Share the leak bröther

With the shitshow of the worl rn I bet the majority of people won’t notice a repost beyond a year, maybe even 6 months. So blast us with new-old shitposts

If you live near IKEA, they have a sleek ass 8 bay charger that closes shut and attaches to a wall. And they sell eneloops (in the name of ladas) but they’re from Japan and were (and still likely are) eneloops. And eneloops are the top tier of the rechargeable batteries.

Edit: forgot ikea ships now, usually with a minimum total, but they do ship now

Btw thanks for asking, I’ve got many dullsters to think about

I am loving OIDC giving a single login for all the things I’ve got going, I see it as a near-essential for adding new services!

Read-only is easy! You just need to confine where the writes happen. You use volumes for stuff you want to remember were written and tmpfs for stuff you don’t want to remember. Tmpfs for /tmp if needed, volume for the DB, good to go. It is super useful for security since only what is included in the container can be executed greatly reducing the attack area. No way to introduce a new excutable to the container! (you set noexec for tmpfs/volumes)

I’ve seen difficult setups like a “work directory” where key files, executables, and temp files go. That structure can’t be secured, avoid that. Basically the temp files go in somewhere that’s not a big pile of a “work directory” - like /tmp - and then that structure once again works!

Of course I wouldn’t say no to an LCARS theme either…

Any plans for OIDC and read-only/non-root/no-cap container running?

Peak Star Trek cannon whenever he’s on screen

Hell yes make 2.4 GHz absolutely unusable for your neighbors

All fun and games getting shammmered with your best bitches in the pumpkin field

Then you wake up the next day to find out you bought 9 identical swords last night smh

Where the fuck do you put 9 identical swords? Will you even ever finically recover??

I have a USB drive with the key on it. The primary purpose for LUKS for me is so that drives I replace don’t need to be wiped, so I just leave the USB drive in all the time. Makes it so it boots automatically.

If I lived in a place I owned, I’d stash a rpi somewhere deep and have it do network dropbear automatic unlock to protect the data if the server is nicked. Till then it’s yolo

The smlight slzb-mr2 does both and is PoE - makes it more robust. HA comp goes down? Restarts? USB port change and now the passthrough fails? With an independent LAN coordinator the zigbee network is fine. I don’t have threads stuff (yet) but I assume the same applies.

I’ve had no issues, the Ukrainians already got this solved. Get from Ali express (Ukrainians don’t produce them, they’re busy being bombed)

Extrapolating the doot load should be XXXL

Dooting too hard, it would seem

Get one of those floor scooters at work and fold yourself up to get your max shrimp in🦐🦐🦐🦐🦐🦐

Top tips for MAXXXXing your SHRIMPIN:

• Try curling up shrimp-esque in bed
• Roll on your chair to the grocery store to never break your shrimp streak

Hope they help you achieve your shrimp maxxing goals bb~

I’d def pref the mods to nuke a few extra comments than let the tankies work their way in.

They thrive on being on the edge of acceptable until they can drive a “holdomir didn’t happen, Ukrainians just forgot how to eat” into a community

Edit: that edge of acceptability they skirt to get into communities makes it hard for people to discern if just close or it’s actually proto-tankie-posting

So you don’t need that set up. Moca is well designed to be Omni-directional.

You do need to put a moca filter in that shitass box between the cable that comes from the outside world and whatever hellsplitting is going on in there. That’s to keep your personal moca network inside so peeps can’t snoop (it’s also encrypted) or cause interference elsewhere.

Note that you may need to update your splitters and coax wall keystones to be 1+ GHz friendly for Moca. I found where I am has “black” rings on the coax wall keystones that only did the regular cable freq and Moca failed to work. Replaced with modern “blue” rings that do the Moca freq range. And splitters involved in the routing too.

I have the line in inside, in a panel. It splits 3 ways, and I use that 3 way splitter as a “dumb switch”, replaced with a Moca friendly one. Moca filter between splitter and line in.

I have modem/router in living room, connected to a switch. Switch also connects to a Moca adapter. Computer in bed room, connected to Moca adapter. I get ballin’ 1 Gbps up and down at the same time (within my network of course, real internet speeds are ass

May these facts I typed from memory help you achieve your networking dreams :)

Arch’s design is key for user devices - it gets you the fixes you need now with good enough guard rails that usually it’s all good!

But that’s not the design you want for a 24/7 server that’s likely headless. You want that server to have the security updates and to get them installed asap without worry about stability. Literally for years now I’ve never had unattended upgrades cause any issue, and I’ve taken that system from 11 to 13 now. And I’ll look at in a month (maybe) while it continues to do DNS and serve up vidz

Debian on a laptop would be akin to a skeleton waiting on food/water; you’ll get that fix for sleep in 14 (maybe). It’s workable - just like Arch is workable for a server - but it’s just not the ideal role.

Both designs exist for a reason though, and that’s cause they both have their strengths!

Reading that is wild

Why are you doing Arch on a server? You want to tinker forever and read the update notes like a hawk lest the server implode forever?

Arch isn’t gonna be noticeably leaner than Debian.

Get Debian, install docker and/or podman, set unattended upgrades, and then install Incus if you need VMs or containers down the line. You can stick on ZFS and it’ll be fine, you already have BTRFS for basic mirrors. Install Cockpit and you’ll have a nice GUI. Try not to think you have to fiddle with settings, the maintainers for each package/service have set it so it works for most people (and we’re most people!); you’ll only need to intervene on an handful of package configs. All set and it’s not proprietary.

One of the best uses of encryption is that you can pull drives that die and not have to try to wipe them as they die or smash them. They’re encrypted so it’s just gibberish. Mostly the reason to encrypt.

I auto-unlock with two things: a USB drive I put in the computer that it looks for and another computer on the network that hosts an unlock file. I’m not defending against nation-states or the Gestapo, regular rubes won’t notice the pi zero hidden that hosts the network file. USB drive is for just-in-case so I don’t have to type that long ass password ever.

I didn’t try hard, but I’m not sure how to make auto-unlocking more secure.

I put a tiny NAS in my parents’ house (cheapest ARM synology 2-bay). It backs up their computers (a first, of course, but the photos are safe now!) and my server sends its TBs to there too. Upfront is large because you need to put in two big drives plus a lil NAS. But no $/mo, thanks parents.

For over a few TB Hetzner and the like really hit hard (€21/mo for 10TB at Hetzner storage box). Depends how much disposable income you have/want to ensure data is good. Now-a-days €21/mo is like 1 Disney/Hulu/bullshit, that price is obviously over inflated but it makes you feel less bad about spending it on cold, hard, remote backups of your big ass data.