-
8 votes
-
Install asdf: One Runtime Manager to Rule All Dev Environments
19 votes -
Atuin - SQLite-based shell history
29 votes -
Routing around a VPN connection in Linux
19 votes -
What is your cloud backup service of choice?
I have been going over services for which I pay monthly in my business. I have 17 clients where I do unattended cloud backups as well as doing a backup that I hold onto myself. Overall I backup...
I have been going over services for which I pay monthly in my business. I have 17 clients where I do unattended cloud backups as well as doing a backup that I hold onto myself. Overall I backup around 4TB of data. I'm looking at possibly changing cloud services as the one I currently use has progressively increased their fees. I understand the need to pay for a good, reliable service as it reflects upon myself , my business and the service I provide but feel there are more competitive companies out there.
None of this is for personal use and many cloud services are just that, personal use. These are all server (Windows and Linux) use cases.
24 votes -
Building my own email system and/or other privacy-first email solutions?
Back in the day I remember setting up squirrelmail + qmail to host my own email as well as for others. And then I got that coveted gmail invite and never really looked back. I've started to get...
Back in the day I remember setting up squirrelmail + qmail to host my own email as well as for others. And then I got that coveted gmail invite and never really looked back.
I've started to get into the mindset of erasing my digital trail, at least for my personal activities, and email seems to be the main one that I need to figure out.
The idea of setting up my own email solution came up again because I wonder how transparent / private services like protonmail and mailbox.org really are.
Any suggestions or insight would be appreciated. Squirrelmail seems to be now defunct, and I am pretty sure the world has changed enough that residential ISPs don't allow running of servers at home anymore. I guess I could setup something on AWS if I had to.
22 votes -
Docker rootless and Watchtower and some general questions about Docker
I finally decided to accepted that my interest in working and playing with computers and servers is worth to spend some money on. So I ditched my old box in the corner and with it all my fights...
I finally decided to accepted that my interest in working and playing with computers and servers is worth to spend some money on. So I ditched my old box in the corner and with it all my fights with my ISP, their NAT, dynamic DNS and all that and got myself a VPS and 1 TB storage solution for less than I would have paid a static IP with my ISP.
Best decicion ever :-)So I'm getting into Docker a bit, just because it's just so easy to get Nextcloud running. I used native Caddy as a reverse proxy, because if I got this "machine" there I will use it for other things as well, so make it right from the beginning. And I used native b.c I did not yet understand bridge/host mode and installing caddy native seems easier.
Then I fought for one day with CIFS and the nextcloud gui to get the semantics right to get my storage solution accepted as external storage.
Then I set up Jellyfin with Docker because why not. As well through caddy.
Then I fucked something up and was like, fuck it, lets start again this time for real :-P
I wiped my VPS clean (chose ubuntu again) set up and hardend ssh + sudo installed Docker, and then I found out about docker rootless and in the docker docs it's mentioned that it is/might be more secure, so I set up docker rootless and installed all the rest again.
And then I was like, hmm, do these Docker Images/Containers update themself? Like snap did?
It seems not, so I looked for a solution and found watchtower. And now I wasted another day trying to get watchtower to run, and I just can not.I tried so many variations of the run command now most recently I tried:
docker run \ --name watchtower \ -v ${DOCKER_SOCKET_PATH}:/var/run/docker.sock \ containrrr/watchtower time="2023-01-20T01:17:41Z" level=error msg="Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?" time="2023-01-20T01:17:41Z" level=info msg="Waiting for the notification goroutine to finish" notify=no
/run/user/1000/docker.sock exists, I own it, i tried connecting to it through docker -e and containrrr/watchtower --host "unix:///run/user/1000/docker.sock"
I dont now what to try more and I'm at my end with my ddg-fu as well.And now while proofreading this, I read everything again and decided to try something again and it just worked...
docker run \ --name watchtower \ -v /run/user/1000/docker.sock:/var/run/docker.sock \ containrrr/watchtower
seems like the environment variable was not set. But I'm shure I tried that before and it did not work... ghost in a machine :-)
So thats where I'm at. I have to say it was a lot of fun and doing and learning all that tingled my brain in a funny way :-)
But now I have some questions for my much more experienced Tildes-friends:
- Do I even need watchtower? because I'm not actually interested to connect to my server regularly to do the updates/maintenance.
- Was switching to docker rootless even a good idea? it seemed so reading the docker installation docs, but just now I read the Archwiki and there it seems it has some heavy security implications, so I made the security situation acutally worse by thinking making it better.
How do I get this watchtower thing to fucking work? (only if I actually need it)
I very much appreciate all further/other advise, tricks, recomendations, questions and discussion as well :-)
4 votes -
The next (monthly, one-month-long) Linux Upskill Challenge starts this Monday
11 votes -
Misinformation about Permissions Policy and FLoC
8 votes -
Protect domains that don’t send email
13 votes -
What AWS services should have been called
8 votes -
I can't make it any clearer. Any advice?
Last Thursday, at my workplace, we rolled out a software upgrade across the company. The server side was upgraded overnight to ensure there was minimal downtime, and we had instructions for users...
Last Thursday, at my workplace, we rolled out a software upgrade across the company. The server side was upgraded overnight to ensure there was minimal downtime, and we had instructions for users posted on our Intranet (pinned to the top for the next 4 days), on exactly what they needed to do to run the upgrade on their PCs and ensure everything was working correctly.
The instructions were written with the help of my 4-year-old to ensure it was clear enough for anyone to read and follow along.
I still received at least 40 messages and emails from people complaining the upgrade didn't work or that certain Outlook plugins are now missing (which was covered in the instructions).
My question is, has anyone found a good way to ensure people follow instructions, or the best way to ensure that your instructions are easy to understand and follow along with?
It is very frustrating to take the time to ensure things go smoothly and write what even my 4-year-old thought was clear instruction, and still have a third of the company not be able to figure it out?
This is not meant to be mean hearted in any way, I genuinely would like some advice or tips on how I can improve on this the next time around.
Thanks.
16 votes -
Sinx for dumb data aggregation
3 votes -
If you’re not using SSH certificates you’re doing SSH wrong
9 votes -
Accidentally Solving Access Point Roaming Issues.
I'm sharing in case some of you are having a similar issue at work or at home, and to hear your opinion and/or similar stories! I've been using Ubiquiti access points in my home for a few years...
I'm sharing in case some of you are having a similar issue at work or at home, and to hear your opinion and/or similar stories!
I've been using Ubiquiti access points in my home for a few years now, and overall, they've worked very well. 3 APs giving near perfect 5GHz VHT80 coverage on DFS channels. LAN transfers are about 600-650mbit on laptops, which has proven to be plenty for wireless clients in my home. Keep in mind that this is a pretty basic setup... besides the APs, there's just the ISP provided GPON ONT which is also a typical all-in-one ISP solution (router, switch, AP, firewall, DHCP server...) with it's Wi-Fi turned off.
As I said, I was pretty happy with the results, however there was one feature that I could never get to work just right; roaming. You could be walking around the house watching a live stream and the stream would pause for 5-8 seconds until the roaming transition was over. Strangely, with VoIP calls, roaming would be about 3-5 seconds. Even enabling fast roaming features (which I believe is simply 802.11r) on the AP's controller would not give the results I was looking for. After days of tweaking TX power settings, channel selection and trying to implement Minimum RSSI (which I ended up not using), I finally gave up and resigned myself to the 4-6 seconds (oh, the humanity) of roaming time.
Fast forward to about two months ago and I added a new router to the setup (UBNT ER-4) and a switch (UBNT USW-24). Setup went smooth, already had some cat.6 cabling around the house, now it was time to actually use it. Had some fun setting up a guest Wi-Fi network on it's own VLAN, which was always a concern of mine; having "untrusted" devices connect to my network. The access points do client isolation on guest networks by default, but in my mind it wasn't enough as I have some file servers and time machines on the network.
Anyways, a few days after doing the setup I'm walking around the house with a livestream on my mobile and suddenly realize that it's not losing the connection. I try with a VoIP call and it worked flawlessly. I start walking around faster and still, the phone is roaming without an issue. I was very excited!
I'm thinking it must be the router that somehow solved the roaming issue. My first theory was that the DHCP server on the ER-4 was doing it's thing much faster than the ISP's device, allowing the wireless clients to actually roam faster. So I do a web search and I find some very relevant info. It was a thread on a forum and reddit thread with a sysadmin that was about to give up on the APs because of roaming issues. In both threads, there were replies about what switch were they using.
Apparently, some switches (Cisco and HP were mentioned), have a "MAC aging" interval setting which is way too high by default, or they simply have bugged firmware that doesn't allow the switch to "re-learn" the MAC address of a device on a different switch port. I assume that ISP provided "el-cheapo" gear has similar issues.
So, if you're having roaming issues with your wireless clients, check your switches!!!
Anyways, just wanted to share this story. Thank you for reading. :-)
10 votes -
What do you think is one thing every sysadmin should know how to do?
Blatantly stealing from the excellent post by /u/judah, I figured I'd make a sysadmin version because sysadmins tend to be underrepresented in tech discussions. Please keep your answers as...
Blatantly stealing from the excellent post by /u/judah, I figured I'd make a sysadmin version because sysadmins tend to be underrepresented in tech discussions. Please keep your answers as cross-platform as possible without being uselessly generic.
I'll start. Realize that the system is going to go down, and accept that reality. Accept failure. How you respond to failure is how people who aren't sysadmins will see and value you.
8 votes -
SRE mastery: Designing and developing for uptime
4 votes -
Consul Connect announcement: simple authorization + encryption mesh
4 votes -
Sysadmin Appreciation Day
Barely half an hour ago, I wrote a comment linking to this entertaining piece and re-discovered this little snippet: Most people don’t even know what sysadmins do, but trust me, if they all took a...
Barely half an hour ago, I wrote a comment linking to this entertaining piece and re-discovered this little snippet:
Most people don’t even know what sysadmins do, but trust me, if they all took a lunch break at the same time they wouldn’t make it to the deli before you ran out of bullets protecting your canned goods from roving bands of mutants.
Having not had a dedicated sysadmin to help me with the myriad of headaches I've had to deal with over the last few months, this has only proven to me to be a truer statement than I had ever realized. Then, out of curiosity, I decided to look into when sysadmin appreciation day was. It turns out that, quite serendipitously, it happens to be today.
So, with that in mind, I thought I would take a moment to remind you all to remind your sysadmins just how much you appreciate them keeping the roving bands of mutants at bay with all that they do. And to those of you who are yourselves sysadmins, keep being awesome :)
29 votes -
Speeding up Zsh and Oh-My-Zsh
7 votes