Haven’t used it yet, but I’ve been researching authentik for my own SSO.
Haven’t used it yet, but I’ve been researching authentik for my own SSO.
BTRFS should be stable in the case of power loss. That is to say, it ought to recover to a valid state. I believe the only unstable modes are RAID 5/6.
I’d recommend BTRFS in RAID1 mode over mdadm RAID1 + ext4. You get checksumming and scrubs to detect drive failures and data corruptions. You also have snapshotting, in case you’re prone to the occasional fat-fingered rm -rf
.
For backup, maybe a blu-ray drive? I think you would want something that can withstand the salty environment, and maybe resist water. Thing is, even with BDXL discs, you only get a capacity of 100GiB each, so that’s a lot of disks.
What about an offsite backup? Your media library could live ashore (in a server at a friend’s house). You issue commands from your boat to download media, and then sync those files to your boat when it’s done. If you really need to recover from the backup, have your friend clone a disk and mail it to you.
Do you even need a backup? Would data redundancy be enough? Sure if your boat catches fire and sinks, your movies are gone, but that’s probably the least of your problems. If you just want to make sure that the salt and water doesn’t destroy your data, how about:
This would probably be cheapest and have the least complexity.
I wouldn’t trust anything like that to the open internet. It would be better to access the system over a VPN when you’re outside the network.
Yeah, I believe there’s some kind of bridge mode you must enable on the host’s interface.
As others have said, a reverse proxy is what you need.
However I will also mention that another tool called macvlan exists, if you’re using containers like podman or docker. Setting up a macvlan network for your containers will trick your server into thinking that the ports exposed by your services belong to a different machine, thus letting them use the same ports at the same time. As far as your LAN is concerned, a container on a macvlan network has its own IP, independent of the host’s IP.
Macvlan is worth setting up if you plan to expose some of your services outside your local network, or if you want to run a service on a port that your host is already using (eg: you want a container to act as DNS on port 53, but systemd-resolved is already using it on the host).
You can set up port forwarding at your router to the containers that you want to publicly expose, and any other containers will be inaccessible. Meanwhile with just a reverse proxy, someone could try to send requests to any domain behind it, even if you don’t want to expose it.
My network is set up such that:
I know this is a joke, but I couldn’t be a programmer without some pedantry. LUnix is actually a real OS! I booted it on my Commodore 64 once.
I thought Iran has no king anymore. It was a pretty big deal.
My favorite absinthe painting: 1901 Portrait of Bibi la Puree, by Picasso.
Bibi was an absinthe fiend, and I think it shows.
They would not even need to open source the servers. Just making the server available for users to run (even under a proprietary license) would be enough.
Ooh! Thanks for the tip! Been looking for some affordable drives for my next system.
I bought a LFF Dell Poweredge back in the fall, and have been waiting on a good deal for 3.5" disks. My current machine is a SFF HP Proliant, and I hate how much a 2.5" drive with good capacity costs.
make up
is my build command for pushing to prod
Yeah, apparently it’s the wand from a Rancilio Silvia: https://m.youtube.com/watch?v=5AOTa3bEpYM
Got a secondhand Delonghi Dedica because I had similar concerns over how much I’d use it. Previous owner installed an aftermarket steam wand, which has been a joy.
Overall, it comes and goes in waves for me. Some weeks I pull shots every afternoon, sometimes it sits unused for a month. I enjoy taking some time to step away from the home office and prep coffee, so espresso is nice for that. I’d probably use it even more if we were more of a milk drinking household. I like my steamed milk drinks, but we don’t reliably keep milk in our fridge.
I’m also very lazy about dialing in shots. We like to buy a variety of beans for our morning French press, so the coffee available for espresso might vary week-to-week. I’m not willing to waste coffee dialing in on a 16oz bag of beans that’ll be gone in a few days, so the quality of my espresso suffers. Do most people generally keep one kind of bean around specifically for their espresso?
I’m in a Burning Wheel campaign right now where the main focus has been political intrigue. Burning Wheel has a duel of wits system that’s been a very fun substitute for physical combat. There’s strategy in planning out your turns to counter your opponent. Our characters are all conniving egoists looking after their own personal gain. The DoW system has been a good in-universe system for resolving different character goals inside the party.
…and of course Duck Game never got released on GoG
Fuck this greedy bullshit
I know that your question is about tasting basics, and I think the answers here will get you on the right path.
There’s a lot that goes into coffee tasting on the advanced end. Ever wonder who decides that a coffee tastes like “raspberry” and “chocolate”? A few years ago, I found a local roaster that runs barista classes, and I got tickets to their coffee tasting session. It’s really interesting to learn about all the process and procedure that goes in to tasting coffee. They take something as subjective as taste and turn it into (somewhat) objective and quantifiable data. I also learned how coffee beans are graded, and how roasters source their beans.
The official term for this process is “cupping”, so if you’re interested, look in your area for cupping classes. I had a great time!
My parents drink mediocre pre-ground coffee. I left a single-cup French press at their house so I can have better tasting coffee whenever I visit. It doesn’t require advanced prep like cold brew.
What you’re looking for is a revocation key. You can generate one in GPG at the same time that you generate your identity key. The method of securing it is up to you. In your example, a simple way would be to encrypt it with the 5 sequential keys. Or you could break the revocation key up into K parts with Shamir’s secret sharing algorithm.
This example assumes that you’re using existing Web of Trust PKI to manage your public keys: https://stackoverflow.com/questions/59664526/how-the-correct-way-to-revoke-gpg-on-key-server#62644875