as opposed to an actual threat, buy some 2nd hand phones from random places and buy some prepaid sims (ideally via smurfs or black market means). And be aware of how you use them

  • towerful@programming.devtoNo Stupid Questions@lemmy.worldAm I weird for avoiding flying on prop planes, and only fly on jets?
    3·
    4 months ago

    Autopilot crashes?
    You mean MCAS (Maneuvering Characteristics Augmentation System)?
    It’s not autopilot. It’s worse than that.

    Due to the larger engines needing to be mounted in a different place, the flight characteristics changed between previous gen 737s and the new 737 MAX.

    The characteristic change would mean it needs different certification from air authorities and existing 737 pilots would require recertification to be able to fly the new 737 MAX (which is supposed to be just an updated model).
    All very expensive for what should be merely an upgraded model.

    To avoid this, Boeing used software to change the characteristics in order to bring it inline with previous 737s and the existing certifications.
    And as it was just an augmentation system, it was deemed high risk but not critical risk. As such, it didn’t require full redundancy, didn’t require Quick Reference Handbook entries incase of issues/errors, and didn’t require training.
    In fact, pilots had no idea it existed, what it could do or how it worked.

    Which means when it had an issue and caused extreme pitch down due to faulty sensor readings, the pilots had literally no idea what was happening as they were trying to stop the plane from accumulating pitch down every 5 seconds.

    And then Boeing tried to fuck with the narrative. I think they also didn’t tell pilots about MCAS until after the Ethiopian Airlines crash (the 2nd caused by MCAS), but I’m not 100% sure on the timeline.

    Boeing has had a stream of QA issues, the way MCAS was handled was idiotic, they are a shitty company.

    But I have no issues flying in a Boeing.
    I don’t like or trust the company, but I trust the air authorities. And most of all, I trust the pilots.