Fair enough! I toyed with the idea of doing it that way because the systemd component would just reference a single yaml file for each service, which feels portable. That said though, my quadlets as they are are pretty portable too. Thanks for sharing!
Just curious why you chose a kube quadlet instead of the typical podman container quadlets?
Slime mold is so god damn cool man
That’s because they just terminate TLS at their end. Your DNS record is “poisoned” by the orange cloud and their infrastructure answers for you. They happen to have a trusted root CA so they just present one of their own certificates with a SAN that matches your domain and your browser trusts it. Bingo, TLS termination at CF servers. They have it in cleartext then and just re-encrypt it with your origin server if you enforce TLS, but at that point it’s meaningless.
Good callout! You’re absolutely right, and here I was primarily focused on publicly accessible services. Thanks for the addition.
That’s a super valid question, as it seems sometimes that some of these things are configured in a way that begs the question “why?” As far as contributing to documentation, that’s a moot point. This is already in the man pages, and that’s exactly what I referenced in writing this post, in addition to some empirical testing of course. As far as implementation goes, I think that probably lies at a per distribution level, where not one size fits all. Although I don’t know of it off the top of my head, I’m sure there’s a security centric distro out there that implements more of these sandboxing options by default.
Excellent! There’s certainly a lot to unpack, but being able to twist all these little knobs is part of the beauty of Linux.
Very glad to gear it! Learning new stuff with Linux is the fun part of the journey.
Hey, much appreciated!
What… This isn’t true at all.
The primary thing is rather than “dumb” flood routing, you can choose the path your message takes to its destination; as a repeater operator you can also choose the path it takes to repeat out. Its a slight compensation to people carelessly placing infrastructure nodes with poor configurations in poor places. Not perfect, but better. Adoption is much, much lower though, and the licensing is not copyleft.
Meshcore does address some of the biggest shortfalls of Meshtastic, but I absolutely HATE that they’re positioned to either rugpull, or setup a perpetual “freemium” model. It’s also not interoperable, so if Meshcore is to work, it needs the numbers like Meshtastic has.
Yeah, so far the most prevalent thing around my area has been “it’s a hobby for the sake of being a hobby.” No one does anything terribly useful or important with it. I can tell you that I would certainly never rely on it as a form of emergency communication.
I’m not sure you understand what “objectively” actually means… Care to provide your data in support of your objective conclusion?
Ah it’s fine, we know they’ll be totally fine on their own. I mean, they have their own totally reliable, independent electric grid, right?
It’s just an NTP pool. The device is trying to update it’s time. Likely it made many other requests to other servers when this one didn’t work.
Maintaining up to date lists of anything is a game of whack a mole, so you’re always going to get weird results.
If you’re actually unsure, pcap the traffic on your pfsense box and see for yourself. NTP is an unencrypted protocol, so tshark or Wireshark will have no problem telling you all about it.
That said, I’d still agree with the other poster about local integration with home assistant and just block that sucker from the Internet.
Ran into a similar conundrum. We use mealie for recipe management and occasionally meal planning, but the shopping list is clunky. We resorted to just making a list on a card in Planks. Not purpose-built, but it has worked rather well for us.
I don’t know how you got a picture of me, but I demand it is removed!
Potentially, but precision is important, especially if you’re going to make sweeping claims about a topic, acting as an authority.
Oh buddy, let me tell you about amateur radio… If you’re having a good time on gmrs, consider exploring the ham hobby. So much fun. There’s a lot more landscape to explore than just gmrs gives you. And welcome to the world of RF!